A new report by Cyren and Osterman Research highlights the growing concern of security managers regarding the time it takes to respond to and remediate email threats. The study reveals that organizations spend an average of 3,850 hours per year cleaning up compromises caused by email-borne attacks, not including the time spent investigating suspicious messages and removing confirmed threats from mailboxes to avoid additional compromises.

Despite investments in secure email gateways and user security awareness training, bad actors use social engineering emails to breach organizations’ defenses. The resulting attack remediation requires 175 hours to resolve each breach. Compromised Office 365 login credentials are the most common breach type.

The report reveals that the number of breaches caused by emails has increased compared to the previous Osterman Research survey, despite a greater number of cybersecurity staff per 1,000 email users.

The inability to prevent scams, business email compromise, and ransomware via email and the ensuing time and effort to investigate and respond to threats is a top concern for IT and cybersecurity leaders. The report recommends that organizations improve their defenses against email-borne threats and invest in email security solutions to prevent data breaches.

It is important to note that preventing email-based threats is not only the responsibility of the organization’s IT and cybersecurity departments. Employees must also be educated on identifying and reporting suspicious emails to minimize the risks of a successful attack. By taking proactive measures to prevent email-based threats, organizations can save time and resources while protecting themselves from malicious actors seeking to exploit vulnerabilities in their defenses.