In research released recently, Proofpoint revealed 82 percent of boards are concerned with email fraud and more than half (59%) consider it a top security risk—no longer just an IT issue. Yet almost a third (30%) of respondents cited a lack of executive support as a key challenge to email fraud protection deployment. Eyal Benishti, CEO & Founder at IRONSCALES commented below.
Eyal Benishti, CEO & Founder at IRONSCALES:
“Perhaps the only thing surprising from this study is that people are being fired for falling for a bogus message delivered to their inbox. That’s akin to firing an engineer due to a power outage from a lightning strike! Could the outage have been prevented – probably. Could the lightning strike be stopped – no way. The same is true for employees filtering their emails. Should they realise a message is a scam, possibly. Could they take aversive action instead, probably. Are they negligent for clicking a message delivered to their inbox, certainly not.
“The sad reality is that organisations are failing to prevent malicious messages being delivered to end users with alarming frequency – and that is where culpability lies. We all know that traditional email security tools, that focus on the gateway, are inadequate to detect the legitimate from illegitimate emails that appear to originate from a trusted source. To then blame employees is not just unfair, but also immoral.
“Today’s sophisticated attacks nullify traditional email security – such as firewalls and secure email gateways (SEGs), which have not kept pace with the rapid advances in hacking and phishing strategies, including advanced persistent threats (APTs), business email compromise (BEC), ransomware, and other types of file-less attacks in which there is no malicious payload. Instead of continuing to do what we know doesn’t work, it’s time to change focus and move detection down to the inbox.
“Taking a bottom-up approach, using machine learning algorithms and deep scans in the mailbox itself, organisations can detect phishing attacks that make it through SEG’s. By examining user communications and meta data to establish a baseline, anomalies in communications are easily spotted and automatically flagged as suspicious, to help people make smarter and quick decisions regarding emails within the mailbox. This must be supported with a mechanism for employees that do spot something amiss in a message to report their findings via inmail alerts combined with the ability for the security team to remove confirmed malicious messages from mailboxes enterprise-wide. This stance not only gives employees the necessary intelligence to detect bogus messages, but helps all parties defend the organisation from the most prevalent attack vector.”
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
