December 2017: With 90% of all cyber attacks originating from email, it’s time for your organization to step up its email security game. The latest spam filters alone aren’t enough protection. Today’s most dangerous threats come from spear phishing scams that circumvent filters.
The best next-generation email security is smart — literally. It goes beyond incremental improvements by incorporating machine learning and artificial intelligence (AI) technologies. Here’s an overview of email security responsibilities, incremental improvements, and how new tech can give you the upper hand:
Email security responsibilities
- Your organization is responsible for its own email security. Microsoft, Google, and other email platforms are primarily in the business of delivering email, not making sure the email you get is the email you want. While they continue to improve spam-filtering solutions, those solutions aren’t enough.
- Your employees are your first line of defense. Regardless of the type of email security you’re using, security awareness training for every employee that uses email (that’s all of them) reduces the likelihood your organization will be breached.
- You need secure email even if you use other communication channels. Email won’t be replaced by a panacea for communications solution anytime soon despite the growth of collaborative platforms and chat — it’s too ingrained in our business culture. The sooner you improve what you’re already doing, the better.
Incremental improvements to current technologies
Advancements in email security will help protect your organization now, so it’s a good idea to add them now. Improvements to anti-spam, anti-malware, anti-spoofing, sandboxing, and data loss prevention (DLP) all help, especially when layered, and may include:
- Real-time scanning
- Continual threat updates
- Attachment sandboxing with deep learning analysis
- Click protection
- Heuristic anti-malware tools
- Automatic encryption
Solutions from companies like Sophos are usually better at stopping ransomware and other malware than low-cost or free spam filtering alternatives. However, these solutions are still based on the decades-old filter approach and even updated versions don’t fully address the worst current threats.
Next-generation email security
The best enhanced email security solutions are those that protect against sophisticated attacks by using pattern recognition, machine learning or artificial intelligence (AI).
Rather than relying on rules around keywords or attachments to quarantine potential threats, these enhanced solutions learn what’s normal for each of your employees. Then, based on employee profiles, the software analyzes each new email to determine if it might be a threat. If something about the email is out of the ordinary, it’s quarantined until it can be reviewed.
For example, if one of your employees is sent an email regarding a transaction that looks just like the other emails he’s received about that transaction, it will likely make it through spam filters and your employee will respond. On the other hand, if you have email security with AI functionality, the system will have learned that emails regarding this transaction are sourced from Ohio and not Bulgaria. So the email gets quarantined before it makes it to your employee.
This ability to learn what’s normal is important because so many of today’s threats do a great job masquerading as authentic and do not contain a virus or payload. Instead, they are targeted social-engineering scams that can include masterfully crafted spoofs, malicious links, and other new techniques that successfully trick employees into sharing sensitive information. Machine-learning software with advanced anomaly detection has a much better chance of stopping these kinds of attacks than filter-based email security solutions.
To date, machine learning and AI in the tech space have been used mostly in academics and by data analysts, statisticians and marketing firms. Now, companies like Mimecast are going all in on the technology and Symantec, Google, and others are using it incrementally as well. Per mailbox fees are reasonable for most organizations — usually less than $10 a month — which Leapfrog believes is a worthwhile investment.
Technologies around enormous business concerns like enhanced email security are in a constant state of flux, improving as new technologies prove effective and adapting as new threats emerge. Leapfrog helps clients take regular, sustained, incremental steps to improve their email security and cybersecurity posture overall — we want to raise our clients’ cyber walls a little higher so they’re less likely to become victims of cybercrime. If you think your organization could benefit from this approach as well as a strategic IT roadmap that focuses on balancing productivity and security, please contact us.
If you liked this post, don’t forget to subscribe to FrogTalk, our monthly newsletter.