Brian Pennington

A blog about Cyber Security & Compliance



Infographic: Email Security Perception v Reality

Overconfident Employees and Lack of Email Security Tools Lead to Risky Behavior

A study by SilverSky, reveals that when it comes to email security in the workplace, 98% of employees believe they demonstrate either equally secure or more secure behaviours than their colleagues.

The study examines corporate email security habits and perceptions, and is based on an online, quantitative survey conducted in July 2013. Respondents included 119 business professionals at U.S. organizations across a variety of industries.

Key findings from the study include:

  • 43% of respondents indicated they were “very concerned about email security and go above and beyond the company prescribed procedures” to protect their business communications.
  • 30% of respondents claimed to be “much more security conscious” than their co-workers.
  • 56% have accidently sent an email to the wrong person while at work
  • 53% have received unencrypted, risky corporate data (credit card numbers, social security numbers, etc.) via emails or email attachments.
  • One in five respondents know of someone within their organization who has been caught and reprimanded for sending out sensitive information without adhering to corporate protocol.
  • 53% were quick to single out co-workers, saying they’ve received unencrypted, sensitive data – such as sensitive attachments, social security numbers, protected health information, and valuable corporate secrets – via email
  • 17% admitted to sending out this risky data themselves.
  • 32% of organizations currently use an email data loss prevention (DLP) solution
  • 21% use an email encryption solution
  • 46% of respondents indicated that email security could be improved within their organizations

This study points to a strong “superiority bias” effect, or inflated employee overconfidence, when it comes to corporate email security. However, this overconfidence could be potentially dangerous for businesses, as it could lead to poor email security habits, which ultimately lead to real legal, regulatory and reputational risks through data loss.

How many times have you been slapped with a speeding ticket in the past year? Now think about how many times you’ve driven over the speed limit in the same time period, my guess is for most of us, that number is significantly higher,” said Andrew Jaquith, Chief Technology Officer and SVP, Cloud Strategy at SilverSky.

The new SilverSky study draws many parallels between email security habits and driving habits. The vast majority of drivers perceive themselves to be attentive, safe operators, but in reality, most speed, eat and talk or text while behind the wheel. Likewise, many employees consider their email security behaviours to be superior to those of their colleagues. However, this hubris is likely to lead to careless behaviour that could have serious consequences for the organization

Blog at

Up ↑

%d bloggers like this: