FEATURE
compliance and new legislations being
introduced worldwide.
As a foundational step toward achieving
this goal, organisations should:
• Identify the key players in their third-
party ecosystem and understand
what those third parties deliver
• Develop a flexible security
architecture that can be shared with
and deployed across the variety of
third parties in that ecosystem
• Assess whether those third parties
are operating within the tolerance
levels set by the organisation’s
security architecture
• Be alert to new security risks that
the ecosystem may present as
digitisation increases
JO: Most organisations lack both
sufficient security controls and end-
user education when it comes to
identifying and stopping the latest
email-borne threats. Combine this
with the loss of control and change of
working practices as we all move to
cloud and the scale of problems starts
to become unmanageable.
The top priority for any business in
today’s volatile threat landscape is to
plan, develop and implement a cyber-
resilience strategy for email. This will
ensure businesses are prepared in
the event of a cyberattack or breach,
providing comprehensive security
controls before, continuity during and
automated recovery afterwards.
A defence-only security strategy alone
is not designed to protect organisations
and will lead to consequences like
intellectual property loss, unplanned
downtime, decreased productivity and
increased vulnerabilities. In the event of
a successful breach, organisations need
to be able avoid business disruption
and recover their data. Email can be
forced offline, either by a cyberattack
or purposely by IT to contain the threat
or manage the situation and this could
disrupt the flow of email.
Organisations should therefore ha