5 Essential Insights from ESG’s Report on Protecting Communications

Email has long been the preferred method of business communication, but as technology has advanced and the world has shifted to hybrid work, the number of ways to communicate has grown exponentially. Most organizations now use digital communication methods beyond email, including cloud-based collaboration tools, which provide better efficiency in distributed work environments.

There is little denying that these collaboration tools, like Slack, Microsoft Teams, and Zoom, offer a slew of benefits. But they also open the door for bad actors to deploy new and invasive attacks. By engaging with users through social engineering tactics, attackers can evade automated controls and extend phishing, business email compromise (BEC), credential theft, and other email attacks beyond just email.

ESG recently dove into this problem with a survey of nearly 500 IT and cybersecurity professionals. The ESG Survey: The Freedom to Communicate and Collaborate is a third-party analysis commissioned by Abnormal Security and conducted by Enterprise Strategy Group (ESG) which identifies key challenges, objectives, and security risks present across collaborative cloud applications. Here you’ll find a few of the most significant insights from the survey and how leaders are thinking about security decisions across major organizations.

Electronic collaboration tools have become a cornerstone of the distributed work model, for both internal and external communication. In addition to email, organizations depend on many tools to provide efficient workflows, such as video conferencing and file-sharing technologies. Thus, the use of multiple collaboration tools has become commonplace.

47% of respondents are currently using from 6 to 10 communication and collaboration tools, and 35% of respondents are using 11 or more. Among these tools, video conferencing, email, and messaging are the most commonly sanctioned.

The increased adoption of collaborative tools also provides bad actors with more attack opportunities. Socially-engineered attacks have become a commonplace occurrence, but as organizations implement more effective email security, cybercriminals are turning to other applications. In fact, more than half of survey respondents said they’re experiencing daily or weekly attacks involving their extended communications apps.

When it comes to threats, ransomware is a top concern for communication and collaboration tools, along with the ongoing array of phishing and malware-based attacks. 38% of respondents cited ransomware as the most concerning type of threat that leverages communication and collaboration mechanisms, but phishing and impersonation were also of concern. These concerns are similar to those surrounding email communications, which showcases how these email-like applications are susceptible to the same threat as email itself.

While threat actors are exploring new avenues for deploying social engineering tactics, and security leaders are starting to think of how to best protect against those emerging attacks, it doesn’t look like they’re backing off of email anytime soon. According to the ESG survey, nearly 40% of respondents believe that email is still their most vulnerable communication channel before collaborative applications.

38% of respondents cited email as their most vulnerable communication channel. File sharing and messaging applications round out the top three.

The good news is that organizations are focused on strengthening all communication and collaboration channels collectively, including email. More than a quarter consider strengthening security controls across multiple communication and collaboration channels their top priority, with more than half classifying it as a high priority.

83% of respondents said communication and collaboration security is either a high or top priority for their organization.

So how do you do that? At Abnormal, we recently expanded our behavioral AI-based email security platform to provide additional protection across the most popular collaboration apps used today. When attackers target connected email-like applications such as Slack, Microsoft Teams, and Zoom, Abnormal recognizes malicious messages and compromised accounts.

The platform provides insights in the same portal so security teams can see the full scope of the risk and take downstream action. With Abnormal, your organization can stay one step ahead of new and advanced threats, ensuring all of your communication and collaboration channels are secure.

Download your copy of the ESG Survey to learn more about the latest trends shaping communication and collaboration application security.

Interested in learning more about how Abnormal can protect your collaboration apps?