EDITOR ’ S QUESTION
SAMEER BASHA , SECURITY CONSULTANT GCC AT CHECK POINT SOFTWARE TECHNOLOGIES
Email is one of the most widely used mediums for business communications , and also the most preferred vector for cyberattacks . Over 90 % of attacks on organisations start from malicious emails .
Every organisation is a potential target for email delivered attacks such as phishing , Business Executive Compromise , malware , account take over and loss of confidential data , hence every organisation should have the right security controls to minimise risks associated with these attacks .
An effective email security strategy is twopronged . Proactively create user awareness to recognise and appropriately report email-based attacks and secure the email system with an efficient email security solution that prevents email-based attacks . Check Point Harmony email and collaboration is a leading Machine Learning ( ML ) based email security solution designed to prevent email-based attacks . of sensitive information . Even if sensitive data like payroll or research and development data isn ’ t contained within emails – or stored in cloud-based accounts linked to these email addresses – the information about internal relationships that email contains can be invaluable for a social engineer planning a spear-phishing campaign .
3 . ML-based email security solutions with DLP – Modern day email attacks have become very sophisticated and go undetected with traditional signature based solutions . Machine Learning-based email security solution with data leakage protections is the right recipe for the current threat landscape .
4 . Implement robust endpoint security – Security should be enforced based on a strategy of defence in depth . In addition to email security solutions , an organisation should have an integrated endpoint security solution as the last line of defence . Endpoint security can help to detect and remediate malware infections that escaped other security defences .
These email security best practices outline important steps that an organisation should take to secure corporate email communications .
1 . Continuous cybersecurity awareness training – Human is always the weakest link . No technology provides 100 % protection . User awareness and the resulting user feedback will complement and strengthen the organisation ' s email security objectives and fine tune email attack detection . 2 . Implement strong user authentication – A user ’ s email account contains a vast amount
www . intelligentcxo . com
21