Intelligent CIO Africa Issue 08 | Page 33

FEATURE: CYBERSECURITY “Our reliance on email has grown significantly […] securing the email ecosystem should be a priority for every CIO.” As Mohammed Basheer, IT Security Practice Head, ISYX Technologies, says: “Cybercriminals have become quite tech-savvy […] They make the email look like it is coming from a legitimate source and as the content and grammar of phishing emails have improved, it makes it harder to spot. In addition, the criminals use social media to identify specific targets so that they will know the person’s name, job title and organisation they work for.” So how do you secure your organisation’s inbox (and outbox)? As Saunders explains, “Traditionally email security relied on the ‘protect’ maxim for trying to prevent attacks […] essentially waiting for an attack to reach the perimeter and relying on technology to identify the threat and neutralise it.” More proactive technologies are now needed to target the increasingly sophisticated attacks. That’s not to say that traditional solutions should be replaced completely. An example of a traditional and invaluable tool is encryption, which has become an inherent part of security strategies today and a tool utilised by the majority of enterprises in one form or another, as Nicolai Solling, CTO at Help AG says. However, the evolution of the modern business world and the effect digital transformation is having on business- customer interaction means encryption may not now be the only go-to you need. J2 Software’s MD, John McLoughlin, believes that to simply encrypt all incoming and outgoing emails is of limited use in today’s world: “Modern business is characterised by openness, and this raises severe challenges for the traditional ‘lock everything down’ approach to Nick Saunders, Sales Enablement Manager, Mimecast South Africa www.intelligentcio.com security. Building high perimeter walls is no longer an adequate security option when the success of your business is dependent on its ability to exchange information.” In light of this, when it comes to securing email systems ISYX’s Basheer advises that “Businesses should consider the triad of people, process and technology,” whilst Mimecast’s Saunders focuses on the triad of inbound, outbound and internal mail. Whichever way you approach it, it’s apparent that a holistic, multi-layered approach is necessary. Investing in a reputable antivirus solution is another way of guaranteeing your organisation is protected against malware threats and next-gen ransomware attacks. Most antivirus solutions will also provide antispam as a solution, safeguarding your employees, says Njoroge. Perhaps often overlooked but just as important as prevention is the ability to continue business if something goes wrong and to be able to restore and recover. Mimecast’s Sync & Recover for Exchange and Office 365 is one example of the solutions available for restoring corrupted or lost email data. Sync & Recover offers a layered ransomware strategy Mohammed Basheer, IT Security Practice Head, ISYX Technologies Teddy Njoroge, Country Manager, ESET East Africa INTELLIGENTCIO 33