2016 was a year of increasing email security risks for businesses. Phishing is still a common threat, but it took a backseat to email cybercrime, including ransomware, impersonation, and whaling.
The 2016 Mimecast Business Email Threat Report found that among IT leadership:
- 83% think email is one of the most common sources of attack.
- 64% believe email attacks pose a high or extremely high threat to their organization.
- 65% don’t feel fully equipped and up-to-date to "cope with" email risks
But do perceived threats match up with actual threats?
Are organizations even using the right tools and mindset when it comes to email security?
In this blog, you'll learn the answers to these questions—along with 5 data-driven pieces of advice for protecting your organization from threats.
5 Business Email Security Tips
1. Anticipate Human Error
Spam filters are certainly not enough to protect your company from all the different types of email risks. In many cases, email attacks are the result of human error. An individual makes the decision to follow a malicious link, which in turn releases information to the wrong person, or results in loss of data.
While training is important, it is also wise to use security technologies with policy-based administration to prevent errors in cases that fit risk profiles. Examples of technical safeguards that may prevent your employees from inadvertently releasing sensitive information include:
- No auto-fill of email addresses on external domains
- Automatic encryption of sensitive messages
- Pop-up warnings
- Auto-forwarding of flagged messages
- Filtering (or Sandbox) Email Attachments
For additional insight, we recommend reading 13 Data-Driven Security Measures to Thwart Insider Abuse and Human Error.
2. Create an Information Retention Policy
Information retention requirements regarding email can vary. Most likely, your organization's specific requirements include federal, state, and potentially industry-based requirements. Ultimately, your information retention policy will vary significantly, and we recommend developing the specifics with the help of qualified legal counsel.
While it may be wise to exceed PCI requirements for information security, it's also important to examine your information retention policy against factors like cost management, increased efficiency, and regulatory controls. In an ISACA presentation, security consultant James Baird advised organizations to balance legal requirements of information retention with disposal of legacy information "as soon as possible to reduce risk."
3. Train Everyone—Especially Walking Targets
Any time your employees receive a suspicious email request, train them to perform basic verification activities on the following aspects:
- Domain name
- Website address
- Sender's name
Minor typos in the name or sending domain of an individual associated with your organization may be a sign of whaling, phishing, or another form of attack. An individual within an organization may be a "walking target" to cybercrime collectives based on his/her organizational role.
Individuals with access to sensitive employee data, protected customer information, cardholder data, or finances, may be more likely to be targeted by criminals.
4. Stand Ready for the Future
McAfee's 2017 security prediction report Hard-to-Solve Security Challenges stated the possibility of:
- Business email compromise (BEC) scams dupe decision makers into money transfers
- Spear-phishing as a gateway for APT for long-term espionage or data theft
- Increased targeting of "physical devices" such as mobile, workstations, and point-of-sale
- More malware via fake advertisements and other emerging methods
While it remains to be seen whether 2017 information security patterns will follow these or other expert predictions, most have the concept of email in common.
Regardless of how next year's security trends unfold, information security professionals should prepare for highly-sophisticated, email-based attacks.
5. Use File Integrity Monitoring
Chances are high that your organization may be subject to ransomware, phishing, or a whaling attempt within the next year. While you can provide employees with training, knowledge, and testing, there's no guarantee a malicious link will not be clicked at some point.
File integrity monitoring enables security admins to understand when negative changes are being made to critical system files that can indicate unauthorized access to the company's network. With a sophisticated solution for enterprise security like CimTrak, you can stand prepared for increasingly sophisticated attacks involving impersonation, smarter ransomware, and advanced phishing.
CimTrak Enables Fast Response to Email Security Threats
CimTrak is the only FIM solution that allows security administrators to reverse negative changes in real time, allowing you to retain your compliance and data integrity even if you're faced with an advanced ransomware threat.
Facing increasingly sophisticated email threats in the year to come, IT security leaders should take a broad approach to protection. By focusing on training, awareness, compliance, and smarter technology, businesses of all sizes can achieve enjoy effective protection.
January 31, 2017