Are your emails safe?

Understanding the different types of email security solutions

by Scott Raspa, VP, Sales & Marketing, Graphus

When we’re talking about cybersecurity, the first thing that comes to mind isn’t always emails. However, up to 91 percent of cyber attacks actually arrive in your inbox. These email-based attacks come in multiple forms:

• Phishing: this is an attempt to steal login credentials pretending to be a trusted site – like your bank or G Suite login.
• Spear Phishing: this is similar to a phishing attack however these are much more targeted and personalized. The attackers have done their research and send personalized messages to the target.
• Malware (attachments, links, drive-by downloads): these are attacks that contain malware. It could be a malicious attachment, link, or even a drive-by download.
• Email Scams: this can be similar to a phishing attack however it doesn’t necessarily spoof a trusted identity. For example, cybercriminals could pretend to be your vendor and send you an invoice for payment. This is also known as business email compromise (BEC).

So, when you’re focused on making your company safe from threats, you should begin by carefully considering how to protect your email communications from these types of attacks.

Below we’ll break down the different types of solutions and if they protect against these types of attacks. Now keep in mind that not all solutions are created equal so a company in one category (ie Endpoint systems) may have more functionality than another company in that same category. The information below is meant to be more of a guide in helping you better understand how these solutions protect your organization from the above attack types. Also note, where it says “partial” it means that these solutions don’t necessarily offer full/complete protection for that particular attack type.

There are  multiple ways to  can tackle email security:

1. Endpoint security systems
   Endpoints (PCs, laptops, mobile devices, etc.) can be a critical risk factors for your organization. To keep endpoints secure, you’ll need an endpoint security management system in place. This can be either a software application or a dedicated appliance that enables you to discover and manage any devices trying to access the corporate network. An endpoint security system enables you to limit access from non-compliant devices or quarantine them in a virtual LAN (VLAN). Within this field, Tanium and FireEye are suitable options for businesses. Tanium is essentially a search engine for IT data; you can search for devices (even those you don’t know about), find vulnerable endpoints and take appropriate action. FireEye conducts automatic searches for malicious endpoint activity, allowing you to isolate compromised devices quickly.

   Protection:
   ● Phishing – No
   ● Spear Phishing – No
   ● Malware – Yes, if the malware gets downloaded on the endpoint
   ● Email Scams – No

2. Anti-spam protection
   No anti-spam method is perfect, and usually, any spam filtering system requires a multi-pronged approach: end-user action, automated tools, email sender action, and legal regulation. End users must be encouraged to be careful providing the corporate email address, avoid using it on forms, online publications and so on. Automated systems can provide further protection by screening for known spam addresses (blacklisted senders), scanning inbound messages for viruses and using machine learning to remain constantly up to date. Relevant options would be SpamTitan, which can be installed locally or in the cloud, and Symantec Email Security, which strengthens the security level of Office and Google products by conducting careful email screening before delivery.

   Protection:
   ● Phishing – Yes (for generic phishing attacks)
   ● Spear Phishing – No
   ● Malware – Partial (No for ‘zero-day malware’)
   ● Email Scams – No

3. Messaging systems (secure email gateways is the right term)
   For more extensive protection, some companies turn to message security systems, like Proofpoint and Mimecast. More than just filtering out spam, these products offer enterprise-grade security, applying analytics to block phishing by identifying the original sender, blocking ransomware attack, spotting spam via social media, and much more.

   Protection:
   ● Phishing – Yes
   ● Spear Phishing – Partial
   ● Malware – Partial
   ● Email Scams – Partial

4. Phishing training
   Your biggest risk to email security is, of course, human error. Uninformed employees put any security system at risk. Training your employees in staying safe when emailing is critical to protecting your company from cybercrime. Researchers found that email security fails 10.5 percent of the time. Because of this, you must make sure you have a “human firewall” in place when all else fails. The fastest growing vendor in anti-phishing training is KnowBe4, which offers training programs and a platform that simulates phishing attacks to keep employees on their toes. PhishMe offers similar training and simulations, as well as incidence response optimization through automation and reporting.

   Protection:
   ● Phishing – Partial
   ● Spear Phishing – Partial
   ● Malware – No
   ● Email Scams – Partial

5. Next-gen email protection
   At the most sophisticated end of email security, cloud-native email platforms use big data, machine learning, and custom algorithms to protect cloud-based email solutions like G Suite and Office 365. Top performers in this space include Graphus and GreatHorn, both cloud-native automated security platforms which protect Outlook 365 and G Suite users from ransomware, malware, spam, and other targeted attacks. (next gen integrates at an API level – traditional gateways sit inline and don’t have complete access to all the datasets necessary for detecting a threat)

   Protection:
   ● Phishing – Yes
   ● Spear Phishing – Yes
   ● Malware – Yes
   ● Email Scams – Yes

So, what does all this mean for your organization?

No single email security approach is going to work for every organization. Each company has its own risks, challenges, budget restrictions, legacy security solutions and cultural factors to consider. That said, one thing is for certain: a thorough, well-implemented system should include multiple solutions to cover all your bases. For instance, if you already have anti-spam software, consider adding phishing training and endpoint security.

No email security system is 100-percent secure but you can minimize risk and maximize efficacy by leveraging multiple solutions.

About the Author

Scott Raspa is the VP, Sales & Marketing for Graphus. He has been in sales & marketing for 15+ years with the last 8+ years focused on solving complex cybersecurity problems. At Graphus he leads all sales and marketing efforts. Graphus is a social engineering defense company based in Reston, VA. Their simple, powerful, and automated solution employs artificial intelligence to establish a TrustGraph™ between people, devices, and networks to reveal untrusted communications and detect threats. Scott can be reached online at ([email protected], @sraspa) and at our company website https://www.graphus.ai