Think email security is not complicated? Think again. Not only is email the #1 attack vector, but continually evolving regulatory compliance requirements and the drive to cloud productivity suites like Microsoft 365 and Google’s G-Suite just adds to the challenge.
How do you keep up, how do you take a step back to consider your current email security solution for not only how it is protecting your organization but also what it is like to work with everyday and how it integrates into the rest of your security infrastructure?
When it comes to safeguarding email against today’s advanced threats like phishing and malware, information is power. We are giving you a sneak peek into our recommendations for email security based on 2021 trends that will be out later this year.
Here is a brief review of the 2021 Email Security Recommendations:
- Spam and Unwanted Email Detection: This category covers the biggest volume of email that you can control. Straight away you can make a big difference to the volumes of email that your downstream security engines are dealing with by maximizing your connection filtering catch rates using technologies such as IP & Domain Reputation. Also, covered in this area are inbound DMARC controls and also how you manage quarantined email.
- BEC & Advanced Phishing Control: A significant area for any email security solution as it covers the two major threats to email today. Traditional technologies here work by detecting the known malicious email, attempted spoofing attempts, and so on. Emerging capabilities use technologies such as AI to identify the known good email to determine the bad then.
- Email Attachments: It is critical to have the right amount of coverage for known and unknown malware using technologies such as signature-driven malware scanners and novel detection techniques such as cloud sandboxing. To add to malware detection are also options around the unpacking of password-protected files and the ability to disarm active content in PDF or office documents.
- Embedded URLs: The handling of embedded URLs is a big gap area in the base cloud productivity suites. Leading vendors will typically re-write embedded URLs, so they are scanned when a user clicks on them, but also look to minimize the emails even getting to end-users by reputation & categorization checking. Another area of focus is technologies such as cloud sandboxing and how it can be used effectively.
- Internal Email Scanning: A very new area to most organizations and being driven by Account Take Over or ATO attacks, organizations need to consider the priority and timing of when this should be covered. You may well be limited by when your email security vendor can support this, but not if you are a Cisco Secure Email customer!
- User Awareness Training: In 2021, we can’t rely on technology alone to protect an organization. If you haven’t already, now is the time to raise your game on end-user cybersecurity awareness, the education programs, and the testing of understanding via phishing simulations.
- External Domain Protection: This is all around DMARC and how you can become DMARC compliant across your organization’s registered domains. Becoming DMARC compliant maximizes the chances of your corporate email being successfully delivered and also helps to identify any unauthorized use of your domains that might affect your reputation.
- Bi-directional SecOps Integration: Exporting email log data into centralized SIEMS is just the starting step here. What also needs to happen is for your SecOps automation and orchestration platforms to be able to integrate back into your email platform to apply remediation or update protection policies without waiting for a console user to do it manually.
Email security is about much more than just security but having the right security controls in place is critical. How does your current solution measure up against these recommendations and what areas do you need to look at developing?