Shocking Study: Our Email Is A Whole Lot Less Secure Than Most People Think
If you were offered a bulletproof vest that protects you from only the second bullet – would you take it? The answer, most likely, is “Absolutely not”!
Yet when it comes to emails, that’s exactly what the vast majority of people sign up for when they trust common email security solutions. Malware, Phishing, Ransomware and by extension Data Breaches are able to breeze through these security solutions – essentially meaning that the vast majority of organizations are leaving their security to chance, hoping they won’t be attacked next.
Finally, and for the first time, it’s confirmed by empirical research. In this groundbreaking study, our latest published findings demonstrate that it’s worse than most people thought: up to 40% of malicious emails get through common security solutions.
Why is this? It’s primarily due to how these common security solutions work.
Why Security Solutions Miss So Much
Dealing with known threats is relatively easy. Most products are built and maintained to handle them. It’s threats that are encountered for the first time, or Unknown Threats, that pose the greatest challenge.
Traditional email security solutions have to first encounter these threats, then analyze them, validate that they are indeed a threat, then classify them and only then can they recognize and stop the threat.
In the meantime, these malicious emails are hitting your inbox and those of coworkers and employees. In fact, we found that the length of time it takes until these threats are actually detected – the Time To Detect, or TTD – is 24-48 hours on average, and often a lot longer. Not very helpful, in fact completely useless when it comes to this vital area of your security.
It gets worse: these threats are now being automated to constantly mutate in order to evade security systems. As soon as the system has learned to defend against one threat, it’s cousin has already evolved to evade those same checks.
What To Expect In The Study
In the study, you’ll find how common email security systems, such as Microsoft’s Office 365 ATP, G-Suite Enterprise and others, have a high miss rate of between 20% and 40% for unknown threats at first encounter.
What’s more, we show how these systems take between 24 to 28 hours to start protecting against the threats they first missed. This Detection Gap means that enterprises are continually unprotected against unknown threats.
Most importantly, we’ll show what you can do to protect yourself.
Some of the key findings over the period of the study include:
Microsoft Office 365
- Microsoft Office miss rate is around 23%
- Average TTD is 48 hours
- Around 20% of unknown threats take 4 days or more to be detected
Google G Suite Enterprise
- Google G Suite Enterprise’s miss rate is around 35%
- Average TTD is around 26 hours
- Around 10% of unknown threats take 3 days or more to be detected
Following The Study and Staying Protected
Since data-driven threat detection technologies fail to provide protection against unknown threats due to their inherent dependency on data, they must be augmented by a different technological approach in order to provide better email security.
The BitDam solution is built on top of a unique threat-agnostic detection engine. BitDam’s model-driven threat detection technology at the heart of BitDam ATP allows it to reach extremely high detection rates for unknown threats at first encounter.
Its TTD is zero, so full protection power is available at all times.
BitDam is able to correctly identify all the unknown threats missed by the email security products in this study, making BitDam a natural choice for augmenting current email security products and considerably reducing the risk customers face today from their incoming email.
For more data and insights, and to learn about staying protected against Unknown Threats, visit this page and download the full study.