Organisations remain vulnerable to advanced phishing attacks, human error and data exfiltration, according to Egress’ Email Security Risk report. A majority (93%) of the cybersecurity leaders who were surveyed for this report stated their organisation had suffered an email security incident in the last 12 months, while 99% of cybersecurity leaders admitted to being stressed about email security.
Further research from the adaptive cloud email security company highlights that organisations remain highly vulnerable to outbound security risks. The 500 cybersecurity leaders who were independently surveyed for the report revealed their organisations remain vulnerable to outbound data loss and exfiltration by employees. They also shared that they are reliant on legacy approaches to preventing these incidents, depending on static email data loss prevention (DLP) and retrospectively inspecting audit logs to alert them to incidents that have already happened.
In its Email Threat Landscape 2024 report, outbound email is a source of breaches for almost every organisation – 91% of the surveyed cybersecurity leaders stated their organisation had experienced security incidents caused by outbound email data loss within Microsoft 365 in the last 12 months. Overall, these incidents were a result of employees breaking the rules or making mistakes while simply trying to get their jobs done, with the top three causes:
- Exfiltrating data for work purposes, such as sending data to personal accounts
- Accidentally sending emails and files to an incorrect recipient
- Exfiltrating data for personal gain, for example taking data to a new job
Every organisation that had its internal information barriers breached experienced disruption and damage. Over half (58%) had to cease operations while incidents were investigated, impacting organisational efficiency and the bottom line. In 49% of organisations, client relationships were damaged from breached confidentiality, and just under one-quarter (22%) lost customers.
Phishing threats of the future
Phishing continues to evolve as cybercriminals work to further automate and improve their tactics. Nearly three-quarters (72%) of surveyed cybersecurity leaders said they were concerned about the use of AI to craft better phishing emails and campaigns. There’s potential for AI-powered chatbots to rapidly produce an increased volume of highly convincing phishing emails and for deep fake technology to add video and voice capabilities that can be used in combination with text-based phishing and as part of vishing attacks.
Daniel Hofmann, CEO, Hornetsecurity
The stark reality is that email, the primary channel for business communication, is also a hotbed for sophisticated cyberthreats. To minimise risk and alleviate stress, scrupulous security hygiene must be in place.
As Hornetsecurity has observed, malicious web links in emails have surged from 12.5% to 30.5% of all threats within the last year, confirming an escalating threat landscape. Phishing remains the main method of attack, now accounting for 43.3% of incidents. There has never been a more important time to implement a robust email security strategy, incorporating next-gen technology to protect against known and evolving attacks, be they in the form of ransomware, viruses, spear-phishing or zero-day attacks.
Enabling Multi-Factor Authentication (MFA) is another important step in enhancing defence, acting as an additional security layer to traditional passwords by introducing a compulsory second verification. While not 100% fool-proof, this approach can significantly reduce the risk of unauthorised access to email and other sensitive data, even in the event of compromised credentials. However, this is just a small part of a comprehensive strategy.
The adoption of Generative AI has had a seismic impact on the industry. While it provides organisations with advanced detection and response capabilities, it also presents alarming new opportunities for exploitation by cybercriminals. Hornetsecurity has been using AI-powered email filtering technology for a number or years to identify and block incipient, sophisticated or as yet unknown threats – and is part of the company’s commitment to continually adapt to the dynamic threat environment.
One particularly concerning application of AI by threat actors is the rise of Dark Web variants of Large Language Models (LLMs), such as WormGPT. The technology automates threats both rapidly and with worrying authenticity, and crucially, exposes people without existing security awareness skills to great risk. Large-scale phishing scams can now be conducted by novice criminals in a targeted way, and LLMs can instantly translate texts to reach more international markets.
The rapid evolution of malicious AI attacks, including variants that automate and increase the sophistication of cyberattacks, requires a multi-faceted approach to company security encompassing both technical and human factors. The World Economic Forum identified that 95% of all cybersecurity incidents are caused by human error. Regular cybersecurity training is essential to empower employees to identify and mitigate potential threats – such as Hornetsecurity’s Security Awareness Service, which includes phishing simulations. A Zero Trust mentality must be in place, where everyone in the organisation scrutinises each email. Addressing the human element acts as a critical line of defence and helps convert an organisation’s weakest link into an ally in the battle against cyberattacks.
Lastly, proactivity is key for peace of mind. Far too many companies take action only after falling victim to an attack, where they learn about vulnerabilities once they’ve been exploited.
Tony Zabaneh, Manager, Systems Engineering – South Middle East, Fortinet
Email remains one of the biggest cybersecurity threats to businesses of all sizes. Organisations now have more connections to their networks, with users accessing resources and systems from new devices and disparate locations. They also have more web applications, money stored in more online sites, social media accounts and new machines to secure, like Internet-of-Things (IoT) devices. Email security best practices for employees can help stop email-borne threats, prevent the latest attack vectors and reduce pressure on organisations’ already overburdened IT teams.
Train your staff in cybersecurity awareness
Employees are an organisation’s first line of defence against email-borne cyberattacks. Cybersecurity awareness training helps employees know the threats they face, which reduces an organization’s cyber risks and increases the chances of keeping their data secure. Make sure employees understand how to spot potential signs of an attack and the consequences of not following email security best practices.
Use Two-Factor Authentication (2FA)
Relying on passwords alone is not enough in the modern cyberthreat landscape. Users should harden their email accounts using 2FA or Multi-Factor Authentication (MFA), which adds an extra layer of security. This could be a variety of methods, such as entering a one-time code sent to their smartphone, a one-time password (OTP) sent via SMS, or using an authenticator app that displays a unique code or biometric verification like their fingerprint.
Better manage passwords
Organisations should ensure that all employees use a unique password for each account and change their passwords regularly. Deploying password management software also helps, as users no longer have to worry about remembering long, complex passwords to access their accounts.
Beware of phishing emails
Phishing attacks are one of the biggest security threats businesses face. Organisations can prevent these attacks by combining email security best practices and employee training with technology. This includes firewalls, Secure Email Gateways (SEG), sandboxing and Uniform Resource Locator (URL) threat defence technologies that scan for malicious links, content and attachments. Employee training also increases phishing awareness, as users learn to recognise what phishing emails look like and how to avoid them.
Encrypt email
Email encryption ensures that emails are only received and read by the person they were intended for. It also gives email senders more control, including revoking access to messages sent to the wrong person and seeing when emails are opened and who sent them.
Prevent data leaks and breaches
The main goal of email security best practices is to prevent breaches and data leaks. Employees should also avoid other security risks, such as using public or open Wi-Fi networks, and take advantage of tools like Virtual Private Networks (VPNs) that encrypt their browsing sessions.
Implement strong email defences
All of these security best practices are backed by strong email defences. This includes deploying firewalls and SEGs to protect employees from malware and phishing emails and securing organisations’ email networks from harmful or malicious content. By taking a proactive stance towards email security and implementing comprehensive measures tailored to their specific needs, organisations can minimise risks, alleviate stress and ensure the confidentiality and integrity of their communications.
Walid Issa, Head of Technical Solution Organization, NetApp, Middle East & Africa
Email security is crucial for protecting sensitive information, preventing data breaches and safeguarding against cyberthreats. It involves implementing measures to protect email communication from unauthorised access, interception, tampering and exploitation. To secure email effectively, organisations must adopt a multi-layered approach that includes different components, functions and tools.
From a data perspective, building the best data security defence is critical. The impact of potential data loss or corruption, which email is a part of, combined with a dramatic rise in cyberthreats and ransomware attacks, puts this competitive engine at risk.
The challenges from this have become even tougher as data normally spans both on-premises and multiple cloud environments. This complexity means that we need to have the technology to protect data from failure, loss, error and attack along the way. Therefore, organisations must ensure to keep their data secure across hybrid or multi-cloud environments, so their IT is truly cyber-resilient.
In this case, data protection shouldn’t simply be an add-on to an organisation’s infrastructure – it should be a key foundation to protect and manage data. Therefore, organisations should have solutions to address the full range of cybersecurity threats to help make sure data protection is done right.
To start with, organisations should have a backup and restore solution to ensure a fast and full recovery of information from unplanned events. In parallel, they should have Business Continuity and Disaster Recovery solutions to help them ensure the availability of their data to avoid disruptions to their business.
In addition, they should consider the cloud and therefore have a cloud Disaster Recovery approach to boost their resilience to guard against disasters to minimise data loss and eliminate disruptions that may be caused by unplanned outages. On top of this, they should have an ‘always-on’ privacy and compliance controls to help them identify where and what kind of data they store so they can better comply with data privacy and governance standards.
Click below to share this article
