Barracuda Networks, Inc., has released new research showing that organizations taking longer than nine hours to address an email security breach have a 79% chance of also being a victim of ransomware. The new Email Security Breach Report 2025 found that most of the organizations surveyed, 75% in India and 78% globally, experienced an email breach in the previous 12 months, with the average cost to recover reaching $217,068 globally.
Smaller businesses are hit especially hard. Companies with 50 to 100 employees incur costs of on average $1,946 per person, while larger organizations with 1,000 to 2,000 staff see average costs of $243 per employee.
The survey also shows that despite the need for rapid incident detection and response; many companies struggle to achieve this. Respondents cite the increased complexity of email threats, skills shortages and the lack of automated incident response as obstacles that make it difficult to quickly identify and remove threats.
The report is based on the findings of an international survey undertaken by Barracuda with Vanson Bourne, gathering insights from 2,000 IT and security decision-makers across North America, Europe, and Asia-Pacific.
Key Findings
75% of organizations in India and 78% globally experienced an email security breach in the previous 12 months
71% of organizations globally that experienced an email security breach were also hit with ransomware during the year
46% suffered reputational damage in India and 41% globally, and many lost new business opportunities, harming growth
$217,068 is the average cost of responding to and recovering from an email security breach
Only 50% detected the breach within an hour
Organizations taking 9 hours or more to fix the breach have a 79% chance of also being hit with ransomware
52% of Indian and 47% global organizations say advanced evasion techniques are the main obstacle to rapid incident response
44% globally say the lack of automated incident response delays the detection, containment and removal of threats
"Email security is no longer just about stopping spam or mass phishing — it’s about preventing the first domino from falling in a cyberthreat chain that could end in operational paralysis, data loss, reputational damage and longer-term business impacts,” said Neal Bradbury, chief product officer at Barracuda. “Responding quickly and effectively to email breaches is critical to overall cyber resilience. This can be a challenge for many organizations. The findings show that the ability to detect and neutralize email incidents is often hampered by increasingly complex and evasive attacks, internal skills shortages, a lack of automation, and more. A unified approach to protection centered on a strong integrated security platform is vital.”
𝐒𝐭𝐚𝐲 𝐢𝐧𝐟𝐨𝐫𝐦𝐞𝐝 𝐰𝐢𝐭𝐡 𝐨𝐮𝐫 𝐥𝐚𝐭𝐞𝐬𝐭 𝐮𝐩𝐝𝐚𝐭𝐞𝐬 𝐛𝐲 𝐣𝐨𝐢𝐧𝐢𝐧𝐠 𝐭𝐡𝐞 WhatsApp Channel now! 👈📲
𝑭𝒐𝒍𝒍𝒐𝒘 𝑶𝒖𝒓 𝑺𝒐𝒄𝒊𝒂𝒍 𝑴𝒆𝒅𝒊𝒂 𝑷𝒂𝒈𝒆𝐬 👉 Facebook, LinkedIn, Twitter, Instagram
