New Study Reveals 84 Percent of Organisations in ANZ Rank Poor Employee Behaviour as Greatest Email Security Concern

In Response, Barracuda Expands PhishLine Product Portfolio with New Security Awareness Training Offering for Mid-Sized Companies

Eighty-four percent of respondents in Australia and New Zealand (ANZ) believe that poor employee behaviour is a greater email security concern than inadequate tools (16 percent), according to a study sponsored by Barracuda Networks, Inc., a provider of cloud-enabled security and data protection solutions. This highlights the need for organisations to include employee awareness and training as part of their email security strategy.

The global study of more than 630 professionals responsible for IT security was conducted by Dimensional Research, to better understand the email security approach of today’s organisations. ANZ respondents indicated that their organisation would benefit from additional email security capabilities, with phishing simulation (55%), social engineering detection (58%), email encryption (65%) and data loss prevention (74%) leading the way in terms of capabilities valued.

All respondents from ANZ have good intentions and believe end-user training and awareness are important; however, only 84 percent provide training for their employees. It was also reported that larger organisations (over 1000 employees) are more likely to train their employees. 

When asked what approaches would work best, 61 percent of respondents from ANZ cited regularly scheduled modules that can be done at an employee’s convenience, followed by customised examples relevant to departments and roles (52 percent) and unscheduled simulations of typical attacks (42 percent).

In response, Barracuda today announced that it has expanded its PhishLine product portfolio with a streamlined edition for organisations with less than 1,000 employees, tuned specifically for distribution through the reseller channel. PhishLine helps prevent email fraud, data loss and brand damage by training and testing employees to recognise highly targeted phishing attacks. It is now available in multiple versions to suit the needs of organisations of all sizes.

“As phishing attacks become increasingly stealthy and more targeted, our adversaries have shifted their focus from the largest organisations to smaller targets,” said Hatem Naguib, SVP and GM of Security at Barracuda. “Today’s announcement expands our PhishLine portfolio, by building on our enterprise grade offering with a solution aimed specifically at simplicity and fast time to value, fit for today’s resource constrained mid-sized businesses.”

PhishLine helps humans recognise the subtle clues that an email is not from whom it says it is from, using a two-pronged approach to achieve this. First, computer-based training gives users a baseline understanding of the latest techniques attackers are using. Second, PhishLine embeds learning into business processes, by launching customised simulations that test and reinforce good user behaviour. A large library of curated content means faster time to value, while rich reporting and analytics provide visibility.

According to Gartner, “Attack methods continually evolve to stay a step ahead of your security strategy. Therefore, it is paramount to train employees to be security conscious, critical thinkers who can leverage their knowledge in new and changing situations.” 1

PhishLine is recognised as a Visionary within Gartner's Magic Quadrant for Security Awareness Computer-Based Training2 based on its completeness of vision and ability to execute. The PhishLine SaaS platform includes multivariable attack simulations across email, text message, voice and USB/mobile media; best-in-class data capture, analytics and reporting; and continual, complex analysis of employee performance.

Get more information about Barracuda PhishLine here.

1Gartner, “10 Ways to Improve Security Awareness on a Tight Budget,” refreshed: 22 November 2017, by Joanna Huisman and Perry Carpenter.

2Gartner, "Magic Quadrant for Security Awareness Computer-Based Training," Published: October 2017, Joanna G. Huisman.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organisation and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About Barracuda Networks, Inc.

Barracuda simplifies IT with cloud-enabled solutions that empower customers to protect their networks, applications and data, regardless of where they reside. These powerful, easy-to-use and affordable solutions are trusted by more than 150,000 organisations worldwide and are delivered in appliance, virtual appliance, cloud and hybrid deployment configurations. Barracuda's customer-centric business model focuses on delivering high-value, subscription-based IT solutions that provide end-to-end network and data protection. For additional information, please visit

Barracuda Networks, Barracuda, and the Barracuda Networks logo are registered trademarks of Barracuda Networks, Inc. in the US and other countries.