By Stephanie Baskerville on March 14, 2017

Effects of email based attacks – they can harm your brand reputation


One purchase by one in 25,000 receivers – that’s what it takes for spammers to be profitable to send email spam to as many people as they want. Without accounting for security aspect costs, anyone can easily see that unwanted emails cause severe productivity losses and increased processing costs.

An email based attack is the most popular style of network or user compromise by a malicious adversary. These attacks can have serious losses for an organization that can be felt immediately and last for long periods of time. A data breach can jeopardize whole markets if clients do not believe your organization is capable of protecting their data and information.

Financial losses are not the only losses due to data breaches. Your reputation and brand image are in danger when data breaches occur. 85% of customers globally said that if a business lost their personal information or it was hacked, they would take their business elsewhere. 47% said they would take legal action.

One incident has the potential to cause IP or customer base losses that can cripple an organization and its ability to stay viable and competitive. Lost customer base represents around 36% of total data breach costs and losses.


Email spam harms your productivity

  • Time to delete spam – The time each user has to spend to delete each message from their inbox. On average this is 5 seconds.
  • Time to notify help desk of spam – If the end user does not have control over black/white lists they should generally notify the help desk of any additions to those lists. This takes time away from the end user and IT.
  • Time to ask for message retrieval – If an end user does not have control over their quarantined messages, they must ask IT to look at their withheld messages and release one to the end user, taking time away from both the end user and IT.
  • Time to look at email digest – if an email digest is provided to the end user, this will require time to look over and confirm there has been no false positives.


Email spam harms your bottom line

Here are the costs of spam to an organization:

  • Cost to delete spam
  • Cost to notify help desk of spam
  • Cost to ask for message retrieval
  • Cost from help desk to retrieve message
  • Cost to look at email digest
  • Costs on server hardware: requires more than 5 times as much capacity as would be required if no spam
  • Costs of ESG itself: licenses, maintenance, appliance if applicable, etc.


7 ways data breaches cause major losses

In addition to these costs, email threats carry huge potential costs that can be created by a security incident. If a major security breach occurs or your systems are compromised, this could result in heavy costs felt by your organization immediately.

One – Data Loss and Theft Costs
Value of actual data lost/stolen itself.

Two – Compliance and Regulatory Fines
Avoiding regulatory or compliance related fines. This is related to what regulations your data falls under and the associated fines

Three – Post Data Breach Costs
Help desk activities, inbound communications, special investigations, remediation, legal, identity protection services, regulatory interventions.

Four – Detection and Escalation Costs
Forensic and investigative capabilities, assessment, audit, event management, communications to management and board.

Five – Notification Costs
Creation of contact databases, regulatory requirements, outside experts, and internal and external communications.

Six – Increased Retention Costs
Increase in customer retention expenses to retain clients.

Seven – End User Outage Costs
Having employees unable to perform work due to business disruption, most likely caused by network downtime, to recover and clean after a breach.

3 steps to determine email protection deployment costs

To avoid these costs of email based attacks to your organization, we recommend deploying email protection plan. The costs of the deployment? Here are 3 steps you can follow to determine them:

Step 1. Create a Total Cost of Ownership (TCO) model

Build out pricing scenarios for on-premises, hybrid and Cloud Email Defence deployment options by creating a TCO model, taking into account the following:

  • Licence/subscription costs
  • Hardware/infrastructure costs
  • Communications costs
  • Email defence system features
  • Software costs
  • Implementation costs
  • Maintenace costs
  • Support costs

Step 2. Protect your Return on Investment (ROI)

Calculate security incident savings and productivity cost savings to project your potential ROI:

  • Incident cost avoidance.
  • Incident loss avoidance.
  • Savings from email spam protection.
  • Savings from releasing email digests.
  • Savings from enabling client integration capabilities.

Step 3. Analyze the Results of Your TCO and ROI Research

A major security challenge faced by SMBs is limited by IT security budgets. Having accurate TCO’s and ROI’s gives credibility and shows value to decision makers who control budgets. Compare ROI and TCO for each deployment option and also evaluate your savings by providing and end user digest and client integration capabilities. When analyzing the results, consider the following:

  • Look at how the on-premises, Cloud and hybrid deployment options vary across TCO and ROI.
  • When considering deployment options, ROI should be the main output you are concerned about.
  • Email digest and client integration can have huge cost savings being used independently or in tandem.

Weigh the cost savings against the function being performed.


Let us help you with your organization’s email security!

Having an email security plan and a defence in place will make your organization safer. Now is the time to strengthen your organization’s email security by implementing an effective email security plan. And a major step is to know what are the financial and other threats to your business posed by malicious attacks, and the kind of email security system that would be best for your network. Our team of experts have worked with many organizations to help them implement an email security plan. Contact us today! Fill out the form below or send us an email to We will be happy to run a complimentary email security assessment for you and discuss how you can improve your organization’s email defence!

Published by Stephanie Baskerville March 14, 2017