South East Asia leads in email security awareness
Zoho has announced that South East Asia scored higher on email security awareness than other developing regions in the "State of Email Security Awareness Report 2023". Drawing from over 400 respondents from Malaysia, the Philippines, Singapore, Thailand, and Vietnam, the region scored 43.2% on email security awareness compared to the Middle East and Africa (MEA) at 40.7% and South America (SA) at 39.9%.
The report also found that South East Asian respondents were global leaders in "Anomaly Detection in Email Behaviour" and "Data Protection in File Sharing." Notably, 25% of these respondents were Zoho customers, and this subset exhibited higher awareness levels across these threat types compared to the overall average in the region.
In terms of sectors, technology and education performed the best, while manufacturing, healthcare, and government were the most vulnerable to email security threats. Key findings indicate that the education sector shows remarkably high awareness levels in nearly all threat types, notably in areas such as "Authentication and Access Control" and "Anomaly Detection in Email Behaviour." The retail and finance sectors exhibit moderate awareness levels, with opportunities for improvement in areas such as "Attachments and Phishing" and "Anomaly Detection in Email Behaviour."
The technology sector leads in "Data Protection in File Sharing" with a commendable 62% awareness level, indicating a focus on safeguarding sensitive data. However, the data shows room for improvement in areas such as "Email Identity Verification" and "Attachments and Phishing," suggesting a need for enhanced email security measures. In the healthcare sector, vulnerabilities are evident, particularly in "Attachments and Phishing," with a low awareness of only 34%. Alarmingly, awareness regarding "Email Identity Verification" is lacking entirely, indicating a critical need for improved email security practices. The government sector is identified as vulnerable, characterised by significant gaps in "Email Identity Verification" at 29% and "Web Content and URL Safety" at 34%, highlighting specific areas requiring focused enhancement in email security protocols. The manufacturing sector emerges as the most vulnerable sector, with the lowest awareness in "Web Content and URL Safety" and "Data Protection in File Sharing" at 27% and 29%, respectively. This highlights an urgent need for comprehensive cybersecurity initiatives to protect critical industry assets within the manufacturing sector.
There was a notable gap in email security awareness between small- and medium-sized enterprises (SMEs) and larger enterprises. South East Asian SMEs scored 40% on awareness, far behind the 51.1% of their larger regional competitors. Awareness among South East Asian SMEs was significantly behind developed regions like North America (NA) at 61.6%, Australia/New Zealand (ANZ) at 57%, and Europe (EU) at 54%. Developing regions like India at 42% also performed better. However, employees at South East Asian SMEs were marginally ahead of peers in the MEA at 39.7%, and SA at 39.2%.
In larger organisations, employee awareness in this region was also higher than MEA at 38.1% and SA at 36.4%, and likewise lagged behind India at 54%. There was a significant gap of around 13% between South East Asian large enterprises and those in developed regions like NA, ANZ, and EU.
Senior-level employees (11-20 years of experience) in South East Asia scored highest among all experience levels in the region at 54%. Though behind NA, ANZ, and EU by 12%, 9%, and 6% respectively, they outdid MEA and SA by 18% and 16% respectively. This suggests a moderate level of awareness among seasoned professionals in the region.
On the other hand, executive-level employees (more than 20 years of experience) exhibited a surprising dip from the year before, to 45%. They trail NA, ANZ, EU by 20%, 15%, and 11% respectively, and also lagged behind India, MEA, and SA by 4%, 10%, and 5% respectively. New entrants into the workforce displayed a 30% awareness level, behind NA, ANZ, and EU by 20%, 18%, and 15% respectively. However, consistent with freshers in India, MEA, and SA, they exhibited similar awareness levels.
There is also a significant awareness gap of 24.6% between freshers and senior-level employees in the South East Asia region. The disparities in awareness across experience levels highlight the need for continuous training and upskilling initiatives tailored to professionals at different stages of their careers, regardless of their seniority.
The survey included responses from 1,814 participants globally and serves as an essential benchmark for businesses, IT leaders, and cybersecurity educators, aiding in the evaluation and improvement of email security awareness initiatives.