95% of IT leaders say data is at risk over email — Egress

The Egress Data Loss Prevention Report 2021 found email to contain prominent risk when it comes to client and customer data security, with 83% of organisations having experienced email data breaches.

As workforces operated remotely over the past year, they became increasingly reliant on digital communication methods, including email, instant messaging and video calls.

Since the start of the Covid-19 pandemic, 85% of employees reported sending more emails, while 80% said they use email to communicate confidential information, which increases the surface area for risk when it comes to an outbound email data breach.

While 60% of employees are working in environments where distractions and interruptions are commonplace, such as shared home offices and communal spaces, 59% of IT leaders acknowledged that they have seen data leakage via email rise since employees started working from home.

Security risks brought about by remote working has also been compounded by the blurring of work and home life; 73% of employees said they access work emails outside of their contracted working hours, and 24% reported that they are normally doing something else at the same time.

Additonally, stress and tiredness have been factors in human error, and 24% of email data breach incidents were found to be caused by an employee sharing data by mistake.

Strangers in your inbox: safeguarding against business email compromise

Tim Callan, Senior Fellow at Sectigo, explains to Information Age how to safeguard against business email compromise. Read here

Legacy solutions proving insufficient

79% of IT leaders stated that they have deployed static email DLP solutions to mitigate risk, but that same amount reported experiencing difficulties resulting from their use.

Also, their effectiveness was found to be limited, with 42% of IT leader respondents saying that half of all incidents won’t be detected by the DLP tools they have in place.

“It’s clear to see that legacy DLP tools are no longer fit for purpose; they’re difficult to use and because they can’t take people’s behaviour into consideration, and they’re limited in their ability to mitigate the rising tide of email data breaches in this new world of remote working,” said Tony Pepper, CEO of Egress.

“Many employees continue to work in challenging environments, and the lines between work and home life have been well and truly blurred. All of this contributes to the likelihood that a costly mistake might be made.

“Organisations must be aware of the new environment of risk that has been created by the working conditions brought about by the pandemic, and utilise advances in machine learning to give employees a safety net that can detect when they’re about to cause a data breach and prevent these incidents before they happen.”

500 IT leaders and 3,000 remote-working employees in the UK and US were surveyed by Egress, alongside Arlington Research. Respondents worked across vertical sectors including financial services, healthcare and legal.

More information on the research from Egress can be found here.

Avatar photo

Aaron Hurst

Aaron Hurst is Information Age's senior reporter, providing news and features around the hottest trends across the tech industry.