Companies can achieve more than US$11M in savings on average in their phishing incident response, says new Agari report
Agari drives efficiencies in security operations centres for Fortune 1000 companies
FOSTER CITY, California and LONDON, Nov. 1, 2019 /PRNewswire/ -- When an accounts payable manager at a South Carolina-based company fell for an email scam containing a vendor invoice worth over US$1 million, she was promptly fired.
This real-world example is more common than not these days. Employees are scared. Why take the risk, when clicking a button to report a suspected phishing email is a simple way to reduce that fear? Security operations centre (SOC) analysts are frustrated, because they spend a whopping 7.11 hours per incident, on average, assessing false positives reported by employees; time that could be better applied to triaging true-phish attacks. SOCs are working around the clock with limited resources, due to the fact that three billion phishing emails are sent daily, and all it takes is one vulnerability to get past organisations' current security measures, causing a catastrophic data breach.
Email security firm Agari does the numbers, in its latest Email Fraud and Identity Deception Trends quarterly report released in full yesterday. The results are telling. SOCs that embrace automation save on average more than US$11 million, annually. The problem is most SOCs are still reliant on manual processes.
The question is: Should the employee in finance, payroll, marketing or any department other than Infosec really be an email security and phishing email expert? Most email security experts say, "no." At the CISO event Trust 2019, this topic – removing human vulnerability in phishing threats – dominated discussions. The elusive variable causing employee angst and missed savings at most SOCs is automation. Many SOCs still manually assess emails flagged as suspicious, making the need for SOCs to find ways to automate and accelerate the processes involved with incident response grow more urgent by the day.
Automation, underpinned with machine learning, drives the efficiencies most SOCs seek. When asked how cutting the time required for phishing incident response through automated processes would impact their overall breach risk, respondents to Agari's quarterly survey estimated average risk reductions of 59 percent.
In the U.K., that figure rose two percent from the previous quarter's survey, to an average 50 percent reduction in breach risk, while in the U.S., estimates rose two percent during the same period, to an average 58 percent reduction.
On a global basis, a 59 percent reduction in breach risk would result in a US$708,000 decrease in annual breach risk for the average business.
"SOCs cannot hire analysts fast enough, so much so that the cybersecurity industry has nearly zero unemployment," said Armen Najarian, Chief Identity Officer, Agari. "The cybersecurity staffing gap is really a chasm. A clear and urgent need exists for SOCs to embrace automation to bring balance to the time and cost being spent on phishing incident response, in this era of low employment but high threat."
Headcount needs at large enterprises rose 23 percent quarter-over-quarter. Besieged by an incessant stream of phishing incidents, the average number of SOC analysts per organisation topped 16.9, during the quarter up from 15.3 previously. Based on the average 35,108 phishing incidents organisations face annually combined with the average time to remediate these incidents, the average SOC needs 136 analyst working 40 hours a week on nothing but incident response to remediate successfully all reported emails, legitimate phishes and false positive emails.
The average number of SOC analysts per organisation in the Agari survey is 16.9, which indicates a staffing gap of at least 119 FTEs. "That number is enough to staff an entire red team," Najarian noted.
More results from the Q4 Email Fraud and Identity Deception Trends report are available here.
About Agari
Agari is transforming the legacy Secure Email Gateway with its next-generation Secure Email Cloud powered by predictive AI. Leveraging data science and real-time intelligence from trillions of emails, the Agari Identity Graph™ detects, defends and deters costly advanced email attacks including business email compromise, spear phishing and account takeover. Winner of the 2018 Best Email Security Solution by SC Magazine, Agari restores trust to the inbox for government agencies, businesses and consumers worldwide. Learn more at www.agari.com.
Media Contact
Jean Creech Avent
Sr. Director, Global Corporate Communications
Agari
+1 843-986-8229
jcreech@agari.com
Photo - https://mma.prnewswire.com/media/1021287/AIR_Calculator.jpg
Share this article