Proofpoint, Inc. (NASDAQ: PFPT), a leading security-as-a-service provider, recently announced findings from a survey of security IT enterprise decision makers, about email and information security trends.
“The findings from our June 2012 survey reinforce what many industry analysts and security experts have already noted — that targeted attacks against large organizations are extremely common and surprisingly effective in compromising user credentials and corporate IT systems,” said David Knight, executive vice president of product management for Proofpoint.
This slideshow features key findings from the survey.
Click through for findings from an email security survey conducted by Proofpoint, Inc.
Half of all respondents (51 percent) believe that, in the past year, their organization was targeted by a phishing email designed specifically to compromise their own users. Another 31 percent do not believe they were the target of such an attack and 18 percent reported they did not know.
Among organizations with 1,000 or more email users, more than half of respondents (56 percent) believe their organizations were targeted by a spear phishing attack. Another 27 percent do not believe they were the target of a spear phishing attack and 17 percent reported they did not know. Comparatively, organizations with fewer than 1,000 email users (125 survey respondents) reported fewer spear phishing attacks – 42 percent believe they had been targeted, 39 percent did not and 19 percent didn’t know.
More than one third (34 percent) of respondents who reported experiencing a spear phishing attack in the past year (17 percent of all respondents) believe that attack resulted in the compromise of user login credentials (e.g., usernames/passwords) or unauthorized access to corporate IT systems.
Asked which of five risk vectors — outbound corporate email, social media, lost or stolen mobile devices, and online file sharing/collaboration and short messaging services — they felt posed the greatest risk of data loss to their organizations, respondents chose outbound email by a small margin. Results are as follows:
- Twenty-two percent feel outbound email sent from their organizations is the greatest source of data loss risk
- Nineteen percent feel that online file sharing/collaboration solutions (e.g., services such Dropbox, Box and others) are the greatest source of data loss risk
- Eighteen percent feel lost or stolen mobile devices are the greatest source of data loss risk
- Seventeen percent feel postings to social media sites (e.g., Facebook, LinkedIn) represent the greatest source of data loss risk
- Three percent feel that short messaging services (e.g., Twitter, SMS text messaging) are the greatest source of data loss
- Twenty-one percent of respondents say they “don’t know” which vector poses the most risk
