decrypting myths
Adopting a
defence in depth
approach for
email security
Email is the top
communications tool used
by modern organisations,
with many now shifting from
on-premise to cloud-based.
And while this has numerous
business benefits, it also means
that security must be top of
mind. Werno Gevers, Regional
Manager – Mimecast Middle
East, tells us why organisations
should look to adopt a defence
in depth strategy for long-term
cyber resilience.
hHow important is email as a
tool for organisations and what
kind of trends have you seen in
terms of a shift from on-premise
to cloud-based?
We’ve seen a big shift. Email is the
number one business communication
tool used by most organisations.
It’s usually one of the first platforms
organisations move to the cloud. We’ve
seen cloud email security services
from Microsoft and Google dominate
the global market and these are now
accelerating in the GCC.
According to Gartner, 84% of IT
decision-makers indicated that they
were currently using or planning to use
Microsoft Office 365 in the next six
months. We also see, according to some
of Gartner’s other research, public cloud
services revenue in the Middle East and
North Africa is expected to total nearly
US$3 billion by 2020 – an increase of
21% year over year.
How would you say that the
COVID-19 pandemic has
accelerated this shift?
It has been a remarkable catalyst for
Microsoft adoption. Teams adoption
increased by over 40% in a month and
Office 365 is a collaboration platform, so
businesses had to accelerate their cloud
adoption strategy to cater for the remote
workforce demand.
Also, another Gartner forecast report
highlighted that Software-as-a-Service
accounts for 53% of the total public
cloud service revenue for the Middle
East and North Africa, and this is set to
total 1.6 billion in 2020.
Why is email such a target and
how detrimental are attacks via
this vector?
Email was never designed to be mission
critical and to house up to 80% of an
organisation’s intellectual property.
But, seeing that email is the primary
form of communication, it offers an
open channel for attackers into any
organisation. It is much easier for
hackers to exploit human vulnerabilities
through social engineering, while a lot of
business processes are dependent on
email as well.
But while most email system providers
offer some level of security and
resilience, they fall short of what many
security and IT teams would consider
www.intelligentciso.com | Issue 29
67