Business email threat report 2016: Email security uncovered

This global research study shows that while 64 per cent of businesses regard email as a major cyber-security threat to their business, 65 per cent don’t feel fully equipped to defend themselves against these attacks.

This survey of 600 IT security professionals by the email security, continuity and archiving cloud company Mimecast reveals low levels of preparedness against data breaches.


  • The top 20 per cent of organizations that feel most secure are 250 per cent more likely to see email as their biggest vulnerability. 
  • Confident IT security managers are 2.7 times more likely to have a C-suite that is extremely or very engaged in email security. They are also 1.6 times more likely to see C-suite involvement in email security as extremely or very appropriate. 
  • The least confident IT security managers are more likely to be using Microsoft’s Exchange Server 2010, which lost mainstream support in January 2015. The most confident managers are more likely to use the up-to-date Exchange Server 2013. 
  • 70 per cent of IT professionals that have recently and directly experienced an email hack employ internal safeguards, such as data leak prevention or targeted threat protection. 
  • Apprehensive IT security professionals are more likely to be in smaller firms (fewer than 500 employees) than larger ones (32 per cent to 18 per cent, respectively). 
  • Less than half (48 per cent) of IT security managers in smaller firms feel confident and well-prepared for tackling email security threats, compared to larger companies.