Report: Orgs spend 3,850 hours annually cleaning up email-based cyberattacks

Security managers are most concerned with the time it takes to respond to and remediate email threats. According to a new report by Cyren and Osterman Research, organizations are spending an average of 3,850 hours per year cleaning up compromises caused by email-borne attacks. This figure does not include the time spent investigating suspicious messages and removing confirmed threats from mailboxes to avoid additional compromises.

The study confirms that, despite investments in secure email gateways and user security awareness training, bad actors continue to use social engineering emails to breach organizations’ defenses. The resulting attack remediation requires 175 hours to resolve each breach, and the most common breach type is compromised Office 365 login credentials (account takeover).

However, this effort does not include the time spent investigating suspicious message alerts submitted by users and trying to remove confirmed threats from mailboxes before a distracted user falls for the scam. The inability to prevent scams, business email compromise and ransomware via email, and the ensuring time and effort to investigate and respond to threats, is a top concern for IT and cybersecurity leaders.

Most surprising is that the number of breaches caused by emails has increased compared to the previous Osterman Research survey, despite a greater number of cybersecurity staff per 1,000 email users (17 in 2022 compared to 2 in 2019).

The report includes responses regarding organizations’ defenses against and responding to threats and compromises caused by malicious emails delivered to Microsoft 365 users. Osterman Research surveyed 226 organizations during February 2022 using a combination of online and telephone surveying. Respondents represent organizations across industries in the United States and the United Kingdom with an average of 3,862 employees.

Read the full report by Cyren and Osterman Research.