Seventy-nine percent of organisations in Asia Pacific (APAC) believe that poor employee behaviour is a greater email security concern than inadequate tools (21 percent), according to a study sponsored by Barracuda Networks, Inc., a provider of cloud-enabled security and data protection solutions. This highlights the need for organisations to include employee awareness and training as part of their email security strategy.
The global study of more than 630 professionals responsible for IT security was conducted by Dimensional Research, to better understand the email security approach of today’s organisations. APAC respondents indicated that their organisation would benefit from additional email security capabilities, with phishing simulation (60 percent), social engineering detection (58 percent), email encryption (66 percent) and data loss prevention (75 percent) leading the way in terms of capabilities valued.
All respondents from APAC have good intentions and believe end-user training and awareness are important; however, only 79 percent provide training for their employees. It was also reported that larger organisations (over 1,000 employees) are more likely to train their employees.
When asked what approaches would work best, 60 percent of respondents from APAC cited regularly scheduled modules that can be done at an employee’s convenience, followed by customised examples relevant to departments and roles (55 percent) and unscheduled simulations of typical attacks (40 percent).
More specifically in Malaysia, Malaysia Computer Emergency Response Team (MyCERT) has received 2,713 reports between January and May 2018 based on general incident classifications which include harassment, fraud, intrusion, intrusion attempts and malicious codes which were based on emails received by individuals.