Email remains one of the top attack vectors for threat actors looking to compromise an organization. Despite this, a recent study found that around 90 percent of organizations have security holes in Microsoft 365 due to their current cybersecurity policies and architecture.
The study assessed 1.6 million Microsoft 365 users across three continents and found that 90 percent of companies had gaps across all four key areas studied – multi-factor authentication (MFA), email security, password policies, and failed logins. In addition, 87 percent of firms have MFA disabled for some or all of their admins. And almost every company is increasing their risk of a cyber compromise because of weak credentials. Ultimately, the research revealed that while many organizations possess documented security policies, most are not being implemented consistently due to difficulties in reporting and limited IT resources. Read more at HelpNetSecurity.