FEATURE : EMAIL SECURITY
They analyze that email using technology , sandbox the email to determine whether it is bad . They send an alert back to the employee .
Then they use technology to find those emails in other employees ’ inboxes and pull those out automatically . That ’ s people , your employees and technology , the automation and sandboxing , working together to protect the organization .
How can organizations instil confidence in their employees to ensure that these incidents are reported ?
WITH BEC , ONE OF THE THINGS THAT YOU NEED TO FOCUS ON FIRST OF
ALL IS THE TECHNOLOGY – BLOCK AS MUCH AS
POSSIBLE FROM REACHING YOUR PEOPLE .
In the past we had a tendency to shame the individual , even with the simulated phishing attacks that we send out to raise awareness . the core of cyberdefenses and they are under attack by cybercriminals .
We can ’ t victim blame or shame the individual – unless of course there is repeated behavior – we need to make them feel safe . They are ultimately victims and we need to make it easy for them to report and reward them when they do identify a bad email .
There ’ s also gamification that you can bring into this to make it much more interesting and engage your employees .
What advice would you give those wishing to bolster their email defenses ?
It ’ s important for CISOs and CIOs , and all security professionals , to understand the business as well as the criminals do . Understand who your very attacked people are , who ’ s being targeted with what , who ’ s getting credential phishing , who ’ s getting malware , who ’ s getting those Business Email Compromise attacks and who ’ s credentials are compromised ?
Because based on that visibility into your very attacked people you can then build a security program that ’ s tailored to your business and threat profile of your users . It ’ s not generic at all but is highly effective because it ’ s based on the risks that you face .
Fundamentally , organizations need to focus on implementing a people-centric security program . Your people are the new perimeter , at
Protect your business , protect your suppliers , protect your employees and ultimately , by doing that , you ’ re protecting your data as well . p
www . intelligentcio . com INTELLIGENTCIO APAC 43