2024 Email Security Risk Report

Email security risk remains high.

From credential harvesting and compromise in the supply chain to data loss and exfiltration. Almost every organization has had email security incidents in their Microsoft 365 environments.

Download the 2024 Email Risk Report for insight into the threats that organizations face and to find out what Cybersecurity leaders think of the native and secure email gateway (SEG) defenses they have in place.

Threats continue to evade traditional approaches to email security


of organizations had email security incidents


of ATO attacks started with phishing


Cybersecurity leaders are stressed about email security

Compromised accounts are the biggest risk

Half of organizations fell victim to attacks sent within the supply chain and 58% suffered account takeover attacks themselves. Consequently, phishing using compromised accounts is Cybersecurity leaders’ biggest stress.

Cybersecurity leaders question the value of their SEG

87% say they are either considering replacing their SEG or have already replaced it. With improvements in Microsoft’s native capability, we examine the reality SEGs face and the threats that get through perimeter detection.

91% of organizations had incidents caused by data loss and exfiltration, and more suffered negative impacts versus last year’s report. Find out how organizations responded to the people involved and how incidents hurt their reputation and bottom line.

This isn’t a case of ‘if it ain’t broke, don’t fix it’. Organizations urgently need to adapt their approach to email security.

Jack Chapman, VP of Threat Intelligence, Egress

Download the guide here