Lack of cyber preparedness hurt SA organisations in 2020

Enterprises faced unprecedented cybersecurity risks in 2020 from increasing attack volume, the pandemic-driven digital transformation of work, and generally deficient cyber preparedness and training.

These are among the findings from Mimecast’s fifth annual “The State of Email Security,” based on a global survey of 1 225 information technology and cybersecurity leaders, and supported by Mimecast’s Threat Centre data, which screens more than 1-billion emails per day.

Eighty-five percent of South African respondents indicated their companies had experienced a business disruption, financial loss or other setback in 2020 due to a lack of cyber preparedness. Respondents identified ransomware as the chief culprit behind these disruptions.

Other insights include:

* 61% of global companies – and 47% of South African ones – indicated they had been impacted by ransomware in 2020, a 20% increase over the number of companies reporting such disruption in last year’s “The State of Email Security” report.

* Fewer organisations in South Africa fell victim to ransomware than in other countries but those that did, experienced considerably more downtime. Companies lost an average of seven working days to system downtime compared to a global average of six, while 44% of South African respondents said downtime lasted one week or more against a global average of 37%.

* More than half (53%) of South African ransomware victims paid threat actor ransom demands, but only three in five (60%) of those were able to recover their data. The remaining two-fifths (40%) never saw their data again, despite paying the ransom.

While ransomware was a big problem for organizations in 2020, it wasn’t the only one. Mimecast’s “The State of Email Security” report also revealed additional threat trends, including:

* A 64% year-over-year increase in global threat volume.

* An increase in email usage in eight out of 10 companies.

* 47% of survey respondents noted they saw an increase in email spoofing activity.

* 72% of companies said they are concerned about the risks posed by archived conversations from collaboration tools.

All of these data points can be attributed to the pandemic: work-from-home increased email and collaboration tool usage, and threat actors sought to capitalise on the new “digital office” with massive waves of Covid-19-related social engineering attacks.

Despite facing an elevated threat volume, the report found that companies aren’t doing well in the area of threat prevention.

In addition to the 85% of South African respondents who indicated a lack of cyber preparedness, other notable findings include:

* 40% of those surveyed said their organisations fall short in one or more critical areas of email security systems, leaving employees open to phishing, malware, business email compromise and other attacks.

* 52% of South African respondents (compared to a global average of 43%) said that employee naiveté about cybersecurity is one of their greatest vulnerabilities, and yet nearly half (46%) conduct cybersecurity awareness training once a quarter or even less frequently.

Given these factors, it’s not surprising that 65% of South African survey respondents believe their business will be harmed by email attacks in the next year. In 2020, only 47% of respondents said they felt this way.