This post was originally published on this site
With contributions from Jamal “Jay” Bethea, Cisco Secure Email Product Marketing Manager
Think email security is not complicated; think again. Not only is email the #1 attack vector, but regulatory compliance requirements across sectors make it difficult to know which data protection laws are for your industry. Now mix in architectural changes that support cloud productivity suites like Microsoft 365 and Google’s G-Suite to accelerate your business to cloud-based email security services.
Remote work has magnified the threats users and businesses face online daily. When it comes to safeguarding email against today’s advanced threats like phishing and malware information is power. We are giving you a sneak peek into our recommendations for email security based on 2021 trends that will be out later this year.
Here is a brief review of the 2021 Email Security Recommendations:
- Spam and Unwanted Email Detection: For most organizations, spam & unwanted email volumes are running in the low 80% of their entire email volume. Straight away, the significant difference to the volumes of email is that your downstream security engines are maximizing your connection filtering catch rates using technologies such as IP Reputation and even better domain reputation. Also, in this area are the inbound DMARC and manage quarantined email controls.
- BEC & Advanced Phishing Control: A crucial area for any email security solution, the effective capability can differ significantly between different solutions, and even then, some organizations might need more 3rd party solutions if attacks continue. Traditional technologies here work by detecting the known malicious email, attempted spoofing attempts, and so on. However, the use of emerging technologies has exploded, given the growth of AI-driven capabilities to identify good to malicious emails.
- Email Attachments: One of two main methods to penetrate security defenses with malicious content by email. Cloud sandboxing and signature-driven malware scanners can aid in detecting known or unknown malware. An added safeguard to malware detection, organizations also choose to unpack password-protected files and disarm embedded URL links in PDF files or macros in office documents.
- Embedded URLs: The second method for malicious content to enter an organization can go unaddressed in some cloud-based productivity suites. Vendors will re-write embedded URLs, so when a user clicks on the URL, it is scanned to analyze the potential threat. In addition, emerging detection technologies like cloud sandboxing can be effectively used in this area while also minimizing email delays.
- Internal Email Scanning: Account Take Over (ATO) is a new threat to organizations. ATOs have targeted organizations that adopt cloud productivity suites. You should prioritize and consult with your email security vendor to confirm coverage and available support. Organizations should consider multi-factor authentication across their email security clients such as Outlook.
- User Awareness Training: Training. Training. In many ways, the buck stops with anyone who clicks, opens, or reads an email. End-user security awareness equips organizations with curriculums and immersive testing from phishing simulations. If users become high-risk, email administrators can apply a more stringent scanning profile.
- External Domain Protection: Ensure you or authorized 3rd party vendors’ email reaches its destination with DMARC controls to authenticate emails. The other significant advantage here is the ability to identify any unauthorized servers sending an email using your domains, like a phishing campaign using your organization’s brand to inflict collateral damage to your reputation.
- Bi-directional SecOps Integration: Organizations are exporting email log data into centralized SIEMS for analysis. They should also assess their SecOps automation and orchestration platforms and how they integrate back into your email platform. That way, the platforms can apply remediation or update protection policies without waiting for a console user to do it manually.
Everyone is vulnerable to malicious attacks like ransomware so your assessment should not start and stop with our recommendations. Cisco Secure Email can simplify your email security management and protect against email-borne threats no matter the volume or complexity.
Learn more about how Cisco Secure Email provides the best protection for your email against cyber threats.