Expert Reaction On ICO Data Shows Misdirected Email Is A 44% Bigger Risk Than Phishing Attacks

By   ISBuzz Team
Writer , Information Security Buzz | Oct 20, 2020 05:38 am PST

The ICO has updated its data security trends – and misdirected emails continue to top the list of named incidents, with them being a 44% bigger risk than phishing attacks.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Tony Pepper
Tony Pepper , CEO
October 20, 2020 1:51 pm

“Misdirected emails are the UK’s number one cause of reported security incidents – so it comes as no surprise that they once again top the ICO’s list for reported data security incidents in Q1 2020. However, what may come as a shock to many is the sheer scale of the problem with the ICO’s data revealing it to be a 44% bigger risk than phishing attacks.

Everyone has access to email and while organisations often focus their efforts on defending inbound attacks like phishing and other malware, the reality is that human-activated outbound email risk is the major cause of security incidents. I have no doubt that when the ICO reveals its statistics for Q2 2020 remote working during the COVID-19 lockdown will only have amplified the number of misdirected emails as organisations reliance on email as a critical communication tool during this period will have exacerbated the problem.

What is potentially more concerning is that the true size of the misdirected email issue could be even more damning than is conveyed by the ICO’s data. Our recent research showed that 62% of organisations rely on people to report outbound email data breaches (including, sender, recipients, and colleagues). This is an incredibly risky strategy, as many individuals will not have reported incidents at all because they’re unaware they’ve happened or due to fear of repercussions.

What remains clear is that it is up to organisations to get on the front foot with solving this problem, looking to intelligent email security that uses the latest in contextual machine learning to detect mistakes and prevent breaches before they happen – enabling employees to work both more productively and securely.

Last edited 3 years ago by Tony Pepper

Recent Posts

Would love your thoughts, please comment.x