OPSWAT, which offers critical infrastructure protection (CIP) cybersecurity solutions, released its 2024 Report: Email Security Threats Against Critical Infrastructure Organizations. Research was conducted alongside Osterman Research, and included responses from IT and security leaders working within critical infrastructure industries.
The report noted that 80 percent of organizations experienced an email-related security breach over the past year, while 63 percent acknowledge that their email security approach needs improvement.
“This lax approach from survey respondents emphasizes the need to adopt a zero-trust mindset,” said Yiyi Miao, OPSWAT’s CPO. “The prevalence of email-related breaches poses a significant threat to critical infrastructure organizations, necessitating a shift to a stronger, prevention-based perimeter defense strategy against established communication and data exchange channels.”
Key findings included:
- 80 percent of critical infrastructure entities fell prey to email-related breaches in the past year.
- 48 percent of organizations lack confidence in existing email defense, leaving them vulnerable to cyberattacks.
- 65 percent of organizations are not compliant with regulatory standards, and thus expose themselves to operational and business risk.
Responses also identified a gap in advanced email security capabilities that preclude and prevent threats from reaching users’ inboxes. Essential measures such as content disarm and reconstruction (CDR), URL scanning for malicious signals and anomaly detection are absent in many organizations’ defenses. In response to these critical challenges, OPSWAT reaffirms its commitment to equipping critical infrastructure organizations with cutting-edge, prevention-based cybersecurity solutions.