There are a lot of different ways that email threats attempt to trick or entice you into replying, clicking URLs, or opening attachments.
There are a lot of different ways that email threats attempt to trick or entice you into replying, clicking URLs, or opening attachments. This justifies the use of email security software that can capture and quarantine malicious emails and filter spam.
Unfortunately, we’ve discovered a concerning trend: the percentage of organizations using email security is declining. According to our latest CISO Benchmark Study, only 41 percent of those surveyed currently use email security as part of their threat defenses, even while reporting it as the #1 threat vector putting their organizations at risk. This is down from 2014, when 56 percent of organizations used email security.
There are several possible reasons for this decline. One cause could be the move to the cloud. In a recent study conducted by ESG on behalf of Cisco, more than 80 percent of respondents reported that their organization is using cloud-based email services. As more and more organizations opt to have their email services hosted in the cloud, onsite, dedicated email appliances appear less necessary, with some IT teams assuming they can go without.
However, while many cloud email services provide basic security features, the need for layered protection can’t be stressed enough. In fact, in the same survey conducted by ESG, 43 percent of respondents discovered that they required supplementary security to defend their email after the move. At the end of the day, there are still valid needs for IT teams to set policies, gain visibility and control, utilize sandboxes, and leverage external blocking capabilities.
Another issue that security teams currently face is an increased attack surface, which naturally results in more areas where protection is needed. If security budgets haven’t kept up with this increase, then teams may find themselves scaling some resources back to cover the larger attack surface.
Given that email is the most common threat vector, the importance of protecting it cannot be understated. When performing any cyber risk assessment, it’s important to prioritize your most critical entry points with thorough defense and risk management systems and work down in order of probability of attack and risk to the organization if a breach occurs. Then allocate resources that are commensurate with the criticality of potential losses.
In addition, Gartner suggests that security and risk managers (SRMs) take a three-pronged approach to improving their defenses against phishing attacks:
