Mimecast’s CEO Peter Bauer has outlined the company’s vision of the future of email security at the North American Cyber Resilience Summit in Dallas, Texas. Today organisations are required to think bigger and create proactive cyber resilience postures that address the threats at the email perimeter, inside the email network, and also beyond their purview, to eliminate the threats that abuse the trust in their brands out in the wild. Organisations must also leverage the vast telemetry and threat intelligence that can be gathered at the attack surface of their email systems to make their teams and their other security investments smarter and more effective – this what Bauer referred to as advancing from perimeter email security to pervasive email security.
Bauer further explained that the future of email security is comprised of three distinct zones, alongside an API-led approach, that organisations need to recognise:
Zone 1 – Perimeter – The email security perimeter is focused on keeping users and data safe by protecting email against spam and viruses, malware and impersonation attempts, and data leaks. Organisations need global visibility that offers rapid detection of sophisticated threats to protect their entire customer, partner and vendor ecosystem.
Zone 2 – Inside the Perimeter – Compromised users whose accounts are being taken advantage of, lateral movement using credential harvesting links, social engineering and employee errors are threats and risks that manifest inside the perimeter. Organisations should combine security inspections of internal and outbound email traffic with capabilities to build a stronger human firewall through dynamic user awareness training and testing programs. They also need rapid remediation capabilities to extract threats and shut down access to compromised accounts. This will help to ensure that an organisation’s internal network, made up of people and machines, is robust and capable of defending itself when attacks occur.
Zone 3 – Beyond the Email Perimeter – Pervasiveness – Organisations need the ability to protect their brands and domains from being explicitly spoofed or hijacked to defraud customers and partners. This requires the ability to implement DMARC efficiently as well as to hunt for and take action against threats where attackers present themselves fraudulently to an organisation’s customers or partners using deception and impersonation.
To move from perimeter to pervasive email security requires an extensible architecture that allows organisations to fully integrate the value of the telemetry and intelligence gathered through observing email attacks with their existing technologies such as SOARs, SIEMs, endpoints, firewalls and broader threat intelligence platforms. An API-driven approach further helps deliver pervasive security throughout all zones. This allows organisations to make their teams and other security investments even more effective.
“The expanded attack surface, the proliferation of security vendors and the monetisation of attacks have all increased the complexity of an organisation’s security infrastructure. When you consider the cybersecurity skills gap that most organisations face today, the threat of business disruption due to a cyber incident is certainly on the rise,” said Bauer.
In addition, Mimecast also announced it has engaged in strategic partnerships with DMARC Analyzer and Segasec to offer brand protection against threats outside the perimeter. Combining Mimecast defences with DMARC Analyzer’s reporting and email validation solution, helps customers stop impersonation attacks faster with self-service email channel analysis and DMARC Reporting. The strategic partnership with Segasec means customers can help protect their brands from fraudulent impersonators in the wild and neutralise attacks before they are released.
Discussion about this post