Email security trends

Proofpoint announced findings from a survey of 122 RSA Conference 2010 attendees, conducted at its exposition booth, about email security trends.

Key findings from the survey include:

Spear phishing continues to be a significant security issue
Nearly half of respondents (48%) believe that, in the past year, their organization was targeted by a phishing email designed specifically to compromise their own users. While 27% of respondents do not believe they were targeted by such an attack, 25% said they were “not sure.”

Adoption of email encryption technology increases
The majority of respondents (59%) say that their organization has already deployed an email encryption solution. Another 19% say that they intend to deploy email encryption in the future, with most respondents saying that they intend to deploy within the next year.

Adoption of email encryption technology has been steadily increasing over time. In a Proofpoint study from June 2009, 43% of organizations said that they had deployed an email encryption solution.

Effectiveness still the top criterion when selecting email security solutions
43% of respondents said that “effectiveness/accuracy” was the most important factor when selecting an email security solution, while 20% said that “ease of administration” was most important.

16% said “cost of solution” was most important. 11% selected choice of “deployment method (e.g., SaaS versus appliance)”, while just 6% cited “vendor brand/reputation” as the most important decision factor.

Uncaught spam and phishing emails top email annoyances list
Asked about the “most annoying” types of email, 39% of respondents cited spam that gets through their organization’s filter as their top email annoyance. 27% said the same of uncaught phishing emails.

But for a third of respondents, various types of legitimate email were the most annoying. 15% of respondents cited legitimate email newsletters and marketing emails that are sent too frequently as their top annoyance. 10% said legitimate emails from coworkers or business contacts that “I just don’t have time to answer” were most annoying. 7% cited social media notifications and other types of legitimate, but non-essential, email messages as most annoying.

Survey participants submitted their answers electronically at the Proofpoint booth. Half of respondents were from organizations with 2000 or more email users. More than three quarters of respondents held security or other technical job titles, while less than one quarter held legal, compliance or other non-IT roles.