There are two types of email hacking.
Phishing. Sending standardized messages to a wide range of potential victims.
Targeted phishing or BEC (business email compromise) attacks.
Specific and planned targeted attacks against an individual or group of individuals to
- extract sensitive information;
- install malware on a network;
- Transfer money to accounts belonging to the attackers.
What are the benefits of email encryption?
Signing and encrypting emails helps organizations prevent email hacking that results in the theft of intellectual and capital property. It also reduces the brand and reputation damage that can occur if a business loses control of sensitive data. In addition, implementing digitally signed and encrypted email technology eliminates the unintended consequences associated with non-compliance with various regulations, such as the Public Health Insurance Liability and Data Portability Act and the General Regulation for the Protection of Personal Data. Compliance and ongoing adherence to various privacy and security regulations reduces the risk of businesses having to pay hefty fines for non-compliance.
What regulations require encryption of emails?
Depending on the sector, geographical location or where a business operates, organizations need to pay attention to different regulations. For example, in the U.S., the Health Insurance Portability and Accountability Act (HIPAA) requires organizations to protect sensitive patient health information from disclosure without the patient’s knowledge or consent. According to the U.S. Department of Health and Human Services, HIPAA breach costs totaled $13 million in 2020 alone. US.
In the European Union, the General Data Protection Regulation (GDPR) states that personal data must be fully protected and that if it is not, organizations can be fined up to 4% of the previous year’s revenue or up to €20 million. In Denmark, for example, as an addition to the GDPR, encryption of emails containing sensitive personal information is mandatory for companies from 2019.