Intelligent CIO Europe Issue 11 | Page 25

LATEST INTELLIGENCE multiple checks and procedures. At Proofpoint, we take a similar approach to securing your email. This guide explains how our multi-layered defence uses identity control and content analysis to protect organisations from email fraud. 1. First, they check the flyer’s passport and boarding pass to ensure that the person is authorised to travel and is, indeed, who the person claims to be. We call this identity control. 2. Second, the airport screens the luggage and has the person pass through an X-ray machine or scanner. This ensures that nothing bad is getting on the plane and that nothing’s leaving that shouldn’t be. We call this content analysis. Identity control: Who’s really sending that email? Email fraud can be hard to detect with conventional cyberdefences. That’s because it is highly targeted and sent in low volumes aimed at specific people or job roles. These emails don’t have a payload. So, there’s no attachment or URL for security tools to detect, analyse and sandbox. The messages are socially engineered for one sole purpose: tricking people into doing something on the attacker’s behalf. Due to the nature of email fraud, you need to validate the true identity of the email sender. If you can verify whether the email was sent by who it says it’s from – and block any impostors – you can stop many of these threats outright. n Download whitepapers free from www.intelligentcio.com/me/whitepapers/ www.intelligentcio.com INTELLIGENTCIO 25