- A report reveals that 98% of security leaders view misdirected emails as a major data security risk.
- Misdirected emails led to $1.2 billion in fines and 27% of GDPR-related incidents last year
- 97% believe behavioral AI can reduce human error and improve outbound email security.
Cybercriminals and disgruntled employees aren’t the only things businesses need to worry about when it comes to data security, as new research claims that mistakenly sending emails containing sensitive information to the wrong address is also becoming a major problem.
A report from Abnormal AI states that 98% of security leaders view misdirected emails (as emails sent to the wrong address are apparently called) as a “significant risk” compared to malware or insider threats.
Additionally, 96% of organizations surveyed said they experienced data loss and exposure due to misdirected emails in the last year alone, while 95% reported a “measurable business impact” in remediation costs, compliance violations, and erosion of customer trust.
Measurable impact
That “measurable impact” translates into approximately $1.2 billion in fines worldwide, the report further states. Misdirected emails accounted for more than a quarter (27%) of all data protection incidents under the GDPR last year, leading to these harrowing fines.
“Enterprises have invested heavily in stopping inbound threats like phishing, but outbound email remains a major vector for human error, one that has historically been overlooked,” said Mike Britton, CIO at Abnormal AI.
As with any other cybersecurity risk, this one must also be mitigated with advanced tools. However, that doesn’t seem to be the case, as nearly half (47%) of IT and security professionals typically learn about misdirected emails from recipients, rather than different alerts from their technology stack.
To truly address the problem, 97% believe behavioral AI can help, as the average company spends more than 400 hours a year managing false positives from email security and data loss prevention tools.
“This is both a visibility and a technological problem,” Britton added. “Traditional tools cannot differentiate a legitimate customer’s email from a confidential message addressed to the wrong recipient. Protecting data today requires more than defending against external threats: it means understanding and supporting human behavior. Organizations that integrate AI-powered insights with user-centric safeguards are better positioned to prevent errors from becoming breaches.”
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
