Email is a common gateway into an organization’s infrastructure. According to Trend Micro, 91% of most advanced persistent threats and spear-phishing initiatives involve email.
“All of the major attacks that we’ve seen that have been successful, the majority of those have been all targeted spear-phishing attacks that are utilizing malicious files that have been specially crafted and targeted for an organization or an industry,” said Matt Corney, CTO of Nuspire Networks.
An enhanced email process could start with an on premise or cloud-based solution that first and foremost utilizes a multi-layered threat protection process to analyze the email.
“It’s looking for phishing detection within those messages, it’s doing URL scanning, link scanning, it’s identifying obviously if it’s spam, [if it includes] things like antiviruses and multiple antivirus capabilities,” said Corney.
Corney said it’s important to understand connection management capabilities: things like TLS enforcement, DKIM and SPF capabilities to be able to understand who you’re communicating with and authenticating those vendors or organizations.
“It’s just so important to try to get a handle on and improve your email security and it’s a fairly easy thing to do … to be able to make use of services to do that,” said Corney.
Corney said one mistake he sees take place is when a company puts their confidence into one product or one gateway device and expects that product or device to take care of all cyber threat monitoring processes.
“With the URL technologies that the bad guys are using today where they’re constantly jumping around or a URL may only be online for an hour … you just can’t get that in standardized technology as far as signatures that you’re applying to your devices or your filters. There really needs to be an active process of guarding against that,” said Corney.
To learn more about enhanced email security and how to better protect your network, view Nuspire’s webinar here.