FEATURE: CYBERSECURITY
SECURING YOUR
BUSINESS’S LIFEBLOOD
Intelligent CIO speaks to industry
experts about how, and why,
securing your organisation’s
email should be an essential part
of your security strategy.
E
mail is the lifeblood of modern
business. There is no getting
around it; we use it for meet
and greets, customer service and
engagement, arranging meetings, deals
and contracts, marketing products and
deals as well as problem solving and
sharing information with colleagues, to
name a few. Whilst it is an indispensable
tool for businesses now looking to
operate and compete globally, its
cruciality has also made it an appealing
and often far-too accessible back door
for cybercriminals.
The statistics to back this up are brought
to the forefront by Teddy Njoroge,
Country Manager, ESET East Africa,
who references a recent McKinsey study
which found that knowledge workers
spend 28% of their time reading and
32
INTELLIGENTCIO
answering emails, exchanging sensitive
information that could pose significant
risk to the organisation if disclosed to
unauthorised recipients. Simultaneously,
cybersecurity experts claim that 91% of
cyberattacks occur through phishing.
Symantec’s ‘2017 Internet Security
Threat Report’ further evidences this
and claims that email has become the
‘weapon of choice’ for cyberattacks.
The report identified one in 131 emails
contained malware, the highest in
five years, while spear-phishing emails
targeted more than 400 companies daily.
Evolving attacks
“Our reliance on email has grown
significantly […] securing the email
ecosystem should be a priority for
every CIO,” says Nick Saunders, Sales
Enablement Manager at Mimecast
South Africa. “As the cyberthreat
landscape has evolved, so too has the
sophistication of attacks.”
Mimecast’s research team recently
identified a new email exploit, dubbed
ROPEMAKER, which malicious actors can
use to change the displayed content in
an email at will. This can be used, for
example, to swap a benign URL with a
malicious one, after the email has been
delivered to your inbox. This allows the
original email to bypass any security
controls in place and is so subtle it could
fool even the most tech-savvy user.
Whilst this exploit has not been found to
be widely used, this reveals the evolution
of more creative and sophisticated
methods being deployed.
www.intelligentcio.com