Mimecast, an advanced email and collaboration security company, has released first of its kind research, that explores the state of the collaboration tools market in relation to cybersecurity.
Collaboration Security: Risks and Realities of the Modern Work Surface reveals that Australian businesses are failing to provide dedicated training on collaboration tools, even though almost all (96%) have experienced a threat via their chosen tools.
The research is based on responses from over 500 employees and 100 Australian cybersecurity decision makers across a range of sectors, and gauges their understanding and conduct related to collaboration tool security within their organisations.
The survey found that cyber decision makers are overconfident in the readiness of their organisations to combat cyberattacks via collaboration tools. 88% of those surveyed felt their organisation had effectively communicated the security vulnerabilities of collaboration tools to their employees. This directly contradicts the fact that 38% claim they have not received any collaboration tools security training, and only 9% say they have received dedicated training separate from the wider cybersecurity training offered by their organisation.
Furthermore, decision makers are not monitoring how employees utilise collaboration tools, in order to protect against threats. Only 30% monitor employee use of collaboration tools at least once a month – against a global average of 46%.
Since they are not specifically trained or monitored, almost a third (31%) of employees do not see themselves directly responsible for cybersecurity breaches via collaboration tools on their devices.
This means employees are more likely to let their guard down when using business collaboration tools. According to the Mimecast research, employees are 13% less likely to check the legitimacy of attachment file names or URL links in private messages on collaboration tools than those on email. Employees are at their most vulnerable when receiving a message from their line manager, with nearly two thirds (62%) likely to click on a link to an unfamiliar website or source if it’s from someone they report in to.
Even though cyber decision makers believe their organisations are well-equipped to combat collaboration tool-related cyberattacks, almost all (96%) of Australian organisations surveyed have experienced a threat via them. The most prevalent attacks are malware (67%), phishing (53%) and credential harvesting (37%).
The largest impacts of these cyberattacks on the business, include loss of company data (53%), loss of potential customers (44%), damaged company reputation (42%) and disruption to regular operations (42%).
In addition, the financial cost of these attacks on organisations is significant with the average total being over half a million dollars (AU$901,088). Nine per cent of those surveyed estimate the total cost of collaboration tools-related attacks in the past year was over $1 million.
Garrett O’Hara, Director of Engineering at Mimecast commented; “As collaboration tools become an increasingly complex and growing threat vector, employee and decision maker overconfidence will place Australian organisations at even greater risk. Without dedicated training or monitoring, risky behaviour on these tools is less likely to be picked up.
“This is where IT decision makers have a vital role to play in securing these platforms and providing their employees with specific collaboration security training to protect their data. Educating employees about the security implications will ensure they are careful about what they click on or share via these tools. This will help organisations to reduce cyber risk and cost, all while training employees to truly be part of their collaboration security fabric, and ensuring they’re able to work protected.”.
For further information, or to read the full Collaboration Security: Risks and Realities of the Modern Work Surfacereport, please visit: Collaboration Security: risks and realities of the modern work surface (mimecast.com).