State of Email Security 2019 - Benchmark Report Survey

Question Title

* 1. What role(s) do you play in email security decisions at your organization? (Select all that apply)

Budget owner

Final technical decision maker

Research / Recommend solutions

Technical evaluator

Business evaluator

Own ALL security strategy

Limited / no involvement in email security decisions

Other (please specify)

Question Title

* 2. What email platform is your organization using?

On-premises (e.g. Microsoft Exchange, Notes)

Cloud - G Suite

Cloud - Office 365

On-premises with plans to move to a cloud platform

Hybrid on-prem/cloud

I don't know

Other (please specify)

Question Title

* 3. Which of the following types of email do you / your users see in your inboxes (NOT what gets quarantined)? (Select all that apply)

Spam / Gray mail

Payload attacks (e.g. malicious / suspicious attachments or links)

Credential theft (e.g. sending you to a fake login page)

Impersonation of external people (e.g. business partner, customer, vendor)

Impersonations of internal employees (e.g. execs, HR, finance)

Brand impersonations (e.g. Microsoft, Google, DocuSign, ADP)

W2 or confidential information requests

Wire transfer requests

None of the above

Other (please specify)

Question Title

* 4. Not including spam, how often do you see the threats listed in the previous question (i.e. phishing / spoofing, malware / viruses)?

Monthly

Less often than monthly

Daily

Weekly

Never

Question Title

* 5. When was the last time you opened email in your junk or spam folder? (including to find a legitimate email that was mislabeled)

Within the past week

Within the past month

Within the past three months

Within the past six months

More than six months ago

Never

Question Title

* 6. How many people work at your organization?

1-20

21-100

101-500

501-2,500

2,501-5,000

5,001-10,000

> 10,000

Question Title

* 7. Which email threat worries you the most? (Select only one)

Spam / Gray mail

Payload attacks (e.g. malicious / suspicious attachments or links)

Impersonations of internal employees (e.g. execs, HR, finance)

Impersonation of external people (e.g. business partner, customer, vendor)

Wire transfer requests

W2 or confidential information requests

Credential theft (e.g. sending you to a fake login page)

Brand Impersonations (e.g. Microsoft, Google, DocuSign, ADP)

None of the above

Other (please specify)

Question Title

* 8. How often do you need to remediate an email-based attack? (includes: suspending compromised accounts, running PowerShell scripts, resetting compromised third party accounts, legal action, etc.)

Daily

2-3 times a year

Weekly

Monthly

About once a year

Less often than once a year

Question Title

* 9. When was the last time your organization experienced a breach (e.g. compromised account, loss of confidential data, credentials, fraudulent financial transaction, etc.) due to an email-borne threat?

1-3 months ago

7-12 months ago

1-2 years ago

4-6 months ago

Within past month

> 2 years ago or never

Question Title

* 10. What technologies do you use to guard against email threats?

Native email provider features or nothing

Add-on platform features (e.g. Advanced Threat Protection, Exchange Online Protection, etc.)

Secure Email Gateway (e.g. Mimecast, Proofpoint, Barracuda, etc)

Stand-alone anti-virus / anti-spam solution

Computer-Based Training (e.g. Cofense, KnowBe4, etc.)

Firewalls

Don't know

Other (please specify)

Question Title

* 11. Which of the following are problems for you despite your current email security solution? (Select all that apply)

Fit for cloud

Email Latency

Requires too much time to manage

Missing payload-free attacks (e.g. impersonations, social engineering)

Price is too high

Doesn't stop internal threats (e.g. if a user account is compromised)

Weak (or no) remediation capabilities if something gets through

Missing payload attacks (e.g. malicious attachments / links)

Remediation is manual / takes too long

Negatively impacts business operations (e.g. too many false positives)

None of the above

Other (please specify)

Question Title

* 12. How satisfied are you with your email security solution?

Very dissatisfied

Dissatisfied

"Good Enough"

Satisfied

Very satisfied

Very dissatisfied

Dissatisfied

"Good Enough"

Satisfied

Very satisfied

Question Title

* 13. Please provide your contact information to receive the final benchmark report.

Name

Company

Email Address