Why are we still talking about email security?

By : Krishna Anindyo | Thursday, February 27 2020 - 14:08 IWST

CloudGuard SaaS (Images by Check Point Software)
CloudGuard SaaS (Images by Check Point Software)

INDUSTRY.co.id - It was 1971 when Roy Tomlinson sent the first email across a network. Almost 40 years ago, he used the sign for the first time to denote a separation between the recipient’s name and their machine name when he sent his message.

Since then, with the rapid adoption of the internet and then the mobile internet, the email security market matured as enterprises understood that accessing proprietary information via the network exposed them to cyber security risks.

It might therefore seem surprising that almost 40 years since the world’s first networked electronic mail was sent, Verizon’s 2019 Data Breach Investigations Report called out phishing as the main cyber security threat facing enterprises in the digital world.

Gartner’s findings support this - in their Fighting Phishing Report, they found that 90% of cyber threats against enterprises start with email, making email the attack threat vector against enterprises. That’s right, phishing has been identified as one of the main mechanisms used to execute the delivery phase of the attack kill chain.

Enterprise email security is a mature market, which poses the obvious question of why cyber criminals are still using emails as an attack vector, and how it’s possible in a mature market for these schemes to reach such a high success rate. Are email security solutions ineffective, or are the adversaries just very smart at circumventing email security controls?

Recent years have seen a rapid shift to cloud based email providers – whether that’s moving existing office suite capabilities to the equivalent cloud based office suites (think an on-prem Microsoft Office and Exchange moving to Office 365), or new organizations starting with a cloud installation.

Private end users don’t spend any time worrying about the risks involved in relying on the default security built into cloud email providers but there are inherent vulnerabilities in cloud office suite solutions which could keep any CISO up at night.

And what of the small to medium sized organisations who don’t have a CISO or security team, but leave email security to the IT administrator?

Are the IT managers giving a thought to the risks posed to the organisation once their email and file storage are both moved to the cloud? Multi factor log-ins won’t defend their end users from the phishing schemes which are seeing so much success that cyber criminals are continually increasing their phishing efforts.

The risks to organisations who move their office suites to the cloud are partially addressed by CASB solutions, but these don’t address the dangers associated with mailboxes in the cloud.

So what’s a cloud native organisation to do? How can you make sure that you don’t fall victim to the ‘clickbait’ which is responsible for 90% of enterprise breaches? As the new decade dawns, IT managers and CISOs have an array of email security options to choose from, but picking the right one can be a daunting prospect.

 

 

News Comment

Today's Industry

Photo: Aris Nurjani/VOI

Rabu, 28 Februari 2024 - 12:47 WIB

Carsurin and NBRI Strengthen Strategic Alliance to Propel Indonesia’s EV Industry

PT Carsurin Tbk ("Carsurin") and the National Battery Research Institute ("NBRI") are pleased to announce the signing of a pivotal Strategic Alliance Agreement (SAA), marking a significant advancement…

Beras (Foto/Rizki Meirino)

Rabu, 21 Februari 2024 - 08:43 WIB

Gov’t to Continue Disbursing Rice Assistance

President Joko “Jokowi” Widodo has ensured that the Government will continue rolling out the rice assistance program for low-income families. The President made the statement when handing…

Ilustrasi pabrik beras. (Foto: DetikFood)

Rabu, 21 Februari 2024 - 08:40 WIB

Bapanas Head Ensures Availability of Rice Stock Ahead of Ramadan

The National Food Agency (Bapanas) has ensured the availability of rice for the fasting month of Ramadan and Eid al-Fitr 1445 Hijri/2024 CE. “We believe that there is enough rice for the fasting…

Receives Chairman of Jababeka (KIJA), Menpora Dito Ready to Support the Development of Sports SEZs

Rabu, 21 Februari 2024 - 08:23 WIB

Receives Chairman of Jababeka (KIJA), Menpora Dito Ready to Support the Development of Sports SEZs

Chairman of PT Jababeka Tbk (KIJA), Setyono Djuandi Darmono met the Minister of Youth and Sports of the Republic of Indonesia (Menpora RI) Dito Ariotedjo at the Kemenpora RI Office, Senayan,…

The Indonesian Embassy in Cairo Receives Aid for Palestine

Senin, 19 Februari 2024 - 17:39 WIB

The Indonesian Embassy in Cairo Receives Aid for Palestine

The Indonesian Embassy in Cairo welcomes the Radjiman Wedyodiningrat Warship (RJW-992) which arrived at the Al Arish Port, North Sinai Province of Egypt at 8.00 A.M. Cairo local time (13/02).…