While 73% of employees are aware of the security policies pertaining to email, only 52% adhere to them

18% indicated the speed of filling technical privacy roles increased.

Advanced threat protection and malware detection (50%), employee training and awareness programs (48%), and phishing prevention (43%) are the top priorities for email security investment, according to IT leaders. These are followed by email encryption (42%), certified email authentication and access control (41%), human error prevention/data loss prevention (DLP) (39%), and post-delivery protection (24%).

While 47% of IT decision-makers identify phishing and malware as top threats to their data, only 20% prioritize outbound risks and just 39% of IT leaders point to data loss prevention/human error as an investment priority for email security

65% of privacy professionals interact with risk management.

Among employees who frequently make email mistakes, 52% say they are not clear on their company's policy around email security

43% of respondents believed their privacy budget was underfunded.

36% of respondents felt their privacy budget was appropriately funded.

Averagely, 66% of IT leaders admit that employee mistakes in outbound emails result in more significant data loss than malicious inbound attacks.

72% of respondents in enterprises that always practiced privacy by design felt completely or very confident in their ability to ensure data privacy and achieve compliance with new privacy laws.

10% of those who always practiced privacy by design experienced a material privacy breach in the past year.

67% of IT leaders claim that email doesn’t get the security attention it deserves.

Total GDPR fines issued across Europe in 2024 amounted to €1.2bn ($1.26bn).

54% of employees say that email accidents are most likely to happen when they are busy or tight on time, followed by feeling overwhelmed by too many messages or communication tools at 40%.

28% of employees say online training modules you complete at your own pace is the most engaging/effective email security training format

38% of global businesses identified cybersecurity incidents as their primary concern in 2025.

19 countries named cybersecurity as their top risk, including France, Germany, India, and the US.

20% of IT leaders say outbound email threats presents a big risk in their organization in terms of potential data loss

48% of IT leaders prioritize employee and awareness programs for email security investment.

43% of IT leaders prioritize phishing prevention for email security investment.