Cloud Email Security Concerns

GreatHorn Report: Cloud Email Security Concerns

Cloud Email Security Concerns

“The Cloud Email Security Challenge: Closing the Cybersecurity Skills Gap Through Automation.” The company analyzed more than 3.5 terabytes of data – over 373 million corporate emails – from its proprietary data cloud to gain insights into the sheer volume of email threats facing enterprises and the role of automated tools in helping them keep up with that challenge. GreatHorn found that the average enterprise receives 3,680 messages containing threat characteristics that require review, investigation and (if applicable) remediation per week. Without automated tools, the company estimates that task would take a security team roughly 305 hours to complete.

2017 GreatHorn Cloud Email Security Challenge While nobody loves using it — see employees exchanging quips on their fruitless efforts to reach “Inbox Zero” and media headlines heralding newer, trendier apps as “email-killers” — email is still the most common form of communication in the business world. A recent study predicts that over one third of the population (or slightly more than 2.9 billion people!) will be using email by the end of 2019.

Given its integral role in the business world, it comes as no surprise that the adoption rate of email security technology is nearly 100%. Despite this universal investment in securing email, however, breaches are still occurring — and at increasing rates.

Here are some interesting discoveries:

  •  3,680 emails a week contain threat characteristics
    1. GreatHorn confirmed that enterprises receive approximately 3,680 emails in a week that contain threat characteristics.
    2. GreatHorn took the average amount of time (5 min.) it takes for a security admin to review an event, confirming it would take a company 305 hours/12+days to investigate this threat versus using an automated cybersecurity tool.

  •  Cybercriminals’ Phishing Weapons of Choice
    1. The primary characteristics of emails that were flagged were direct spoofs (37.5%), authentication risks (31.25%), display name spoofs (12.5%), domain lookalikes (6.25%) and messages with the keywords “W2” and “Wire Transfer” (both 6.25%, respectively).
  • Hackers are increasingly targeting business communications in their attacks.
    1. Social engineering attacks were utilized in 43% of all breaches in 2016.
    2. These attacks are bypassing today’s legacy email security tools, and employee training efforts aren’t good enough to stop modern attacks.
  • We can't train our way out of this…
    1. Security awareness training is necessary, but security teams can’t detect, analyze and respond to literally every suspicious email their organizations receive.
    2. Among all tracked breaches in 2015, the statistical difference between organizations who received training and those who didn’t was only 4%.
    3. The shortage of qualified professionals leaves many organizations unable to find and hire the people they need in a timely fashion. 
  • Massive gap in cybersecurity talent
    1. Enterprise IT and information security teams find themselves facing resource limitations- a deficit of qualified workers – unable to find and hire the people needed in a timely fashion (if at all).
    2. 55% of security positions take at least 3 months to fill; 32% take six months or more and over a quarter of all US-based enterprises can’t fill their positions at all.
    3. 1.5 million cybersecurity roles are unfilled today and we are on track to reach 2 million unfilled roles by 2019.
  • Time is of the essence – automation is a force multiplier
    1. Attackers compromise an organization’s defenses in minutes and exfiltrate data in just days.
    2. Using automated data science techniques to assess trust during users’ interaction, rather than blocking malicious attacks at the perimeter is key.
  • Automated protection at scale
    1. GreatHorn’s Inbound Email Security platform analyzed over 3.5 terabytes of enterprise mailbox data, as a risk profile of an average Fortune 500 organization to demonstrate how cybercriminals attack an enterprise.
  • Increasing efficiency through automation
    1. The bottom line: even if you don’t experience a large-scale breach, targeted phishing is still costing you — in money as well as time, resources, and risk.
    2. Automation saves time and enables better allocation of human capital, providing increased accuracy and detection capabilities.

By Glenn Blake

CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information, resources and thought leadership services.

Contact us for a list of our leading programs.

Are you being served by an empathetic Bot! And do you even care?

Are you being served by an empathetic Bot! And do you even care?

Are you being served by an empathetic Bot! Move over chatbots - it is time for the empathetic bot. Say what? Recall the American Airlines snafu with the passenger and her baby. Coming on the ...
Infosec thought leaders

Cryptocurrencies and Ransomware: How VDI Can Help Defend Against the Next Ransomware Attack

Cryptocurrencies and Ransomware The WannaCry ransomware made headlines back in May when it crippled hospitals across the UK and put organizations around the world on high alert. Even those of us lucky enough not to ...
As Enterprises Execute Their Digital Strategies, New Multi-cloud Landscape Emerge

As Enterprises Execute Their Digital Strategies, New Multi-cloud Landscape Emerge

The Multi-cloud Landscape The digital universe is expanding rapidly, and cloud computing is building the foundation for almost infinite use cases and applications. Hence, it’s not surprising that of the Fortune 50 enterprises, 48 have ...
malware tracking maps

Live Hacking and Ransomware Tracking Maps Online

Hacking and Ransomware Tracking Maps We've recently covered a few live hacking maps but have decided to extend the list based on the recent ransomware activities with some additional real time hacking attack and ransomware tracking ...
Death of Traditional Enterprise Storage

Death of Traditional Enterprise Storage

Traditional Enterprise Storage Back in 2003, Chris Pinkham and Benjamin Black, two engineers working for Amazon.com, proposed a dramatic overhaul of the company's computing infrastructure. In a paper written for CEO Jeff Bezos, the pair ...

CLOUDBUZZ NEWS

Cambridge Analytica files for bankruptcy in U.S. following Facebook debacle

Cambridge Analytica files for bankruptcy in U.S. following Facebook debacle

(Reuters) - Cambridge Analytica, the political consultancy at the center of Facebook Inc’s (FB.O) privacy scandal, filed for Chapter 7 bankruptcy in the United States late on Thursday. This past March allegations surfaced that Cambridge ...
Sumo Logic and Partners to Host NYC DevOps Event with Dr. Nicole Forsgren

Sumo Logic and Partners to Host NYC DevOps Event with Dr. Nicole Forsgren

REDWOOD CITY, Calif., May 17, 2018 (GLOBE NEWSWIRE) -- Sumo Logic, the leading cloud-native, machine data analytics platform that delivers continuous intelligence, today announced it is hosting a DevOps industry event at the Eventi Hotel in New ...
Oracle Enables Smart Manufacturing with New Artificial Intelligence Cloud Applications

Oracle Enables Smart Manufacturing with New Artificial Intelligence Cloud Applications

Intelligent applications help improve overall business performance in manufacturing by driving smarter decisions, increasing yields and enhancing production efficiency Oracle today announced new artificial intelligence (AI) cloud applications that enable manufacturing organizations to reduce costs ...
The Lighter Side Of The Cloud - Autonomous Sleigh
The Lighter Side Of The Cloud - Checking It Twice
The Lighter Side Of The Cloud - Security Overkill
The Lighter Side Of The Cloud - Energy Battle
The Lighter Side Of The Cloud - Big Broadband
The Lighter Side Of The Cloud - Without A Signal
The Lighter Side Of The Cloud - Fear Of Heights
The Lighter Side Of The Cloud - The Autobiography
The Lighter Side Of The Cloud - Easter Egg Hunt