Sizing up email threats for your business

No matter the size, all organisations are at risk of being the next target of a cyber-attack. Attacks take on a variety of forms, from phishing scams, malware to ransomware, each requiring its own security measures. So how do you as a business owner protect your organisation against a multitude of growing cybersecurity threats? By Steven Malone, Director of Security Product Management at Mimecast.

  • 5 years ago Posted in

Understanding what you’re up against

 

The first step is understanding what you’re up against. According to Mimecast’s latest research, more than 80 percent of organisations have seen both targeted and untargeted phishing attacks increase or stay the same over the last year. This is constrained by impersonation attempts spreading and no longer focusing on particular individuals. Everyone is now a target – from the C-suite, the finance department, HR staff members, even trusted third-party vendors.

 

Take ransomware for example, which holds your computer or network hostage by encrypting its files, and demands you to pay for the release of your data. It is bad enough if you are just one person working on a home PC, but for a modern office where there is a computer on every desk, the problem is magnified. If this type of malware gets into a network, all connected could PCs go down with it. What’s more, your business stands to lose valuable data in the process, often with confidential and sensitive information hanging in the balance.

 

We saw this when the WannaCry malware attack swept across the globe in May last year, infecting everyone from FedEX to Russia’s Central Bank, and even bringing the UK’s National Health Service to its knees. Like an unstoppable epidemic, it spread quickly and infected without discrimination. In a ransomware situation, all it could take for your business to become compromised, is one employee interacting with an infected mail.

 

Email is the top attack vector

 

Mimecast’s latest State of Email Security report reveals that 92% of hacks begin with an email. Many of these attacks employ social-engineering strategies to gain access via highly targeted attacks. With a specific organisation in mind, hackers set out to gather as much information as possible about a certain employee, using what is shared online and on social networking sites. This is used to construct an authentic looking email that will gain the trust of the person to which it is sent. Convinced of its authenticity, the employee opens the attachment, malware is installed and the hacker has full access to the network. Tailor-made for a specific individual, this kind of activity is also known as spear-phishing.

 

Another method is Business Email Compromise or BEC. This kind of attack sees hackers tricking employees into paying a fake invoice or money order by impersonating an important figure within the organisation, like the financial director or CEO. Email impersonation attacks don’t just pose a financial risk to your business. Hackers also target sensitive data and valuable intellectual property, by tricking the victim into handing over this information.

 

Clearly, the risks and the consequences of lax cyber security are very real, very diverse, and changing all the time. So, what can an organisation do to make sure they’re protected? The answer lies in adopting a cyber resilience strategy.

 

The cyber resilience response

 

While they might sound similar, cybersecurity and cyber resilience are not the same thing. Security focuses purely on protection, while resilience is about assuring the ability to recover and continue with business as usual. Cyber resilience includes measures of prevention and also seeks to avoid data loss and downtime.

 

Businesses are starting to realise that, apart from having measures in place to prevent an attack in the first place, the ability for your business to bounce back after suffering an attack is just as important. Is your data backed up, and can it be quickly recovered? Could a cybercriminal possibly separate you from your backups to strengthen their position and demand a debilitating ransom? Resilience means acknowledging that despite your best efforts, an attacker may still be able to break through and attacks will happen. Cyber resilience requires a paradigm shift followed by the implementation of measures that guarantee your organisation’s swift recovery.

 

While cloud services like Office 365 have empowered smaller organisations, they aren’t necessarily prepared to deal with an onslaught of attacks. And if their email goes down because of an attack, technical failure or human error, they could be down for hours or even days, meaning productivity will cease entirely and they will almost certainly lose revenue and customers. It’s therefore important to enlist the services of trusted third-party providers, to help divert threats with advanced security, and bounce back in the event of a successful attack. When it comes to email, cyber resilience means being able to secure, preserve and continue the flow of information via email. It encompasses advanced security, archiving to restore data instantly and continuity to ensure business as usual.

 

Don’t lose a minute of productivity

 

For any growing business, time is money, and reliance on email and important customer data means even a few minutes of downtime can cost an organisation valuable productivity time. Furthermore, if you’re fully dependent on a single cloud provider, and they experience a period of downtime, you have no choice but to sit and wait until the service is back up and running. Adopting a continuity service means you’re able to quickly and seamlessly switch to an available email service.

 

Equally important is being able to recovery data on demand, which can be done through a reliable cloud archiving service. This service ensures you have a digital corporate memory that is fully encrypted, and drastically decreases the risk of data loss or corruption in the event of attack. This is critical in a ransomware situation, as being able to recover a copy of your data means you never have to worry about paying ransom.

 

In the digital age, competition among businesses is fierce, and organisations are turning to technology to be more efficient and improve service delivery. But without putting the same amount of thought into keeping your business safe, going digital may ultimately turn out to be a recipe for failure if cyber criminals decide to make you their next target.

 

True cyber resilience means taking a holistic, all-inclusive approach, because you never know where the next security threat will come from, or how it will target you. With the right defences and recovery plans in place, you’ll be free to focus on growth, rather than wondering if a single email could bring your business down.

 

 

 

 

By Barry O'Donnelll, Chief Operating Officer at TSG.
By Dr. Sven Krasser, Senior Vice President and Chief Scientist, CrowdStrike.
By Gareth Beanland, Infinidat.
By Nick Heudecker, Senior Director at Cribl.
By Stuart Green, Cloud Security Architect at Check Point Software Technologies.
The cloud is the backbone of digital cybersecurity. By Walter Heck, CTO HeleCloud
By Damien Brophy, Vice President EMEA at ThoughtSpot.