Cyber Defense Magazine - Annual RSA Conference 2019 - Print Edition
Cyber Defense Magazine - Electronic Version - Annual RSA Conference 2019 - Print Edition
Cyber Defense Magazine - Electronic Version - Annual RSA Conference 2019 - Print Edition
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Winning<br />
the Battle for<br />
the Inbox<br />
by John Randall, VP Product Management, EdgeWave<br />
Winning the battle for the inbox<br />
For virtually everyone, email is the primary way<br />
of connecting and doing business. However,<br />
as we all know, the inbox isn’t as safe as it once<br />
was. All sorts of bad actors are increasingly<br />
competing to penetrate into users’ inboxes<br />
and exfiltrate confidential information, or<br />
launch nefarious links or code that enable<br />
them to open backdoors into critical systems<br />
and data.<br />
As email threats become more and more<br />
targeted and sophisticated, the challenge<br />
to protect inboxes has taken on a whole new<br />
level of complexity. Even as recently as a few<br />
years ago, all an organization had to do was<br />
deploy an email gateway to filter out spam,<br />
malware and other inbox invaders. Done.<br />
Unfortunately, the game has changed.<br />
Today’s advanced, socially engineered email<br />
threats blow right past traditional gateways<br />
and attack users in a variety of ways with<br />
spear phishing, Business Email Compromise<br />
(BEC), ransomware and more. An email<br />
security gateway is no match for these attacks.<br />
Consequently, users are being conned,<br />
spoofed and deceived more than ever, and it’s<br />
costing businesses billions of dollars a year in<br />
damages.<br />
The reality of today’s email threat landscape.<br />
Recently, we conducted a survey of over<br />
300 IT security professionals, from CISOs<br />
to infosec administrators. While we asked a<br />
number of questions, several key points stood<br />
out. More than 80 percent of participants said<br />
they were “confident” or “very confident” that<br />
traditional email gateways will protect their<br />
organizations from targeted email attacks.<br />
Yet a substantial percentage — 42 percent<br />
— also reported that their organization fell<br />
victim to a recent phishing attack. That’s quite<br />
a disconnect.<br />
In another contradictory finding, the survey<br />
revealed that the majority of IT professionals<br />
aren’t confident in employees’ ability to<br />
spot or flag malicious emails, even though<br />
over 70 percent of responders reported that<br />
their organizations had conducted security<br />
awareness training during the previous 12<br />
months.<br />
The survey results are a wake-up call,<br />
revealing a significant disconnect between<br />
IT professionals’ confidence in their existing<br />
email security strategy and the realities of the<br />
threat landscape. These survey findings also<br />
serve as a call to action, underscoring the<br />
need for IT professionals to honestly assess<br />
their current email security measures and<br />
take steps to achieve a modern email security<br />
posture.<br />
20 <strong>Cyber</strong> <strong>Defense</strong> <strong>Magazine</strong> - <strong>Annual</strong> <strong>Print</strong> <strong>Edition</strong> <strong>2019</strong>