With an increase in sophisticated cyberattacks against its network a leading UAE law firm realised it was time to take action. As a result, Fichte & Co. implemented Mimecast Secure Email Gateway with Targeted Threat Protection, which the company’s CIO Matthew James Peet describes as: ‘like an invisibility cloak, it is so effective.’
When Fichte & Co. – one of the leading law firms in the UAE – saw in increase in sophisticated and tailored phishing attacks against its network it was obvious action was needed.
While Fichte & Co. had an anti-spam/anti-virus solution in place to combat email-borne attacks, its threat protection capabilities were thin, with multiple threats entering its network each week.
With the barrage leading to staff fatigue, and staff losing confidence in email as a communications tool, Managing Partner Jasamin Fichte knew she had to act quickly.
Fichte consulted with CIO Matthew James Peet, who recommended that the firm implement a new email security management solution focused primarily on targeted threat protection.
Based on past experience with several vendors and after detailed analysis, Peet concluded that Mimecast was the best fit for Fichte & Co., for its technological capabilities as well as its flexibility and support.
Within 48 hours of Fichte & Co. signing on with Mimecast, an engineer was onsite in Dubai implementing Mimecast’s Secure Email Gateway with Targeted Threat Prevention solution.
Within a few hours the solution was up and running, protecting the firm from email-borne threats such as spearphishing, ransomware, impersonation emails and more. With Mimecast in place, CIO Peet reports that the number of threats making it through to Fichte & Co. email users has been reduced by 94%.
Mimecast now blocks 60% of inbound email at the gateway. In one recent month, Mimecast stopped users from accessing multiple malicious URLs and from receiving multiple emails with malicious attachments that required sandboxing to catch.
Mimecast’s engineer tuned the system’s settings so that the false positive rate is essentially zero, ensuring no valid emails are lost, for UAE court compliance. Peet says he has been impressed by Mimecast’s ability to strike the right balance between security and compliance and to keep up with new types of threats as they appear in the wild.
In a year when Peet’s team undertook several large IT projects, he notes that Mimecast is the project staff members stop him in the hall to thank him for.
“Our staff have seen a huge decrease not just in phishing emails, but also spam,” Peet says. “They can now easily find things in their email and are much more productive than they were before. Mimecast has had a huge impact on our daily work.”
Intelligent CIO spoke to Peet to find out more about the solution.
Before the Mimecast solution was implemented what sort of threats were entering your network?
Virus attachments and phishing URL Links were the two main categories, but there is a long tail of other types.
What was the impact of these attacks on the peace of mind of staff?
Staff always had to be on high alert for suspicious emails, which they needed to then forward to IT.
This meant they were often fatigued due to the overall volume of email and the diligence with which they had to review their emails.
Do you know of any reason why you suffered an increase in sophisticated phishing attacks last year?
When we hosted events that resulted in increased publicity and PR, we often saw a spike in Incidents. We had one incident (that was correctly flagged to IT, by the recipient) that specifically mentioned the recipient’s recent attendance at a conference and the topic they spoke on. It was from a customised domain. This was a very sophisticated, one-to-one attack, where the hacker used the publicity from that conference to create an authentic looking mail. This just goes to show that criminals are continuing to develop in their sophistication.
Have you been impressed with how the system keeps up with new types of threats?
Yes. Mimecast claims to have a 100% Protection SLA for Virus, and I can see that effect. I have also noticed how they constantly improve their spam filtering as they learn your habits, in order to continually reduce spam. This has removed a lot of ‘grey’ marketing emails. With their reports on high level threats I am confident they are on top of the latest CVE developments.
How has the system allowed staff to become more productive?
Focus is vastly underestimated in today’s work environment where staff are asked to multi-task and clients expect fast responses. Distractions with ‘sales’ emails, that are split tested to improve their ability to catch a person’s attention, need to be kept to a minimum. In a competitive market, if your business is a tertiary industry (where degree education level is required), your staff have to deliver a high level of diligence regarding their tasks. And that includes your IT staff who have to respond to these threats. They need the environment to be able to respond effectively when suspected high level threats are reported.
Do you think enterprises underestimate the threat posed by emails?
Yes. There is an increased ability and willingness to craft spear phishing and whaling attacks. I still remain slightly in awe of the live hack delivered by Mimecast at their booth at GITEX, where they demonstrated the simplicity of crafting these sophisticated email attacks. I learnt somewhere, that as humans we have strong tendencies to overlook negative outcomes and we can be slow to act when high capacity work (mental or physical) is required. We need to think carefully about our internal biases and look to continuously improve. Listen to your staff. Go and see the issues they are reporting and act.
Why did you decide to choose a solution from Mimecast?
Support. Mimecast staff are able to quickly understand any issues we report to them and respond correctly the first time to most of them and there is also the clarity of the user console for our IT staff. It ensures we can complete simple tasks quickly and provides reports that demonstrate ROI. When something in IT is working so well, it often becomes invisible. Mimecast feels a bit like an invisibility cloak, it is so effective.