NEW ORLEANS – A recent review by the cybersecurity firm Red Sift shows that Louisiana businesses rank near the bottom nationally in the basic enforcement of email security protections, potentially allowing infiltration by bad actors, scam artists or even foreign governments seeking financial and operational information in some of the state’s most critical industries.
Red Sift analyzed 100 domains from organizations in Arkansas, Colorado, Kansas, Louisiana, Missouri, Nebraska, New Mexico, Oklahoma and Texas revealing a seismic gap in infrastructure exposure and email security wider than any other region. According to Red Sift’s findings, businesses scrutinized in Louisiana, including healthcare systems, universities, utilities and public utilities, revealed that while “many have adopted baseline email authentication standards, far fewer are fully enforcing them to block malicious messages before they reach inboxes.”
As a foundational cog in the national economic and energy infrastructure, with the Port of Louisiana being the highest tonnage port in the Western Hemisphere, experts stress that the state’s vulnerability, with 38% of Louisiana’s top employers open to brand/email impersonation attacks, could have lasting implications on the world stage.
“Texas, Oklahoma, Louisiana, Colorado, and New Mexico produce the majority of the country’s oil, gas, and renewable energy. Wire transfer instructions, drilling contracts, pipeline right-of-way agreements, and joint venture payments all travel by email,” reads the analysis titled ’64% of U.S. Heartland Organizations exposed to Email Spoofing.’ “Energy companies are high-value targets because their payment workflows involve large sums, multiple counterparties, and time-sensitive approvals. A spoofed email from an operator to a midstream company, or from an EPC contractor to a project owner, can move seven-figure sums before anyone flags it.”
While major industries, energy and healthcare most prominently, are most affected by a lack of digital security, small businesses are also squarely in the crosshairs for bad actors looking to exploit poor protections. Louisiana is home to more than 450,000 small businesses, employing roughly 897,000 workers. Many of those organizations and workers lack the understanding or the resources to enforce adequate email protections, leaving wide gaps in loose security systems that cybercriminals can easily target and exploit.
According to Red Sift, “only 32% of Louisiana organizations analyzed are operating at full email security enforcement. Twenty‑three domains allow fraudulent emails through with no resistance, while 15 organizations have no email security record at all, indicating absent or misconfigured protections.”
In March, an Iran-linked hacker group claimed responsibility for a cyberattack on medical tech company “Stryker,” headquartered in Michigan, the first significant instance of Iran’s hacking capabilities on US companies since the beginning of the war, as reported by NBC News. While the majority of subsequent attacks since then have been localized to their regional neighbors, the threat of Iranian cyber conflict remains high. As military hostilities grow more chaotic and prolonged, with little hope of a prolonged peace in sight, US businesses are advised to heighten their vigilance to repel cyberattacks as a byproduct of wars conducted across the globe, especially in Louisiana, where the crippling of critical infrastructure would have rippling effects affecting life not only locally but nationally and globally as well.
