Security Market Segment LS
Friday, 30 August 2019 00:26

Email security architecture vulnerability to cybercriminals attacks needs reassessment Featured

By

Email remains one of the key attack vectors used by cybercriminals, leaving many organisations hugely vulnerable because they don’t have adequate protection in place, according to software company Wavelink, a distributor for security vendor Fortinet

And the latest industry data shows that 94% of malware was delivered by email, demonstrating what Wavelink says is the crucial importance of securing this business-critical function.

In fact, email scams cost Australian businesses more than $60 million in 2018 according to Scamwatch.

Ilan Rubin, managing director, Wavelink, said, “These attacks are both sophisticated and hard to detect, as they rely to a large extent on human error. The more protections organisations can put in place to secure email, the less likely they will be to fall victim to email-related cyberattacks.”

According to Wavelink moving to the cloud has delivered significant agility, flexibility, and financial benefits for organisations but it can also create risk if not properly secured.

The company says email has been caught up in the move to cloud, which makes sense considering the high storage requirements and relative maturity of email – however, this means that, sometimes, email security is getting lost in the shuffle.

Wavelink says organisations need to reassess their email security architecture, with key areas that need to be addressed including:

  • Attachment-based advanced threats: in these threats, users are tricked into clicking onto an attachment such as a fake invoice. Once launched, the attachment delivers malware into the network. Businesses require solutions that offer network sandboxing, and content disarm and reconstruction services.
  • URL-based threats: users are tricked into clicking onto a link that takes them to a spoof website where they’re told to enter their credentials. Once they do that, the cybercriminals have their username and password, which they can then use to access further parts of the network or essential accounts such as business banking or other mission-critical applications. Businesses need URL rewriting and time-of-click analysis, and web isolation services
  • Social engineering threats: cybercriminals are becoming increasingly good at impersonating colleagues and managers, instructing staff members to do things like purchase iTunes gift cards, change the payment details for key invoices, or transfer large sums of money to other accounts. Because the email seems so authentic, users often fall for them. To avoid this, businesses can benefit from display name spoof detection, domain-based message authentication, reporting and conformance on inbound email, lookalike domain detection, and anomaly detection.

“Organisations shouldn’t necessarily avoid moving their email infrastructure to the cloud. Instead, they just need to ensure that they’ve put the right protections in place to avoid falling victim to these scams and hacks,” said Rubin.

“It’s important to note that protecting against cyberthreats involves creating a series of rules that will need to be fine-tuned; and as a result users may notice some effects on performance. However, this is the price that organisations need to pay to avoid letting the cybercriminals win. It’s a constant battle in which some false positives are far preferable to the alternative, which is a data breach or compromised system.”

BUSINESS WORKS BETTER WITH WINDOWS 1O. MAKE THE SHIFT

You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer

Timezones

QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.

REGISTER!

ADVERTISE ON ITWIRE NEWS SITE & NEWSLETTER

iTWire can help you promote your company, services, and products.

Get more LEADS & MORE SALES

Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]

OR CLICK HERE!

Peter Dinham

Peter Dinham is a co-founder of iTWire and a 35-year veteran journalist and corporate communications consultant. He has worked as a journalist in all forms of media – newspapers/magazines, radio, television, press agency and now, online – including with the Canberra Times, The Examiner (Tasmania), the ABC and AAP-Reuters. As a freelance journalist he also had articles published in Australian and overseas magazines. He worked in the corporate communications/public relations sector, in-house with an airline, and as a senior executive in Australia of the world’s largest communications consultancy, Burson-Marsteller. He also ran his own communications consultancy and was a co-founder in Australia of the global photographic agency, the Image Bank (now Getty Images).

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments