Email Security Risk Remains High

Tony MasonCyber Security, Data Protection, Email Security

Outbound Email Security

A recent email security survey by Egress highlighted that outbound email is a source of breaches for almost every organisation.

91% of the surveyed cybersecurity leaders stated that their organisaton had experienced security incidents by outbound email data loss within Microsoft 365 in the last 12 months.

Causes of Outbound Email Security Incidents

Overall, these incidents were the result of employees breaking the rules or making mistakes while simply trying to get their jobs done. The top 3 causes were:

  1. Exfiltration of data for work purposes (sending data to personal accounts)
  2. Accidentally sending emails and files to an incorrect recipient
  3. Exfiltrating data for personal gain (taking data to a new job)

This is similar to 2022, but the negative impact on an organisation has gone up 8%.

There also remains a significant risk of internal breaches of confidentiality within an organisation.  Of the 76% that enforce information barriers internally, half (51%) have had them breached. Over half had to cease operations while they investigated the incidents.

Cybersecurity leaders reported intentional rule breaking as the top cause of outbound incidents.  However, on analysis of data in the Egress platform, Egress can see that it’s actually human error.  The reason cybersecurity leaders don’t know this is because they don’t have visibility and these type of mistakes very often will go unreported and will pass under the radar.

In order to quantify an organisation’s risk, you need visibility into the human risk.

Microsoft’s Security Control

88% of respondents said they were concerned about Microsoft’s security controls, the top outbound concern was being ineffective at stopping employees from accidentally emailing the wrong person, or with the wrong file attached.

Outbound email security remains a manual process driven by administrators.  94% use static email DLP rules & 51% are reliant on reviewing audit logs to detect breaches. To make these rules work takes a lot of admin time & rules need to be altered to make them usable. Outlook Autocomplete is seen as the culprit for most misdirected emails, but only 20% have dared to turn it off.

Supply Chain & Customers

82% of Cybersecurity leaders enforce email security requirements with their supply chain, with anti-phishing technology as the most requested defence (64%). Data loss prevention, however, is hot on its heels, with 56% of Cybersecurity leaders enforcing this with suppliers.

On the other end, 69% of respondents advised that they have seen an increase in customers requesting email DLP to be enforced.


In order to quantify and manage an organisation’s risk, Cybersecurity leaders and Data Protection Officers need to have better visibility into the human risk.

They need to know when someone is sending an email to the wrong person, or attaching confidential data to the wrong email or a personal email.  Plus, they need a solution that isn’t reliant on static rules, that are labour intensive to manage.

Check here for more information on Egress Prevent.

Read here for the full Email Security Risk report.