Are Companies Doing Enough to Protect Their Customer Communications?
Sam Kendall
Cyber attacks are now a fact of life. They target everything from big businesses to important hospital systems. Companies need to ask: Are we doing enough to keep our customer communications safe?
I spoke with Beyond Encryption Founder & CEO Paul Holland about the challenges of securing digital messages and how businesses can protect customer data in a changing world.
| You can watch this video on YouTube or listen to the interview on our podcast channel. |
Paul highlights how many organisations focus on protecting internal systems but forget about the risks of emails sent to customers.
These emails can contain private information for criminals to exploit.
Are Companies Too Relaxed About Rising Threats?
Cyber attacks on businesses are becoming more advanced.
Criminals are even going after important infrastructure like hospitals.
The average cost of a data breach in 2024 was £33.58 million, a 5% increase from the previous year.
The cost of recovering from ransomware has grown to approximately £32 million ($2.73 million).
These costs show how urgent it is to have strong security in place.
High-profile incidents—such as a hospitals forced to send patients home due to a cyber attack—show how vulnerable organisations can be.
"It’s a strange world we live in," Paul says.
"Hospitals having to close because their systems fail—it’s sad. We can always do more to protect them."
Many businesses spend a lot to stop incoming threats, like phishing.
But Paul points out they often forget about outbound customer communications.
"Businesses usually respond to cyber attacks but don’t work to fix weak spots in their outbound communications."
— Mike Wakefield, CTO, Beyond Encryption
Every day, over 300 billion emails are sent, making them a top target for cybercriminals.
Outgoing emails often include private details, like personal or financial information, making them a prime target.
In 2023, over 3,000 cyber breaches were reported in the UK, with key industries like finance (22%), retail (18%), and education (11%) facing the most incidents.
Email communications are one of the top sources of these breaches.
Companies must take action to reduce these risks and protect customers.
"Email was never created with security in mind.
With over 300 billion emails sent daily, it’s now the main way we communicate—and it’s a big risk."
— Paul Holland, Founder, Beyond Encryption
Securing Outbound Communication
Many companies build strong internal defences but forget about protecting the data that leaves the business.
Organisations share private information with customers every day.
These include policy documents, ID checks, and financial details.
Without safeguards, these exchanges can be intercepted and manipulated.
Paul says outbound communications must use encryption and authentication to tackle risks to customer data.
Without these, companies give criminals an easy target.
Breaking data protection rules can also result in huge fines.
For example, British Airways was fined £320 million by the UK's Information Commissioner's Office after a data breach compromised the personal and financial details of over 400,000 customers.
"If you send private customer info without encryption, you’re making it easy for criminals. Protecting that data is your duty."
— Paul Holland, Founder, Beyond Encryption
Balancing Security and Simplicity
For security tools to work, customers need to use them.
Tools must be easy and secure in equal measure.
Customers can give up if a tool is too complicated, leaving systems open to attack.
Paul says that good security should be nearly invisible in a world with digital products all around us.
It should allow encrypted and authenticated communication without making things harder for users.
"We expect tech to be simple and easy to use," he says.
"If security is hard, people won’t use it—we need to be customer-centric."
Over half of the UK public has experienced a data breach.
A third of these breaches happened in the last year (2023-24), showing the growing importance of data privacy for consumers.
This highlights the need for businesses to protect personal information to maintain customer trust.
"Good communication strategies balance security and customer experience."
— Emily Plummer, Marketing Director, Beyond Encryption
Teaching Customers to Stay Safe
Fraudsters don’t just use advanced tech tactics.
They also rely on human error and often try to fool people by pretending to be trusted brands or advisers.
Businesses need to understand this as a daily risk and act accordingly.
Paul warns that criminals are getting better at tricking people into sharing private information, but businesses struggle to keep up.
To fight this, businesses should teach customers how to communicate safely and give them tools for secure exchanges.
Providing free, secure reply options builds good habits and customer trust.
"If I send you private info securely, I should also let you reply securely.
This closes the loop and keeps both sides safe."
— Paul Holland, Founder, Beyond Encryption
Following Rules and Staying Secure
Data regulations like GDPR mean businesses need more than basic security.
Encryption, identity checks, and safe return delivery are must-haves.
Breaking regulations can lead to fines and impact a company’s reputation.
Using strong security shows customers their data is valued and protected, keeping their trust.
What’s Next: Security and Future Risks
As cyber threats grow, identity checks are becoming a big part of secure communication.
It’s important to know who you’re communicating with and for them to know who you are.
Future tools will work smoothly with current systems and use encryption, AI, and flexible authentication.
The UK's cybersecurity market is projected to grow at a compound annual growth rate (CAGR) of 8.86% between 2024 and 2029, reaching an estimated market volume of £312 billion by 2029.
Companies need to stay ahead of new risks and strengthen their defences.
When failing security causes a data breach, costs only go one way (up).
This is just one reason why secure communication is non-negotiable.
"Companies need to invest in secure tech and teach employees to stay aware of risks."
— Adam Byford, CCO, Beyond Encryption
FAQs
What Is Email Encryption?
Email encryption changes email content into a code so no one else can read it.
Why Is Email Encryption Important?
Encrypting emails keeps private information safe, even if hackers get the message.
How Can Companies Protect Outgoing Emails?
Businesses can use tools like encryption and multi-factor authentication to secure emails.
What Happens if Emails Aren’t Encrypted?
Unencrypted emails can be stolen by hackers, exposing private details like financial info.
What Steps Should Companies Take?
Companies should use encryption, train workers on secure communication, and invest in easy-to-use security tools.
References
State of Ransomware 2024 Report, Sophos, 2024
Cost of a Data Breach Report, IBM, 2024
Cybersecurity Market Revenue in the UK, Statista, 2024
Number of Sent and Received E-Mails per Day Worldwide From 2018 to 2027, Statista, 2024
ICO Public Attitudes Survey, Information Commissioner's Office, 2024
Big Fines on Tech Companies, The Times, 2024
Reviewed by
Sabrina McClune, 18.12.2024
Sam Kendall, 03.01.2024
|
Originally posted on 19 12 24
Last updated on January 3, 2025 Sam Kendall is a digital strategy specialist with nearly a decade of experience exploring the intersection of technology, culture, and transformation. At Beyond Encryption, he drives strategic marketing initiatives that enhance secure digital communications and foster digital identity innovation. Known for insightful research into digital culture and user behaviour, Sam combines expertise in SEO, CRO, and demand generation with a deep understanding of the evolving digital landscape. His work empowers organisations to navigate complex challenges in digital transformation with clarity and confidence. |
Previous post