In recent years the rapid growth of advanced email attacks that bypass gateway protections - in particular those using social engineering tactics - have shifted the focus of cyber criminals from targeting company networks to targeting individual users within businesses, relying on simple yet powerful deception to access confidential data, accounts and more, as opposed to malicious attachments and links that can be more easily detected.
Altinet recently teamed up with Barracuda Networks to survey IT leaders across the UK regarding their personal experiences with email security and targeted threats, and what technologies they have in place to combat these risks. This survey was hosted over a 2 month period and collected responses from 16 different industry sectors, with the data then used to create a comprehensive report - '2020 Email Protection Trends'.
Throughout our research, and through the presentation of our collected data, we maintained a focus on four key security layers that we believe share equal importance in offering businesses complete email protection: Prevention, Detection, Recognition and Remediation. In this article we will be discussing the role of these security layers in more detail, as well as sharing some of the key insights from this new report.
When establishing a multi-layered security strategy, prevention takes place at the email gateway, filtering through inbound mail to block easily-identifiable threats such as spam, malware, and mass phishing attacks before they reach user inboxes.
- When asked which inbound threat was currently the most significant concern, most respondents reported impersonation attacks (30%) or malicious payloads (27%).
- Only 21% of organisations have add-on platform features in place, such as advanced threat protection.
- Businesses are facing major issues with their existing gateway securities failing to prevent internal threats like account takeover (49%) or detect payload-free attacks like social engineering (39%)
The detection layer sits beyond the email gateway, identifying covert threats that have slipped past traditional security systems through the use of advanced technology such as artificial intelligence and machine learning.
- Over 50% of respondents displayed notable concerns of 4/5 or higher over targeted threats reaching user inboxes.
- Despite these concerns, 81% of businesses reported having no AI-based technology in place for inbox defence, and only 23% plan to implement this in the future.
- Over a third of organisations typically take longer than a day to detect advanced threats residing in user inboxes - with some even taking longer than a month.
Recognition refers to the ability of users within an organisation to accurately identify inbound threats and suspicious activity, as well as maintain an awareness of how their own personal practices can have negative business impacts, such as weak passwords.
- Over 50% of organisations reported low to average confidence in their users' security awareness.
- Although close to half of respondents did confirm that they regularly conduct computer-based security awareness training, 57% of these did not include phishing simulations for testing recognition.
- Account compromise was the most reported business impact as a direct result of user error, with 38% of businesses experiencing this in the last year.
Remediation within an email defence strategy relates to the actions needed after a successful cyber attack has taken place in order to appropriately respond to both internal and external impacts and fully resolve the threat.
- Although most businesses (81%) do have a formal incident response plan in place, a significant number of these companies (86%) are still lacking automation in this process for maximum efficiency.
- Despite research showing that the average organisation takes 3.5 hours to fully remediate an email incident, almost half of our respondents reported taking longer than 24 hours. Some even taking weeks or months on average.
- 36% of businesses face issues with their existing incident response process being too time consuming.
How Can Businesses Improve Their Email Defences?
Barracuda Total Email Protection ensures your organisation is secured against email-borne threats.
The Barracuda email security solutions bundled into Total Email Protection create the most effective solution to prevent targeted social engineering attacks. Its multi-layered approach combines a secure email gateway, AI-powered fraud protection, and advanced security awareness training. This results in comprehensive protection against business email compromise, account takeover, and other advanced email threats.
Prevention - Barracuda Essentials
Barracuda Essentials is a cloud-based security solution designed to protect against spam, phishing, malware, ransomware, and other targeted email threats. It also ensures data protection with advanced email continuity and backup services, protecting against accidental or malicious deletion.
Detection - Barracuda Sentinel
Barracuda Sentinel detects and blocks costly attacks such as social engineering and brand impersonation. It leverages artificial intelligence to learn each user's unique communication patterns to identify malicious intent and flag fraud attempts.
Recognition - Barracuda PhishLine
Barracuda PhishLine uses customised simulations with daily-updated content to transform your users into a powerful layer of defence by dramatically boosting their ability to identify social engineering attacks and respond appropriately.
Remediation - Barracuda Forensics & Incident Response
Barracuda Forensics and Incident Response automates email incident response and provides remediation options to quickly and efficiently address attacks. Easily send alerts, remove malicious emails, and use threat insights to stop the spread of malicious threats.