Over 300 billion emails were sent and received daily around the world in 2020. Email remains the fundamental feature of modern business – and the number one threat to enterprise security. Every day, emails containing everything from invoice payment requests to investor communication and other formal and informal correspondences outside of the network are all fertile ground for exploitation and fraud.
Last year we witnessed a significant shift towards remote working all over the world, which has continued to fuel the adoption of cloud office systems. This has further accelerated the shift away from perimeter-based security defences, which are effectively obsolete. Most attacks don’t consist of breaching firewalls to invade protected environments anymore. Instead, attackers have, alongside businesses, shifted to the cloud.
Amidst this changing landscape, it’s clear that the defend-the-perimeter security model no longer works and it’s time for a change.
People are the new perimeter
Today, protection must start with people and cybercriminals have shifted their focus away from infrastructure accordingly. More than 99 per cent of cyberattacks that occur today are human activated and malicious actors have plenty in their favour such as the challenges of hybrid working, often low security awareness among staff and more limited access to IT teams. Additionally, phishing scams target vulnerable employees who can inadvertently compromise critical access and data to cybercriminals. The new model of cybersecurity therefore starts with a new perimeter – people, the one thing that ransomware, phishing, and Business Email Compromise (BEC) attacks all have in common.
Cybercriminals also use social engineering attacks that trick employees into opening a weaponised document, clicking a malicious link, entering their credentials or even carrying out demands like wiring money. Defending against such human-targeted email attacks requires a holistic strategy that encompasses people, process and technology.
Five steps to a people-centric email defence
Email threats are versatile and growing in number faster than ever. To fight back, organisations need to invest in an end-to-end email security strategy that addresses the entire attack chain – from proactive prevention to real-time threat response.
Step 1: Visibility
You need to understand the threats you face before you can successfully defend against them. Robust threat intelligence that can detect the full scale of malicious emails is an important first step, but it’s not enough. You also need a solution that can correlate and analyse your threat data to reveal who is attacking you, who or what they are specifically targeting and what information they are trying to steal.
Step 2: Deploy core email control and content analysis
Maintaining control over what messages get into your environment is critical for email security. Your solution should therefore provide granular classification that doesn’t just look for spam or malware but also identifies all distinct types of email (malicious or not) targeting your employees.
These emails could include bulk mail, credential phishing, BEC attacks, adult content, and more. Your classification tool should include advanced sandboxing capabilities that can analyse every attachment and URL in real time as it enters your gateway.
Step 3: Authenticate your email
Outbound phishing emails targeting customers and partners outside the gateway also pose a serious risk to businesses. Email authentication, specifically DMARC (Domain-based Message Authentication Reporting and Conformance), provides a solution to these types of threats.
DMARC ensures that legitimate email is properly authenticating and blocks any fraudulent activity from domains under your organisation’s control such as active sending domains, non-sending domains, and defensively registered domains.
Step 4: Prevent data loss
There’s a lot you can do to stop threats from entering your network, but you should also prevent sensitive data from leaving your gateway. An effective strategy prepares for any threats that make it through your defences, and for employees who may inadvertently expose sensitive data. Your solution should combine encryption with data loss prevention (DLP) so that sensitive information, even if exposed or exfiltrated, is always protected.
Step 5: Respond to threats in real time
No security solution can stop all attacks so real-time threat response needs to be a pillar of any email security strategy. Be wary of any vendor that claims their product can catch every threat. If such a solution were on the market today, data breaches and email fraud would be a thing of the past, and as recent headlines prove, this is simply not the case.
Know the threats targeting your organisation, identify your weak spots, and craft an email security defence that offers protection across these five key areas of the email threat lifecycle: visibility, content control and analysis, authentication, data loss prevention, and response. In a nutshell, your best defence is understanding and preparation.
Register here for the upcoming event: “How DMARC can help in the fight against phishing and email spoofing”. See what Sunsuper and Digital Victoria are doing to address their email security challenges and get some top tips for enhancing your own security.