By many experts’ estimates, security teams spend close to 25 percent of their time dealing with phishing attacks. When phishing threat actors are becoming more active and sophisticated, and security teams are overloaded and overwhelmed, comprehensive email security is no longer an option. It’s a strategic necessity.
Choosing an email security solution may be one of the most important tasks confronting enterprise security leaders. Yet, it may also be among the most challenging to get right. A few guidelines can help inform sound choices when evaluating the many available options.
Prioritize Core Capabilities
Fundamental capabilities of email security – many of which seem obvious – include protections against spam, malware, malicious links, and business email compromise (BEC). Also critical are, of course, encryption, data loss protection (DLP), DMARC services, and phishing-awareness training. Can you find a vendor or solution that offers all of these via services that are operationally feasible and user-friendly?
Many enterprises opt for a secure email gateway (SEG) for monitoring sent and received emails. The SEG may be cloud-based or on-premises as a device or virtual appliance equipped with software designed to identify and filter unwanted communications.
There are pros and cons to this option. For top-rated SEGs, pros include spam filtering, malware, phishing protection, reporting, and admin controls. Among the cons are cost and complexity, and the inability to foil clever threat actors. For example, SEGs can’t block spoofed emails or URLs, a favored tactic that phishing threat actors use to steal credentials, launch malware, and more. Nor can SEGs reliably counter BEC. Also, because SEGs sample from ongoing attacks, they aren’t updated fast enough to consistently capture modern phishing attacks. These begin and end quickly, sometimes within hours.
Understand Email Threats
The number-one email threat is phishing, traditionally employing corrupt attachments, URLs that – when clicked – route to malware-laden sites, and other types of come-ons that lure recipients through urgency or scare tactics to reveal sensitive information. Advanced email threats are effective because they’re far harder to detect and prevent. Their architects know what SEGs can and can’t do.
For example, attackers will use compromised Microsoft Office 365 accounts to send convincing “update required” messages. They’ll spoof banking websites and shopping sites in a portal presented in an email message. These are often near-exact duplicates of the real thing and are very hard to spot. Cloud filesharing also is abused by phishing threat actors. Among the ploys: Recipients are advised via email that a document requires immediate review and attention. This tactic has stumped even the experts.
Augment or Replace System-Based Email Security
For enterprises using cloud email and its built-in security as a first line of defense, it’s important to carefully assess whether it’s reliably blocking threats. Consider tools that can fact-check and validate vendor claims, as well as their solution’s performance when in use.
In choosing an email security solution, and whether to augment or replace existing security, evaluate the benefits essential to the integrity of essential systems and operations. These may include scalability, operational simplicity, customer support, and security awareness offerings.
An effective email security solution is comprehensive, reliable, and uncomplicated. It helps businesses marshal every available resource to fight email threats such as phishing. It consistently blocks emerging email threats and quarantines them automatically. It affords user tools that enable and simplify reporting of suspected phish. It helps businesses enlist employees as the last line of defense against email threats.
A comprehensive solution starts with advanced technology. It then layers that intelligence with human users conditioned to respond as sensors spotting and reporting the malicious emails that SEGs miss.
Contact us to find out how Cofense can help with choosing an email security solution that does everything your enterprise requires.