Email Security Report has revealed that over 90% of all successful cyber attacks around the world begin with a phishing email.
Cyber criminals are adopting and deploying increasingly sophisticated techniques to bypass spam filters and firewalls. Human nature and unaware or preoccupied users are considered contributing factors as they can often be tempted to download a file or click a malicious link that gives criminals access.
Every business should take steps to protect itself against phishing email, by training employees to recognize the ‘red flags’ that communication may be part of a scheme, and immediately report any incident to aid recovery and help identify cyber criminals to protect other businesses from victimization.
Keep in mind that anyone can be hacked: Businesses must know that their employees can be the victim of various email-based attacks like phishing, spear phishing, CEO Fraud/BEC, ransomware, malware attacks, other cyber attacks.
Check your current security infrastructure and practises: Organisations should check their current cybersecurity infrastructure and security technology they use. Also, they should evaluate users’ cybersecurity awareness training programs, and incident response operations and other security policies.
Consider multi-layered solutions for email security: The sophisticated cyber attacks like ransomware is evolving day by day and they need advanced solutions to be stooped, this is when Email Threat Simulation Solution play a significant role. Simulating attacks against a mail box will show how thorough your mail security platform is.
Ward’s Breach & Attack Simulation solution is capable of simulating data exfiltration, a cyberattack on the company’s web application firewall, a phishing attack on an organisation’s email systems, a malware attack on an endpoint or even a lateral movement within networks.
If we focus on Ransomware, BAS can very quickly identify what our residual risk is around threats that are not being blocked by our mail security platform. Now let’s have a look at the situation below:
In figure 1 – we can highlight the current % of threats not being blocked as a total count – would 52% be efficient use of the current mail security protection provider?
With 1720 malicious emails getting through to user’s mailboxes we have quite a challenge. If you look into the Malicious Code attacks category and the right to Ransomware you will see against all of the threat’s we are able to block only 54% of these.
To drive into more detail, we can see exactly what is not being blocked. You will note 209 variations will make their way to the user’s mailbox – this is a lot of residual risk.
The next way of uncovering residual risk is to identify a particular one we are worried about; By filtering for a particular type – BLACKKingdom below we can see how effective our mail security is at stopping all variants. We have 3 getting through.
Now we can pivot on how all our security controls are dealing with this ransomware – by selecting the 3rd row (1st unblocked variant-2) we can see details and residual risk against our network path int the corporate environment as well as how Windows Defender is dealing with this.
First the front door NGFW at our perimeter!
We can see on the first row – our NGFW is blocking this attack as of today at 07:02.
We can also see the Endpoints are also blocking the attacks so for now our only exposure is email route into our network.
Ward’s Breach & Attack Simulation service offers customers a meaningful baseline of the effectiveness of your security infrastructure, measuring how many attacks got through your Prevent/Protect infrastructure or were picked up by your Detect infrastructure and how many were blocked. By using the PICUS toolset we offer customers not only the significantly increased scale of testing but also the possibility of continuous or more frequent testing and baselining.
To discuss how Ward Solutions Breach Attack Simulation service can measure and help improve your security efficiency:
- Contact our sales team: Information Security – Ward Solutions or call 01 6420100
- To get more information visit our website at Cybersecurity Testing – Ward Solutions
- To view a video on Wards Breach Attack Simulation service visit Ward.ie
- To view our partner’s technology go to www.picussecurity.com.