Email Is Not The Only Channel Open To Attack: Study

B2B marketing teams could well be disrupted by a change within companies: Email is no longer the top communications tool, according to The Freedom to Communicate and Collaboration: Challenges in Securing an Overabundance of Tools study by Abnormal Security, conducted by Enterprise Strategy Group (ESG). 

Of the companies polled, 47% are using six to 10 communications channels at once. 

The top three communications tools are: 

  • Video conferencing — 80% 
  • Email — 77%
  • Messaging — 71%
  • File sharing/cloud storage — 64% 
  • Shared calendaring — 64% 
  • Application-specific workflow communications — 46%
  • Shared project management — 35% 
  • Shared whiteboarding — 33% 

Email is still up there, and can still be used for reaching out to customers although they may be busy in other channels.  

However, the purpose of this study is not to analyze marketing trends — it is to report on security levels. 

For instance, it found that more than two-thirds of companies are concerned that bad actors are using communication and collaboration channels beyond email to evade security controls.

On the positive side, companies are focused on strengthening all communications channels collectively, including email, the study states. 

For instance, 27% consider this bolstering a top priority, and 56% consider it a high priority. These firms have “budget allocated and resources assigned to implement additional security measures,” the study says.

“The rise of additional cloud-based communication and collaboration channels provides new opportunities for socially-engineered attacks to evade traditional security controls,” says Dave Gruber, principal analyst at ESG. “Most are the same types of attacks that were previously targeted at email, creating an opportunity to extend and leverage proven email security controls with an expanded view across multiple channels.”

According to the respondents, the worrisome forms of attack are:

  • Ransomware — 38%
  • Phishing — 37%
  • Malware deployment — 34% 
  • Spam — 23%
  • Data leakage/exposure of sensitive data — 22%
  • Credential theft — 21%
  • Attacks leveraging social engineering — 20% 
  • Executive impersonation — 20%
  • Business email compromise (BEC) attacks — 18%
  • Attacks from compromised third parties — 18%
  • Lateral movement of threats internally — 16%
  • Reconnaissance activities — 15%

ESG surveyed 490 IT and cybersecurity professionals from February 14-28, 2023. 

 

 

Next story loading loading..