State of Email Security 2019 - Benchmark Report Question Title * 1. What role(s) do you play in email security decisions at your organization? (Select all that apply) Budget owner Final technical decision maker Research / Recommend solutions Technical evaluator Business evaluator Own ALL security strategy Limited / no involvement in email security decisions Other (please specify) Question Title * 2. What email platform is your organization using? On-premises (e.g. Microsoft Exchange, Notes) Cloud - G Suite Cloud - Office 365 On-premises with plans to move to a cloud platform Hybrid on-prem/cloud I don't know Other (please specify) Question Title * 3. Which of the following types of email do you / your users see in your inboxes (NOT what gets quarantined)? (Select all that apply) Spam / Gray mail Payload attacks (e.g. malicious / suspicious attachments or links) Credential theft (e.g. sending you to a fake login page) Impersonation of external people (e.g. business partner, customer, vendor) Impersonations of internal employees (e.g. execs, HR, finance) Brand impersonations (e.g. Microsoft, Google, DocuSign, ADP) W2 or confidential information requests Wire transfer requests None of the above Other (please specify) Question Title * 4. Not including spam, how often do you see the threats listed in the previous question (i.e. phishing / spoofing, malware / viruses)? Monthly Less often than monthly Daily Weekly Never Question Title * 5. When was the last time you opened email in your junk or spam folder? (including to find a legitimate email that was mislabeled) Within the past week Within the past month Within the past three months Within the past six months More than six months ago Never Question Title * 6. How many people work at your organization? 1-20 21-100 101-500 501-2,500 2,501-5,000 5,001-10,000 > 10,000 Question Title * 7. Which email threat worries you the most? (Select only one) Spam / Gray mail Payload attacks (e.g. malicious / suspicious attachments or links) Impersonations of internal employees (e.g. execs, HR, finance) Impersonation of external people (e.g. business partner, customer, vendor) Wire transfer requests W2 or confidential information requests Credential theft (e.g. sending you to a fake login page) Brand Impersonations (e.g. Microsoft, Google, DocuSign, ADP) None of the above Other (please specify) Question Title * 8. How often do you need to remediate an email-based attack? (includes: suspending compromised accounts, running PowerShell scripts, resetting compromised third party accounts, legal action, etc.) Daily 2-3 times a year Weekly Monthly About once a year Less often than once a year Question Title * 9. When was the last time your organization experienced a breach (e.g. compromised account, loss of confidential data, credentials, fraudulent financial transaction, etc.) due to an email-borne threat? 1-3 months ago 7-12 months ago 1-2 years ago 4-6 months ago Within past month > 2 years ago or never Question Title * 10. What technologies do you use to guard against email threats? Native email provider features or nothing Add-on platform features (e.g. Advanced Threat Protection, Exchange Online Protection, etc.) Secure Email Gateway (e.g. Mimecast, Proofpoint, Barracuda, etc) Stand-alone anti-virus / anti-spam solution Computer-Based Training (e.g. Cofense, KnowBe4, etc.) Firewalls Don't know Other (please specify) Question Title * 11. Which of the following are problems for you despite your current email security solution? (Select all that apply) Fit for cloud Email Latency Requires too much time to manage Missing payload-free attacks (e.g. impersonations, social engineering) Price is too high Doesn't stop internal threats (e.g. if a user account is compromised) Weak (or no) remediation capabilities if something gets through Missing payload attacks (e.g. malicious attachments / links) Remediation is manual / takes too long Negatively impacts business operations (e.g. too many false positives) None of the above Other (please specify) Question Title * 12. How satisfied are you with your email security solution? Very dissatisfied Dissatisfied "Good Enough" Satisfied Very satisfied Very dissatisfied Dissatisfied "Good Enough" Satisfied Very satisfied Question Title * 13. Please provide your contact information to receive the final benchmark report. Name Company Email Address Done