State of Email Security 2019 - Benchmark Report Survey

Question Title

* 1. What role(s) do you play in email security decisions at your organization? (Select all that apply)

Research / Recommend solutions

Technical evaluator

Budget owner

Final technical decision maker

Business evaluator

Own ALL security strategy

Limited / no involvement in email security decisions

Other (please specify)

Question Title

* 2. What email platform is your organization using?

On-premises (e.g. Microsoft Exchange, Notes)

Cloud - G Suite

Cloud - Office 365

On-premises with plans to move to a cloud platform

Hybrid on-prem/cloud

I don't know

Other (please specify)

Question Title

* 3. Which of the following types of email do you / your users see in your inboxes (NOT what gets quarantined)? (Select all that apply)

W2 or confidential information requests

Wire transfer requests

Spam / Gray mail

Brand impersonations (e.g. Microsoft, Google, DocuSign, ADP)

Impersonation of external people (e.g. business partner, customer, vendor)

Credential theft (e.g. sending you to a fake login page)

Payload attacks (e.g. malicious / suspicious attachments or links)

Impersonations of internal employees (e.g. execs, HR, finance)

None of the above

Other (please specify)

Question Title

* 4. Not including spam, how often do you see the threats listed in the previous question (i.e. phishing / spoofing, malware / viruses)?

Weekly

Less often than monthly

Daily

Monthly

Never

Question Title

* 5. When was the last time you opened email in your junk or spam folder? (including to find a legitimate email that was mislabeled)

Within the past week

Within the past month

Within the past three months

Within the past six months

More than six months ago

Never

Question Title

* 6. How many people work at your organization?

1-20

21-100

101-500

501-2,500

2,501-5,000

5,001-10,000

> 10,000

Question Title

* 7. Which email threat worries you the most? (Select only one)

Impersonations of internal employees (e.g. execs, HR, finance)

W2 or confidential information requests

Payload attacks (e.g. malicious / suspicious attachments or links)

Spam / Gray mail

Brand Impersonations (e.g. Microsoft, Google, DocuSign, ADP)

Wire transfer requests

Impersonation of external people (e.g. business partner, customer, vendor)

Credential theft (e.g. sending you to a fake login page)

None of the above

Other (please specify)

Question Title

* 8. How often do you need to remediate an email-based attack? (includes: suspending compromised accounts, running PowerShell scripts, resetting compromised third party accounts, legal action, etc.)

2-3 times a year

About once a year

Weekly

Daily

Monthly

Less often than once a year

Question Title

* 9. When was the last time your organization experienced a breach (e.g. compromised account, loss of confidential data, credentials, fraudulent financial transaction, etc.) due to an email-borne threat?

4-6 months ago

Within past month

7-12 months ago

1-2 years ago

1-3 months ago

> 2 years ago or never

Question Title

* 10. What technologies do you use to guard against email threats?

Native email provider features or nothing

Add-on platform features (e.g. Advanced Threat Protection, Exchange Online Protection, etc.)

Secure Email Gateway (e.g. Mimecast, Proofpoint, Barracuda, etc)

Stand-alone anti-virus / anti-spam solution

Computer-Based Training (e.g. Cofense, KnowBe4, etc.)

Firewalls

Don't know

Other (please specify)

Question Title

* 11. Which of the following are problems for you despite your current email security solution? (Select all that apply)

Fit for cloud

Price is too high

Negatively impacts business operations (e.g. too many false positives)

Weak (or no) remediation capabilities if something gets through

Missing payload-free attacks (e.g. impersonations, social engineering)

Requires too much time to manage

Remediation is manual / takes too long

Missing payload attacks (e.g. malicious attachments / links)

Email Latency

Doesn't stop internal threats (e.g. if a user account is compromised)

None of the above

Other (please specify)

Question Title

* 12. How satisfied are you with your email security solution?

Very dissatisfied

Dissatisfied

"Good Enough"

Satisfied

Very satisfied

Very dissatisfied

Dissatisfied

"Good Enough"

Satisfied

Very satisfied

Question Title

* 13. Please provide your contact information to receive the final benchmark report.

Name

Company

Email Address