April 25, 2017What does cyber resilience mean to you? The answer will surely vary across industries. And, to some, the term might not mean anything at all. In fact, according to new research from Vanson Bourne, not enough organizations are making cyber resilience planning a priority.
Only 30 percent have already adopted a cyber resilience strategy, with about one-third still in the early stages of development or planning. Too many organizations are leaving themselves unprepared for the unknown, and it doesn’t have to be this way.
Organizations of all sizes need a cyber resilience strategy; no exceptions. Yes, security is critical, but not the only piece of the cyber resilience equation. Multi-purpose data archiving, business continuity and the ability to empower the end-user should also have equal consideration. This holistic approach to IT management is what we call cyber resilience, and this is core to our business and how we interact with our customers.
Cyber resilience resonates throughout everything we do at Mimecast – it’s engrained in our internal and external philosophy. But, we wanted to find out how other industry thought leaders are thinking about cyber resilience, and how they are applying it to their own business models. So, we took the great opportunity to tap into the powerful mindshare at RSA Conference 2017 by hosting the first-ever ‘Cyber Resilience Think Tank’ at the San Francisco NASDAQ Center. Insights from the event were captured in a Cyber Resilience Report released today from Cybersecurity Ventures.
I had the pleasure of leading this think tank discussion, which was made up of almost two-dozen leaders in the cybersecurity industry, and moderated by Ari Schwartz, Venable CEO and former member of the White House National Security Council. The impressive caliber of Think Tank participants – which ranged from Malcolm Harkins, chief security and trust officer of Cylance Inc., to Helen Rabe, head of information security for UK-based Costa Coffee – validates that cyber resilience is a hot-button issue that organizations of all sizes and across all industries should care about – and plan for.
The Think Tank attendees validated our approach to cyber resilience planning. It starts with the understanding that security alone simply isn’t enough. And it ends with a comprehensive plan to manage IT, and hopefully, a philosophy that helps drive your business and customer relationships.
Now, more than ever, organizations need a broad approach to cyber resilience planning and they can’t expect do it alone. Industry leaders need to continue to push cyber resilience and provide actionable insights and prescriptive advice to drive towards a more cyber resilient future.
Think Tank contributors included:
- Matt Crouse, Director, Information Security & Compliance, Lucky Brand, LLC
- Joe Gajdosik, Director of IT Security, Curtiss-Wright Corporation
- Jason Gunnoe, Chief Information Security Officer, Bridgestone Tires
- Cathy Hammond, Chief Security Architect, Teleflex
- Jim Hansen, COO, PhishMe
- Gary Hayslip, Chief Information Security Officer, City of San Diego
- Ed Jennings, COO, Mimecast
- Joel Lowe, Head of Information Security, Sonic Automotive
- Neil Murray, Chief Technology Officer, Mimecast
- Phil Owen, Global Head of Information Security, IHS Markit
- Helen Rabe, Head of Information Security, Costa Coffee
- Brian Reed, Chief Product Officer, ZeroFox
- John Sapp Jr., Director, IT Security & Controls, Information Security Officer, Orthofix, Inc.
- Ari Schwartz, Managing Director of Cybersecurity Services, Think Tank Moderator, Venable, LLC
- Maurice Stebila, IT Security, Compliance & Privacy Office, Harman International Industries
- Chris Wysopal, CTO & Co-Founder, Veracode
February 28, 2017Our promise to the industry was to engage, educate and provide valuable insight into major cybersecurity issues facing organizations around the world.
Here is a small recap of what happened at RSA Conference, so you can feel like you were able to attend:
Moment 1: ‘Cyber Resilience Think Tank’ at the San Francisco NASDAQ Center
The Mimecast team hosted a great event at the San Francisco NASDAQ Center for an early morning ‘Think Tank’ lead by Mimecast’s CTO, Neil Murray, and moderated by Venable’s CEO, Ari Schwartz. Security thought leaders from various industries joined in one room to network and share the challenges organizations face today with cyber resilience. As organizations work to become adopt a more cyber resilient strategy there was consensus among the peers in the room that the diversity of the attack must equal the diversity of the defense.
Moment 2: Dark Reading Interview with Bob Adams
Lights, camera, action! What a moment for our very own senior cybersecurity strategist, Bob Adams, who was in front of the camera for an interview with Dark Reading. Bob highlighted the latest security gaps with internal email and the proposed solution, which Mimecast launched at the start of the show. He also discussed how to gain valuable insight into the attacks being missed by many incumbent email security solutions. Interested in watching? Click on the image to watch the full interview below
Moment 3: Live Hacks at the Mimecast Booth
Full house, no problem. Security experts Bob Adams, Julian Martin, and Matthew Gardiner demonstrated onsite ‘LIVE HACKS.’ The gist of the hacks incorporated social engineering attacks, phishing attacks and the ease at which a hacker can use email as a primary hacking mechanism to own the target’s system, gain bank information and take over someone’s video camera without them knowing. You can view the live Periscope video below if you would like to take a look for yourself.
Moment 4: Insights into the latest Cyber Threat Plaguing email
Who doesn’t like working on solving problems with clients? At the event, we got to meet with many customers and new prospects. Thank you, to everyone who stopped by the booth. We were able to share the latest email security threats we see organizations face daily. This included 421 unknown malware threats, all of which were missed by a number of incumbent email security solutions. Check out a summary of these threats in our latest Email Security Risk Assessment infographic we had posted in the booth here.
Last week at Black Hat Europe, Mimecast had the pleasure of meeting hundreds of people from around the world. Many conversations were had and, with security being the focus of the conference, Mimecast was able to demonstrate exactly how our products are evolving to stop the never ending cybersecurity threats. I was able to provide multiple presentations in our booth on how Mimecast’s Targeted Threat Protection tools protect, as well as educate, users making them think before they click. Here're some top moments from the event:
The Mimecast Team met at 8am Thursday morning for a booth meeting and were ready to go once the people started flowing in. On the first day, we found ourselves speaking with a number of students and Ph.D. Candidates who saw tremendous value in providing education in line with our protection tools.
Mimecast’s very own Product Manager for Security, Steve Malone, as well as several other members of the Product Management Team, stopped by the booth to check in on the Mimecast Team and engage Black Hat attendees in great conversations about what our products are doing and where we see the future of our products evolving.
Thursday closed and the Mimecast Team moved down the street to the Albion and met with several news sources to discuss the day’s events and to help spread our message. In what you would envision a typical London setting – dim restaurant, wooden tables, and a warm fire on a rainy night a lot of friendships were made between coworkers and attendees alike.
Friday morning started with energy – I was lucky enough to be able to continue in booth presentations throughout the day leading up to a standing room only theater presentation discussing the powerful fact that 91% of attacks start with an email. Attendees were walked through the anatomy of a phishing attack and shown exactly how their data is being gathered and used against them in a variety of ways. A quote from Mimecast co-founder, Neil Murray that echoed at Black Hat Las Vegas was equally as powerful during the presentation – “The risk doesn't go away, it just changes its nature.” Attackers are evolving and Mimecast aims to evolve faster to stay ahead of emerging threats.
In an interesting turn of events, an attendee from my theater presentation was interested in discussing Mimecast’s products and our thoughts on cybersecurity further. Bruno, as he identified himself, was a reporter on cybersecurity from Italy. I was lucky enough to sit down for a 20-minute interview with Bruno and, throughout our conversation, I found he is also a white hat hacker for several large organizations. Our conversation continued well past the interview until almost an hour later when the announcement for the close of Black Hat Europe was upon us.
As for Friday, the final day, came to a close, Mimecast gave away Ray Bans, a BB-8 Star Wars droid, and other great prizes to some lucky winners. Some of the Mimecast team joined me for dinner and we reflected on the past few days and found we all had a wide variety of interesting conversations.
Overall, Mimecast came to London with high hopes, was met with a lot of great questions, and we left looking forward to next year. Until then everyone, keep your email safe!
Organizations of all shapes and sizes face a significant threat from cybercriminals. But small- and mid-sized firms may face heightened risk, as they are often targets, not only themselves, but also for those trying to attack their customer base through their perceived weaknesses in the supply chain.
Indeed, the cyber threat is growing fast, with new and sophisticated attacks proving ever more difficult to defend against. Whaling email scams, for instance are up 270% from January 2015, according to the FBI – while law enforcement received reports from 17,642 victims, amounting to more than $2.3 billion in losses from October 2013 through February 2016. The FBI also reported that law enforcement globally has received complaints from victims in every U.S. state and in at least 79 countries.
But, midmarket firms need more than technology solutions. Limited by internal resource constraints, they also need rapid access to expert support and advice – and that is exactly what they get from Mimecast.
This combination of innovative solutions and expert support has once again been recognized by two leading midmarket IT organizations. Most recently, Mimecast won two XCellence Awards at the Channel Company’s 2016 Midsize Summit East: “Best of Show” and “Best Boardroom Case Study Presentation.”XCellence
In addition, Mimecast was named "Best Vendor, Service" at the Spring 2016 Midmarket CIO Forum. Selected by a panel of CIOs, the award recognizes Mimecast as a leader in the IT Vendor Excellence category for providing an “established service that has been exemplary in specifically meeting the needs of the midmarket.”
It’s fair to say that the contribution that mid- and smaller-companies make to the economy does not always get the recognition it deserves – and, in truth, it’s often the most exciting frontier in terms of new business practice and technology adoption. However, it’s also the front line in a security arms race of evolving threats and security response. It’s the responsibility of technology providers like Mimecast to help midmarket businesses stay one step ahead, for instance with the recent addition of whaling protection to our Targeted Threat Protection service.
Watch this video to learn how Mimecast Targeted Threat Protection can help defend your business against email-based attacks.