decrypting myths
adequate, in part because their widely
used homogeneous security systems are
typically easier for an attacker to bypass
compared to a multi-layered defence.
So, third-party email security and
resilience solutions exist to fill this void.
Email attacks are on the rise and they’re
only getting more targeted, sophisticated
and damaging.
We see numerous third-party research
on the impact of a data breach and the
average cost is estimated at around
US$3.92 million. And of course,
organisations can be exposed to
regulatory fines like GDPR or reputational
damage which is really hard to quantify.
We’ve also done some of our own
research. According to our State of
Email Security 2020 report, 60% of UAE
organisations believe it’s inevitable or
likely that they will suffer from an emailborne
attack in the coming year.
A total of 74% of Saudi Arabian
respondents said the same. And of
organisations who fell victim to emailborne
attacks, 54% of UAE and 42% of
KSA experienced data loss and 40%
of UAE and 22% of KSA experienced
an impact on employee productivity.
We also saw that 24% of UAE and 26%
of KSA organisations saw business
disruption or downtime which lasted up
to three days.
What are the existing security
measures in Microsoft Office 365
and what are the gaps?
There’s an enormous concentration of
corporate email services created by
Microsoft Office 365 and this represents
an irresistible target to cyberattackers.
There are more than 300 million
business users on Office 365 today.
And according to Verizon’s 2019 Data
Breach Investigation Report, 94% of
malware is delivered by email and nearly
half, about 45%, of malicious email
attachments are Microsoft Office files.
Cybercriminals attack Microsoft Office
365 far more than any other software
environment worldwide. The volume of
users on these global cloud-based email
services means there’s more malware
designed to penetrate these environments.
Microsoft regularly tops the list of brands
that hackers impersonate and has the
most phishing attack attempts.
According to a study, ongoing research
detected an average of more than 222
unique Microsoft phishing URLs per
day. Organisations try to rely on the
security and data protection of the
cloud email providers alone, which has
proved sub-optimal against advanced
phishing attacks.
There are limitations to Microsoft email
security tools for M365 that expose
business email users to a number of
different risks. Some of these gaps are
things like limited app discovery and risk
assessment, limited DLP capabilities,
limited threat and anomaly detection, as
well as limited backup and recovery.
How have criminals shifted their
focus to cloud platforms like
Microsoft Office 365 now that
workers are remote?
Many organisations have moved to
cloud platforms like M365 or Google
to support the remote workforce, so
the attack surface of organisations is
increasingly expanding to the cloud.
Cloud email services are becoming a
de-facto choice for organisations of
all sizes. We see the global pandemic
is accelerating this adoption as
organisations are forced to make
pragmatic decisions about business
transformation costs and risks.
We also see many employees are now
also working from home, often for the first
time, and cloud tools are a ready-made
option to keep organisations productive
and look after their customers.
Cybercriminals are also refocusing their
phishing impersonation and ransomware
attacks from office networks to cloud
services to target those remote
employees working from home.
What is a defence in depth
strategy made up of?
Defence in depth is really a
layered approach when it comes to
cybersecurity. And when used in
conjunction with the native security
features of Microsoft 365, a defence in
depth strategy can support a company’s
security posture and provide a much
greater degree of cyber resilience.
It prescribes using multiple layers of
security so, architecturally, these also
need to be in the cloud to effectively
work alongside Office 365 and Google.
A layered security approach when used
in conjunction with something like Office
365 which already has robust native
security components can plug holes to
compensate for end-user negligence
when conducting business via email.
Also, with a defence in depth strategy, if
one security control proves ineffective,
others are in place to fill the breach.
Other important elements of that could
be things like your network security
68 Issue 29 | www.intelligentciso.com