A survey by HornetSecurity has revealed cyberattacks being reported more frequently among users of multiple Microsoft 365 security features — with 29% of users who responded experiencing security incidents in the last year.
According to the cloud email security and backup vendor’s chief executive officer Daniel Hofmann, these findings could be due to a number of factors, including an over-reliance on stock security features in such programs.
“It’s a game of cat and mouse. As you grow, you add security features, but you also become more susceptible to attack because you’re a more lucrative target,” Hofmann said, announcing the results.
“Organisations must proactively find ways of identifying unseen vulnerabilities and should take a diligent, holistic approach to cybersecurity, rather than relying on what is available out of the box and only reacting once it is too late.”
Using more complex IT security strategies does not in itself necessarily increase security, the vendor noted. Respondent organisations that activated more Microsoft 365 security features reported more cyberattacks in the last year.
“Features may be misconfigured, leaving vulnerabilities. This is corroborated by the fact that 62.6% of respondents indicated that the main roadblock to implementing security features within their organisation is ‘not enough time or resources’,” according to the vendor.
Those using one or two Microsoft 365 stock security features reported attacks 24.4% and 28.2% of the time and using six or seven features correlated with attacks 55.6% and 40.8% of the time, respectively.
Spam filters were the most used security feature, followed by multi-factor authentication, web traffic filtration, permissions management and training.
Least common was security information and event management (SIEM).
Hornetsecurity recommends the use of tried and tested, user-friendly solutions and dedicated security professionals for optimum protection.