Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

British industry exposed to e-mail based threats

Forcepoint : 21 May, 2008  (Technical Article)
Research results reveal high levels of complacency and poor e-mail security practices throughout all sectors of UK industry
Research released by Websense highlights that complacency is rife amongst UK employees toward e-mail security, with nearly one third (31%) of respondents stating they were satisfied with their company not fully protecting e-mail as they didn't feel they would be targeted by cybercriminals. The survey also reveals that 35% of respondents said a hacker's gaining access to their computer through an e-mail borne attack would not happen to them, while 72% had a blasé attitude to e-mail spam saying receiving e-mails from a sender they did not recognise was an annoyance rather than a potential security threat.

The "Websense E-mail Security" survey of more than 100 respondents also reveals that UK employees are exposing their company and personal data to potential e-mail borne security threats in the way they deal with spam, including:.

* 40% of respondents open the preview screen to check spam e-mails.
* 33% open an e-mail from an unknown sender before deciding how to handle it.
* 22% open spam e-mails and admit to sometimes clicking on the embedded Web links enclosed in these.
* While losing company confidential information was more of a concern than the risk of a hacking incident, 40% of respondents still thought this was not a risk to them.

Other key survey findings include:.

* Companies leaving staff in the dark: More than half (56%) of respondents said they were left guessing about whether their e-mail was protected or not, with companies failing to send out any communication about the level of e-mail security protection provided.
* Personal Webmail evades protection: When accessing their personal e-mail account at work, 42% of respondents know they are not protected from security attacks launched through personal Webmail.
* Gaps left in e-mail security: The survey highlights potential gaps in the e-mail security provided to employees, with 23% of respondents not protected against malicious code contained within e-mail attachments. The survey reveals a number of grey areas where respondents did not know whether they were protected or not:.

- 18% didn't know whether they were protected against malicious phishing e-mails.
- 21% didn't know their level of protection against other inappropriate or malicious e-mails.
- Just over one quarter (26%) said they were either not protected or did not know whether they were protected against harmless but unwanted spam.

* Responsibility rests with companies: 67% of respondents thought that responsibility for e-mail security should rest with the IT department and 15% considered they should take personal responsibility. Only 8% called for a law to be put in place ensuring protection against e-mail threats at work.
* Lack of trust in e-mail to send sensitive data: The majority of respondents (62%) said they would not choose to send a sensitive or confidential document via e-mail, indicating an apparent lack of trust in e-mail as a secure means of communication. Instead, preferred methods of sending sensitive data include:.

- 22% would print the document in send it by registered or special delivery.
- 15% would opt to send a document using a courier.
- 5% would even choose to send a confidential document using the regular post rather then send electronically.

"Today's security attacks are becoming more targeted and stealthy, with cybercriminals using multiple channels and attack methods to weave their way into an organisation to steal corporate and personal data," said Ross Paul, director of product management, Websense. "This research indicates a knowledge shortfall about e-mail security amongst UK employees. With e-mail threats so sophisticated, organisations that have not taken responsibility for security away from their employees are leaving their company data exposed and employee personal data at risk. Businesses need to ensure they have real-time Web and e-mail security in place combined with robust business processes and proactive staff education, to protect their confidential information and safeguard their employees."
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo