Cloud Email Security Concerns

GreatHorn Report: Cloud Email Security Concerns

Cloud Email Security Concerns

“The Cloud Email Security Challenge: Closing the Cybersecurity Skills Gap Through Automation.” The company analyzed more than 3.5 terabytes of data – over 373 million corporate emails – from its proprietary data cloud to gain insights into the sheer volume of email threats facing enterprises and the role of automated tools in helping them keep up with that challenge. GreatHorn found that the average enterprise receives 3,680 messages containing threat characteristics that require review, investigation and (if applicable) remediation per week. Without automated tools, the company estimates that task would take a security team roughly 305 hours to complete.

2017 GreatHorn Cloud Email Security Challenge While nobody loves using it — see employees exchanging quips on their fruitless efforts to reach “Inbox Zero” and media headlines heralding newer, trendier apps as “email-killers” — email is still the most common form of communication in the business world. A recent study predicts that over one third of the population (or slightly more than 2.9 billion people!) will be using email by the end of 2019.

Given its integral role in the business world, it comes as no surprise that the adoption rate of email security technology is nearly 100%. Despite this universal investment in securing email, however, breaches are still occurring — and at increasing rates.

Here are some interesting discoveries:

  •  3,680 emails a week contain threat characteristics
    1. GreatHorn confirmed that enterprises receive approximately 3,680 emails in a week that contain threat characteristics.
    2. GreatHorn took the average amount of time (5 min.) it takes for a security admin to review an event, confirming it would take a company 305 hours/12+days to investigate this threat versus using an automated cybersecurity tool.

  •  Cybercriminals’ Phishing Weapons of Choice
    1. The primary characteristics of emails that were flagged were direct spoofs (37.5%), authentication risks (31.25%), display name spoofs (12.5%), domain lookalikes (6.25%) and messages with the keywords “W2” and “Wire Transfer” (both 6.25%, respectively).
  • Hackers are increasingly targeting business communications in their attacks.
    1. Social engineering attacks were utilized in 43% of all breaches in 2016.
    2. These attacks are bypassing today’s legacy email security tools, and employee training efforts aren’t good enough to stop modern attacks.
  • We can't train our way out of this…
    1. Security awareness training is necessary, but security teams can’t detect, analyze and respond to literally every suspicious email their organizations receive.
    2. Among all tracked breaches in 2015, the statistical difference between organizations who received training and those who didn’t was only 4%.
    3. The shortage of qualified professionals leaves many organizations unable to find and hire the people they need in a timely fashion. 
  • Massive gap in cybersecurity talent
    1. Enterprise IT and information security teams find themselves facing resource limitations- a deficit of qualified workers – unable to find and hire the people needed in a timely fashion (if at all).
    2. 55% of security positions take at least 3 months to fill; 32% take six months or more and over a quarter of all US-based enterprises can’t fill their positions at all.
    3. 1.5 million cybersecurity roles are unfilled today and we are on track to reach 2 million unfilled roles by 2019.
  • Time is of the essence – automation is a force multiplier
    1. Attackers compromise an organization’s defenses in minutes and exfiltrate data in just days.
    2. Using automated data science techniques to assess trust during users’ interaction, rather than blocking malicious attacks at the perimeter is key.
  • Automated protection at scale
    1. GreatHorn’s Inbound Email Security platform analyzed over 3.5 terabytes of enterprise mailbox data, as a risk profile of an average Fortune 500 organization to demonstrate how cybercriminals attack an enterprise.
  • Increasing efficiency through automation
    1. The bottom line: even if you don’t experience a large-scale breach, targeted phishing is still costing you — in money as well as time, resources, and risk.
    2. Automation saves time and enables better allocation of human capital, providing increased accuracy and detection capabilities.

By Glenn Blake

CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information and consultancy services.

Are you a cloud services expert in a world of digital transformation? If so, contact us for information on how to become part of our growing cloud consultancy ecosystem.

Terrified of the Coming of Artificial Intelligence (AI)? Don’t Be. Now You Can Rent Your Own!

Terrified of the Coming of Artificial Intelligence (AI)? Don’t Be. Now You Can Rent Your Own!

Now You Can Rent Your Own! Beware the coming of AI! Or so say luminaries like Bill Gates, Stephen Hawking ...
How Machine Learning is Revolutionizing Digital Enterprises

How Machine Learning is Revolutionizing Digital Enterprises

Machine Learning is Revolutionizing Digital Enterprises According to the prediction of IDC Futurescapes, Two-thirds of Global 2000 Enterprises CEOs will ...
Blockchain info

How Can Blockchain-as-a-Service Help Your Business?

Blockchain-as-a-Service “Have you seen the price of Bitcoin?”, “You gotta get in on Ripple, it’s going through the roof!”, “Are we in ...
Why Open Source Technology is the Key to Any Collaboration Ecosystem

Why Open Source Technology is the Key to Any Collaboration Ecosystem

Open Source Collaboration Ecosystem Open source – software whose source code is public and can be modified or shared freely ...
Marc Malizia

Building a High Growth IT: 5 Tips For 2017

High Growth IT Building and maintaining a cloud computing platform will be much different in 2017 than it has been in ...
The Five Rules of Security and Compliance in the Public Cloud Era

The Five Rules of Security and Compliance in the Public Cloud Era

Security and Compliance  With technology at the heart of businesses today, IT systems and data are being targeted by criminals, ...
V2V? Platoons? Your First Taste of Robocar is a Truck

V2V? Platoons? Your First Taste of Robocar is a Truck

Robo Trucking You are driving down the interstate. Ahead is an 18-wheeler struggling up the grade. You swing out to ...
First Things First. What Are Microservices?

First Things First. What Are Microservices?

Innovation with Microservices Microservices are an engineering approach and architectural style of computing that is becoming extremely important for organizations ...
5 Predictions for Data in the Cloud and Cloud Platforms

5 Predictions for Data in the Cloud and Cloud Platforms

5 Predictions for Data in the Cloud 2017 has proven to be a big year for migrating data to the ...
Four Recurring Revenue Imperatives

Four Recurring Revenue Imperatives

Revenue Imperatives “Follow the money” is always a good piece of advice, but in today’s recurring revenue-driven market, “follow the ...