Cloud Email Security Concerns

GreatHorn Report: Cloud Email Security Concerns

Cloud Email Security Concerns

“The Cloud Email Security Challenge: Closing the Cybersecurity Skills Gap Through Automation.” The company analyzed more than 3.5 terabytes of data – over 373 million corporate emails – from its proprietary data cloud to gain insights into the sheer volume of email threats facing enterprises and the role of automated tools in helping them keep up with that challenge. GreatHorn found that the average enterprise receives 3,680 messages containing threat characteristics that require review, investigation and (if applicable) remediation per week. Without automated tools, the company estimates that task would take a security team roughly 305 hours to complete.

2017 GreatHorn Cloud Email Security Challenge While nobody loves using it — see employees exchanging quips on their fruitless efforts to reach “Inbox Zero” and media headlines heralding newer, trendier apps as “email-killers” — email is still the most common form of communication in the business world. A recent study predicts that over one third of the population (or slightly more than 2.9 billion people!) will be using email by the end of 2019.

Given its integral role in the business world, it comes as no surprise that the adoption rate of email security technology is nearly 100%. Despite this universal investment in securing email, however, breaches are still occurring — and at increasing rates.

Here are some interesting discoveries:

  •  3,680 emails a week contain threat characteristics
    1. GreatHorn confirmed that enterprises receive approximately 3,680 emails in a week that contain threat characteristics.
    2. GreatHorn took the average amount of time (5 min.) it takes for a security admin to review an event, confirming it would take a company 305 hours/12+days to investigate this threat versus using an automated cybersecurity tool.

  •  Cybercriminals’ Phishing Weapons of Choice
    1. The primary characteristics of emails that were flagged were direct spoofs (37.5%), authentication risks (31.25%), display name spoofs (12.5%), domain lookalikes (6.25%) and messages with the keywords “W2” and “Wire Transfer” (both 6.25%, respectively).
  • Hackers are increasingly targeting business communications in their attacks.
    1. Social engineering attacks were utilized in 43% of all breaches in 2016.
    2. These attacks are bypassing today’s legacy email security tools, and employee training efforts aren’t good enough to stop modern attacks.
  • We can't train our way out of this…
    1. Security awareness training is necessary, but security teams can’t detect, analyze and respond to literally every suspicious email their organizations receive.
    2. Among all tracked breaches in 2015, the statistical difference between organizations who received training and those who didn’t was only 4%.
    3. The shortage of qualified professionals leaves many organizations unable to find and hire the people they need in a timely fashion. 
  • Massive gap in cybersecurity talent
    1. Enterprise IT and information security teams find themselves facing resource limitations- a deficit of qualified workers – unable to find and hire the people needed in a timely fashion (if at all).
    2. 55% of security positions take at least 3 months to fill; 32% take six months or more and over a quarter of all US-based enterprises can’t fill their positions at all.
    3. 1.5 million cybersecurity roles are unfilled today and we are on track to reach 2 million unfilled roles by 2019.
  • Time is of the essence – automation is a force multiplier
    1. Attackers compromise an organization’s defenses in minutes and exfiltrate data in just days.
    2. Using automated data science techniques to assess trust during users’ interaction, rather than blocking malicious attacks at the perimeter is key.
  • Automated protection at scale
    1. GreatHorn’s Inbound Email Security platform analyzed over 3.5 terabytes of enterprise mailbox data, as a risk profile of an average Fortune 500 organization to demonstrate how cybercriminals attack an enterprise.
  • Increasing efficiency through automation
    1. The bottom line: even if you don’t experience a large-scale breach, targeted phishing is still costing you — in money as well as time, resources, and risk.
    2. Automation saves time and enables better allocation of human capital, providing increased accuracy and detection capabilities.

By Glenn Blake

CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information and consultancy services.

Are you a cloud services expert in a world of digital transformation? If so, contact us for information on how to become part of our growing cloud consultancy ecosystem.

CONTRIBUTORS

Principles of an Effective Cybersecurity Strategy

Principles of an Effective Cybersecurity Strategy

Effective Cybersecurity Strategy A number of trends contribute to today’s reality in which businesses can no longer treat cybersecurity as ...
What’s Next In Cloud And Data Security For 2017?

What’s Next In Cloud And Data Security For 2017?

Cloud and Data Security It has been a tumultuous year in data privacy to say the least – we’ve had ...
3 Ways to Protect Users From Ransomware With the Cloud

3 Ways to Protect Users From Ransomware With the Cloud

Protect Users From Ransomware The threat of ransomware came into sharp focus over the course of 2016. Cybersecurity trackers have ...
Safeguarding Data Before Disaster Strikes

Safeguarding Data Before Disaster Strikes

Safeguarding Data  Online data backup is one of the best methods for businesses of all sizes to replicate their data ...
The Five Rules of Security and Compliance in the Public Cloud Era

The Five Rules of Security and Compliance in the Public Cloud Era

Security and Compliance  With technology at the heart of businesses today, IT systems and data are being targeted by criminals, ...
Bryan Doerr

Cyber-Threats and the Need for Secure Industrial Control Systems

Secure Industrial Control Systems (ICS) Industrial Control Systems (ICS) tend to be “out of sight, out of mind.” These systems ...
Cyber Security Tips For Digital Collaboration

Cyber Security Tips For Digital Collaboration

Cyber Security Tips October is National Cyber Security Awareness Month – a joint effort by the Department of Homeland Security ...
How Big Data Can Empower Native Ads

How Big Data Can Empower Native Ads

Empower Native Ads The realm of big data is expanding an astonishing rate, and its presence can be felt across ...
4 Open Source Business Intelligence Tools For Big Data Reporting

4 Open Source Business Intelligence Tools For Big Data Reporting

Open Source Business Intelligence Tools It’s impossible to take the right business decisions without having insightful information to back up ...
Digital Transformation: Not Just For Large Enterprises Anymore

Digital Transformation: Not Just For Large Enterprises Anymore

Digital Transformation Digital transformation is the acceleration of business activities, processes, and operational models to fully embrace the changes and ...

NEWS

The Department of Defense Cloud

Internet Association asks for U.S. net neutrality vote delay

WASHINGTON (Reuters) - The Internet Association, whose more than 40 members include companies like Google and Amazon, urged the Federal ...
VMware and Carbon Black Fundamentally Transform Current Approaches to Data Center and Cloud Security

VMware and Carbon Black Fundamentally Transform Current Approaches to Data Center and Cloud Security

New joint, cloud-based security solution combines enforcement of "known good" application behavior with advanced threat detection and automated remediation WALTHAM, ...
Deloitte TMT Predictions: Machine Learning Deployments, On-Demand Content and Live Events Will Continue to Drive Growth

Deloitte TMT Predictions: Machine Learning Deployments, On-Demand Content and Live Events Will Continue to Drive Growth

NEW YORK, Dec. 12, 2017 /PRNewswire/ -- Deloitte forecasts double digital growth in machine learning deployments for the enterprise, an increasing worldwide ...