Zoho, a global technology company, today announced that South East Asia scored higher on email security awareness than other developing regions in the “State of Email Security Awareness Report 2023”. Drawing from over 400 respondents from Malaysia, the Philippines, Singapore, Thailand and Vietnam, the region scored 43.2% on email security awareness compared to the Middle East and Africa (MEA) (40.7%) and South America (SA) (39.9%).
The report also found that South East Asian respondents were global leaders in “Anomaly Detection in Email Behavior” and “Data Protection in File Sharing.” Notably, 25% of these respondents were Zoho customers, and this subset exhibited higher awareness levels across these threat types compared to the overall average in the region.
Industry-Specific Measures Needed
In terms of sectors, technology and education performed best, while manufacturing, healthcare, and government were the most vulnerable to email security threats. Key findings indicate that:
- The education sector shows remarkably high awareness levels in nearly all threat types, notably in areas such as “Authentication and Access Control” and “Anomaly Detection in Email Behaviour.”
- The retail and finance sectors exhibit moderate awareness levels. Opportunities for improvement exist in areas such as “Attachments and Phishing” and “Anomaly Detection in Email Behavior.”
- The technology sector leads in “Data Protection in File Sharing” with a commendable 62% awareness level, indicating a focus on safeguarding sensitive data. However, the data shows room for improvement in areas such as “Email Identity Verification” and “Attachments and Phishing,” suggesting a need for enhanced email security measures.
- In the healthcare sector, the vulnerabilities are evident, particularly in “Attachments and Phishing,” with a low awareness of only 34%. Alarmingly, awareness regarding “Email Identity Verification” is lacking entirely, indicating a critical need for improved email security practices.
- The government sector is identified as vulnerable, characterized by significant gaps in “Email Identity Verification” (29%) and “Web content and URL safety” (34%), highlighting specific areas requiring focused enhancement in email security protocols.
- The manufacturing sector emerges as the most vulnerable sector, with the lowest awareness in “Web Content and URL Safety” and “Data Protection in File Sharing” at 27% and 29%, respectively. This highlights an urgent need for comprehensive cybersecurity initiatives to protect critical industry assets within the manufacturing sector.
These insights highlight the necessity for industry-specific cybersecurity measures and training to address distinct vulnerabilities.
Gap Between Larger Businesses and SMEs
There was a notable gap in email security awareness between small- and medium-sized enterprises (SMEs) and larger enterprises. South East Asian SMEs scored 40% on awareness, far behind the 51.1% of their larger regional competitors.
Awareness among South East Asian SMEs was significantly behind developed regions like North America (NA) (61.6%), Australia/New Zealand (ANZ) (57%), and Europe (EU) (54%). Developing regions like India (42%) also performed better. However, employees at South East Asian SMEs were marginally ahead of peers in the MEA (39.7%), and SA (39.2%).
In larger organizations, employee awareness in this region was also higher than MEA (38.1%) and SA (36.4%), and likewise lagged behind India (54%). Moreover, there was a significant gap of around 13% between South East Asian large enterprises and those in developed regions like NA, ANZ, and EU.
Correlation Between Experience and Awareness
Senior-level employees (11-20 years of experience) in South East Asia scored highest among all experience levels in the region at 54%. Though behind NA, ANZ, and EU by 12%, 9%, and 6% respectively, they outdid MEA and SA by 18% and 16% respectively. This suggests a moderate level of awareness among seasoned professionals in the region.
On the other hand, executive-level employees (more than 20 years of experience) exhibited a surprising dip from the year before, to 45%. They trail NA, ANZ, EU by 20%, 15%, and 11% respectively, and also lagged behind India, MEA, SA) by 4%, 10%, and 5% respectively.
New entrants into the workforce displayed a 30% awareness level, behind NA, ANZ, EU by 20%, 18%, and 15% respectively. However, consistent with freshers in India, MEA, SA, they exhibited similar awareness levels.
There is also a significant awareness gap of 24.6% between freshers and senior-level employees in the South East Asia region. The disparities in awareness across experience levels highlight the need for continuous training and upskilling initiatives tailored to professionals at different stages of their careers, regardless of their seniority.
The survey included responses from 1,814 survey participants globally and serves as an essential benchmark for businesses, IT leaders, and cybersecurity educators, aiding in the evaluation and improvement of email security awareness initiatives.