Email security research: why the gap between risk and protection is growing

Libraesva email security research report

Libraesva’s 2024 email security research report shows that – despite experiencing increasing email attacks – US CISOs, security and IT professionals aren’t prioritizing email sufficiently in their cyber security strategies. There are alarming gaps that need to be plugged in terms of budget, resource, and technology.

Email security is business-critical, especially as cyber-attacks by bad actors continue to increase in volume and complexity. Yet, our study found that not only are US businesses vulnerable to established email threats, they are also unprepared for the wave of advancing AI-generated attacks. Globally, all organizations should be acting now to shore up their email security defenses, or risk damage from ever-growing cyber threats.

  • In our 2024 study Email Security: The Reality Gap 88% of the US IT and security professionals surveyed reported that their organization had experienced a successful attack in Q1 2024, with email attacks showing the biggest increase.
  • Yet over half (55%) of respondents are not prioritizing email as a cyber security risk.

74% of CISOs, security and IT professionals surveyed said their organization struggles to keep pace with security threats

Libraesva - The Reality Gap

Email security budgets are decreasing in real terms:

  • 51% of respondents said their organization’s budgets for email security for last year stayed the same or decreased

The talent gap is still a problem:

  • 64% said that lack of email security skills in their organization is leaving them vulnerable to cyber threats
  • 63% said that email security resource is understaffed in their organization
  • 62% said their organizations lacked the right skills
  • 55% agreed that they faced challenges in finding the talent to deal with evolving email threats

Less than half of businesses have confidence in their email security:

  • 43% of respondents said they were confident that their email security protects against data leaks
  • 42% were confident that their email security would defend against malware and spam
  • 38% were confident it would defend against malicious URLs and dangerous attachments
  • 36% were confident it would defend against phishing, spear phishing and whaling
  • 35% were confident it would defend against threats from ransomware

AI is a huge concern (and if it isn’t, it should be):

  • 23% of respondents said they were concerned about AI attacks
  • 71% lacked confidence that their current email security system could defend against AI attacks

The good news is that while AI may be a problem, it can also be the solution. With the power of AI, email security solutions become adaptive and proactive, constantly improving to stay one step ahead of emerging threats. At a time when cyber security teams are understaffed, overstretched, and under-resourced, the watchful eye of AI will prove vital in closing the email security gap that is currently leaving companies dangerously exposed.

For the complete report and insights into what’s happening, why, and what can be done to improve the situation, download your copy of Email Security: The Reality Gap!

Get Libraesva’s Research