Report: Enterprise Email Security Often Leaves the Door Open to Attacks
A new report from the tech firm BitDam finds that the two most prominent enterprise email providers struggle with both detecting new malware and blocking it.
You may have software on your servers or your employees’ machines that is designed to catch malware hitting their inboxes. But by no means should you assume that’s the case anymore.
These tools often have significant blind spots that fail to detect problems immediately, according to a new report from the digital security firm BitDam. Unknown Threats: The Achilles Heel of Email Security [registration] reports that major enterprise email tools have a “miss rate” as high as 40 percent when an attack first hits, and can take up to 48 hours to defend against such an attack from the time it’s first detected.
“This detection gap means that enterprises are continually unprotected against unknown threats, allowing successful ransomware, phishing, and data breaches,” the company states in the report. “We describe the root cause of this inherent limitation of email security systems and suggest threat-agnostic protection technologies (that do not require knowledge about threats) as an effective remedy.”
In an analysis of the two primary enterprise email platforms, Office 365 and G Suite Enterprise, BitDam found that Microsoft’s platform was less likely to miss the exploit message, at an average rate of 23 percent, versus 35.5 percent for Google’s suite. However, G Suite tended to detect the problem more quickly, on average—at 26.4 hours, versus 48 hours for Office 365.
While 23 is less than 35.5 and 26.4 is less than 48, the report makes the case that any delay lasting a day or longer is too much. BitDam also notes that there’s often a high risk of mutation in malware that makes automated tools less trustworthy in fighting off such attacks, as the tools generally look for known threats, rather than ever-evolving risks that make up the current digital landscape.
“As these products rely on threat data for detection, a significant increase in the numbers of unknown threats may impair their efficacy,” the report adds.
(mitay20/iStock/Getty Images Plus)