EDITOR’S QUESTION
NICK SAUNDERS, CYBER
RESILIENCE EXPERT AT MIMECAST
E
mail is still the number one
vector for cyber-threats
in the Middle East. As the
de-facto business communication
tool available today, it’s vital
that every organisation has an
effective strategy that covers all
aspects of email security.
Without doubt, ransomware is
now the technique of choice
for cybercriminals with a
recent PhishMe report showing
that 93% of all phishing
emails contained encryption
ransomware. CEO fraud and
other impersonation attacks
have become daily occurrences
around the world.
Relying on a single vendor or
piece of technology is simply no
longer good enough. Assuming
that email is protected today
because of strategies and
technologies deployed yesterday
is dangerous and potentially
leaves an organisation
vulnerable to attack.
CIOs should consider email
carefully as part of their overall
cyber-resilience. With email
becoming integrated into many
business processes and workflows,
our reliance on email has grown
significantly and overlooking it as
a critical part of a cyber-resilience
strategy could leave many
businesses exposed.
The key to successfully securing
enterprise email data is to take a
multi-layered approach towards
security. Don’t rely on just a
www.intelligentcio.com
An entire eco-system has grown
up around securing email. This
involves many facets of security from
authentication, to content analysis
to reputation checks. Traditionally
email security relied on the ‘PROTECT’
maxim by trying prevent attacks or
compromises reactively - essentially
waiting for an attack to reach the
perimeter and relying on technology to
identify the threat and neutralise it.
“CIOs should
consider email
carefully as
part of their
overall cyber-
resilience.”
single vendor to provide protection but
rather evaluate each element of the
email journey and apply the best of
breed technology where appropriate.
Sometimes this means using overlapping
technology but ultimately building
multiple layers of security ensures
resilience throughout the email eco-
system. The email journey can be viewed
in three ways: inbound, outbound and
internal. To secure all three, a holistic
approach is needed to mitigate both
external and internal threats.
Technologies such as anti-spam, anti-
virus, firewalls, etc. are designed to
‘police’ email traffic in this way. As
threats have increased in sophistication
however, the need for more proactive
technologies has arisen. This has involved
being able to identify compromised
elements in email such as compromised
URLs or weaponised attachments.
URL rewriting and sandboxing are some
of the mainstay technologies used to
prevent these attacks. CIOs also need
to consider technologies that allow the
business to continue working should
something go wrong.
This means building continuity services
into the strategy and ensuring end
users keep on working in the event of an
attack. Finally, the ability to recover and
restore their environment to a previously
safe state is critical in a world where
threats are rapidly evolving.
Ultimately there is no silver bullet
solution that will address the needs of a
comprehensive security strategy. Every
aspect of the email journey must be
considered and relevant technologies
need to be deployed both in the cloud
and on the network to ensure a robust
cyber-resilient organisation. n
INTELLIGENTCIO
79