Is your email security fit for purpose?

Email security has become a critical concern in today's digital landscape. With cyber threats on the rise, it is important to assess how good our email security measures are and what steps can be taken to enhance them

Is your email security fit for purpose

The market for exploiting email security vulnerabilities is, unfortunately, quite substantial. Cybercriminals constantly evolve their techniques to exploit weaknesses in email systems, gaining unauthorised access to sensitive information and wreaking havoc on individuals and organisations alike.

According to Proofpoint, a leading global security provider and the third-largest email scanning platform in the world, approximately 3.1 billion domain-spoofing emails are sent daily, and more than 90% of major cyberattacks are initiated by a single email. The monetary impact that compromised emails have caused to the global economy is estimated to be $31 billion since 2016.

One of the key aspects of bolstering email security lies in user training. Educating users about the potential risks and best practices for safe email usage can significantly reduce the likelihood of falling victim to phishing attacks or other malicious activities. By raising awareness about suspicious emails, attachments, and links, users can become integral to the defence against cyber threats.

Malware poses a significant threat when it comes to exploiting user devices through email. Once an unsuspecting user opens a malicious attachment or clicks on a harmful link, malware can infiltrate their device, compromising data integrity and potentially spreading further within a network. Understanding how malware exploits user devices is crucial in implementing effective preventive measures.

Fortunately, there are options available to enhance email security. The first thing all email platforms should have is correctly configured DomainKeys Identified Mail (DKIM), Sender Policy Framework (SPF), and Domain-based Message Authentication, Reporting & Conformance (DMARC) in place. These basic tools can control the flow of bad emails into your system by ensuring the address details are valid. But they will not stop all bad content coming through!

One reason for this is the lack of testing if the email security application being used within the organisation is still fit for purpose. Often, email security systems are only reviewed at the first time of purchase and then auto-renewed every year or even three years. Despite receiving rogue emails, IT teams rarely question if the system is still the best. Worst still, the issue is identified but left too late to take action so that the subscription auto-renews for another three years!

It is important, therefore, to benchmark any current system against others, and one way to do this is to run another email security system in parallel with the current one and see how many bad emails were let through by the incumbent application. In this way, it gives evidence of either a healthy system in situ or the business the justification to make a change. But this ‘parallel’ running needs to be decided way before any existing system comes up for renewal for two reasons: firstly, the current contract might have a three-month termination clause, and secondly, any new system will need to start to learn your organisation’s email content so it can recognise normal patterns which in another organisation might look odd. Such tests work on cloud email services such as MS365 or any on-site systems.

The testing mechanism is an interactive web tool that produces an email threat readiness report and benchmarks against peers. The analysis highlights the volume of emails scanned, emails blocked by the current system, and emails the new system would have stopped. 

The outcomes of the report are:

•    Understand your risk posture and uncover threats that the current email security solution is missing

•    Gain visibility into who is being targeted: Very Attacked People (VAPs)

•    Run targeted security awareness training programs based on evidence

•    Better protect the organisation with web and email isolation

These tools are quick to use, only five minutes to complete for the web version API, and they provide a full report with easy-to-implement tips to improve the organisation’s security program.

Obviously, the greater the volume of emails being received, the greater the percentage detected, but remember it takes only one rogue email to get through to cause a mountain of grief!

Once the email platform is working correctly, by regularly updating software patches and implementing robust encryption protocols, multi-factor authentication, and even advanced threat detection systems, organisations can further fortify their defences against email threats.

In conclusion, ensuring strong email security is paramount in safeguarding sensitive information from falling into the wrong hands. By evaluating our current measures, providing comprehensive user training, understanding how malware exploits devices through emails, and exploring options for enhancing security protocols, we can take proactive steps towards protecting ourselves from evolving cyber threats.

Colin Tankard
Colin Tankard

Share via
Copy link