Responding to Inbox Attacks at Cyber-Speed
Date: 3 December 2019
We live in a world that’s hard to imagine without, email. As great, quick and useful as email is, it remains , one of the easiest attack vectors that cyber criminals use to target your business, compromise the data of your employees or customers and cost you millions of pounds .
Verizon’s Data Breach Investigation Report in 2018, states that 96% of data breaches start with email. Business leaders, therefore, need to take sure-footed steps to enhance the speed at which their organisations can respond to an email attack and mitigate the impact on business.
In this educative Webinar, Amar Singh - CEO of Cyber Management Alliance and Steven Peake - Specialist at Barracuda Networks, share their views on the forensic capabilities that any resilient business needs, in order to respond to inbox attacks with agility and prevent similar incidents from recurring.
16 Minutes for a Hack to Begin
The discussion begins with an interesting insight: It takes 16 minutes for the first person to click on an email after the start of a malicious campaign and 28 minutes for the first savvy individual to report it, provided the business is lucky.
This means that the most pressing question pertaining to email attacks is this: How many users clicked on the malicious email? More importantly, does the business have visibility into who clicked on the email? Amar believes that if you don’t have visibility into who clicked on a suspicious email and when they clicked on it, you’re at a major disadvantage.
Steven is more than correct when he says that technology and threats are evolving so fast today that it almost appears like they’re caught in a game of cat and mouse. Nobody can guarantee that an attack won’t happen. But if you can detect and respond to malicious emails quickly, you can considerably reduce what they may cost your business.
It is also imperative, as Amar and Steven share in this Webinar, that businesses are aware of email attacks beyond Phishing. Emerging trends in email attacks go beyond just malicious attachments or links. They encompass more sophisticated techniques of social engineering such as conversation hijacking, account take-overs, impersonation of reputed brands and individual users as well as credential thefts. All of these attacks hold the power to really derail businesses and affect processes in massively harmful ways. The big challenge they pose is that the tactics of social engineering successfully bypass traditional security products that are only looking for malicious payload. They also manage to con end-users and override their better judgement, making them more difficult to deal with.
Such attacks can only be stopped by employing a technology stack that can inspect the context of the message by looking at the authenticity of the sender and can actively monitor email systems. These solutions must also give end-users an easy and quick way to report suspicious email content to improve the timeliness of response.
Manual Incident Response just doesn’t cut it anymore. In the highly complex landscape of email attacks, just identifying that an incident has taken place can take over 30 minutes and then investigating the attack, its extent and responding to it, can turn into a process that runs into numerous hours. That’s why automation is of the essence today, when it comes to incident response.
With automation, hours spent on controlling and reversing the damage of an attack can be turned into minutes. A blend of forensics capabilities and automated Incident Response can lead to significant time savings for the IT department, expedite response to advance threats, reduce the impact of malicious emails and thereby reduce business risk significantly.
The only sure-shot way of ramping up your security infrastructure against email attacks is to speed up response and remediation by relying on automation. As Amar puts it, “if you need first-class resilience, you need rapid response in email,” and such swiftness can be made possible only through sophisticated and automated technology solutions.
For more information and a deeper understanding on how to best combat email based cyber-attacks, tune into this Webinar today!
Founded in 2015 and headquartered in London, UK, Cyber Management Alliance Ltd. is a recognised independent world leader in Cyber Incident & Crisis Management consultancy and training. The organisation is renowned globally as the creator of the flagship Cyber Incident Planning and Response course, certified by the UK Government’s National Cyber Security Centre.
Cyber Management Alliance has serviced over 300 enterprise clients in multiple verticals including government, banking, finance, IT, consultancies, healthcare, oil & gas and retail across 38 countries. It has carved a niche by assessing, building and improving its clients’ Cyber Incident & Crisis Management capabilities through training, tabletop exercises, health checks and audits. Today, Cyber Management Alliance has a global and diverse network of over 80,000 cyber executives and practitioners worldwide.