The Art of Defense: Security and Microsoft Exchange Online
PowerPoint Presentation The Art of Defense: Security and Microsoft Exchange Online Â©2015 Osterman Research, Inc. Phishing is a Critical Issue 45% of decision makers and influencers consider phishing attacks to be a serious or very concern 44% are this concerned about employees clicking on links within email that will download malware 39% are this concerned about breaches of sensitive customer data 37% are this concerned about breaches of sensitive internal data Phishing is the single greatest threat to any organization because the potential losses of finances or data are so enormous. Â©2015 Osterman Research, Inc. The breach of 40 million customersâ information at Target began with a single phishing email to an HVAC contractor. Â©2015 Osterman Research, Inc. What Happened During the Past 12 Months? Â©2015 Osterman Research, Inc. During the past 12 months, the average organization has been infiltrated by malware or been the victim of a hacking incident 16.5 times because an employee clicked on a phishing link or attachment. Â©2015 Osterman Research, Inc. Security is Not Improving as it Should Be Phishing For 46% of organizations, the problem is not getting better over time For 33%, itâs getting worse Malware blocking For 48%, the problem is not getting better over time For 13%, itâs getting worse Web threats blocking For 51%, the problem is not getting better over time For 13%, itâs getting worse Security customers are making major investments in security solutions that are just not working as effectively as they should, particularly for phishing. Â©2015 Osterman Research, Inc. Why is the Phishing Problem Getting Worse? Cybercriminals are smart and well funded Users are not sufficiently skeptical about content they receive in email and through other channels Users are not well trained about watching for phishing attempts Only 22% of decision makers and influencers feel that their organizations are âgoodâ or âexcellentâ when it comes to training end users on detecting and dealing with phishing threats One in eight employees is never trained on security awareness Anti-phishing solutions are inadequate Only 28% rate their organizations âgoodâ or âexcellentâ for eliminating phishing attempts before they reach end users Lack of separation of phishing emails from other quarantined content Â©2015 Osterman Research, Inc. On a scale of 0 to 100, decision makers and influencers give their organizations an average of â50â in terms of how confident they are that employees will not click on a phishing link or attachment. Â©2015 Osterman Research, Inc. The Growing Impact of Office 365 Â©2015 Osterman Research, Inc. Plans for Migrating to Office 365 Among organizations that have not ruled out a migration to Office 365 Â©2015 Osterman Research, Inc. Environments Will Not be Simple Small organizations can migrate to Office 365 without many problems Mid-sized and large organizations cannot Many organizations will need to maintain hybrid environments of on-premises Exchange and Office 365 Legacy applications Legacy systems that rely on email for content transport Email-generating applications Regulatory obligations Legal obligations Bandwidth efficiency Larger organizations will need to maintain hybrid environments that are not easily integrated, and for which security will be much more difficult. Â©2015 Osterman Research, Inc. Important Questions to Ask How vulnerable is our organization to phishing attempts? How will we train employees about phishing as the first line of defense to deal with this threat? Will the security capabilities in Office 365 be sufficient to stop phishing and other security threats? How will security and, in particular, anti-phishing capabilities be implemented in hybrid Office 365/Exchange environments? Â©2015 Osterman Research, Inc. Osterman Research, Inc. +1 253 630 5839 +1 206 905 1010 firstname.lastname@example.org www.ostermanresearch.com ostermanresearch.wordpress.com mosterman For More Information Â©2015 Osterman Research, Inc.