April 25, 2017What does cyber resilience mean to you? The answer will surely vary across industries. And, to some, the term might not mean anything at all. In fact, according to new research from Vanson Bourne, not enough organizations are making cyber resilience planning a priority.
Only 30 percent have already adopted a cyber resilience strategy, with about one-third still in the early stages of development or planning. Too many organizations are leaving themselves unprepared for the unknown, and it doesn’t have to be this way.
Organizations of all sizes need a cyber resilience strategy; no exceptions. Yes, security is critical, but not the only piece of the cyber resilience equation. Multi-purpose data archiving, business continuity and the ability to empower the end-user should also have equal consideration. This holistic approach to IT management is what we call cyber resilience, and this is core to our business and how we interact with our customers.
Cyber resilience resonates throughout everything we do at Mimecast – it’s engrained in our internal and external philosophy. But, we wanted to find out how other industry thought leaders are thinking about cyber resilience, and how they are applying it to their own business models. So, we took the great opportunity to tap into the powerful mindshare at RSA Conference 2017 by hosting the first-ever ‘Cyber Resilience Think Tank’ at the San Francisco NASDAQ Center. Insights from the event were captured in a Cyber Resilience Report released today from Cybersecurity Ventures.
I had the pleasure of leading this think tank discussion, which was made up of almost two-dozen leaders in the cybersecurity industry, and moderated by Ari Schwartz, Venable CEO and former member of the White House National Security Council. The impressive caliber of Think Tank participants – which ranged from Malcolm Harkins, chief security and trust officer of Cylance Inc., to Helen Rabe, head of information security for UK-based Costa Coffee – validates that cyber resilience is a hot-button issue that organizations of all sizes and across all industries should care about – and plan for.
The Think Tank attendees validated our approach to cyber resilience planning. It starts with the understanding that security alone simply isn’t enough. And it ends with a comprehensive plan to manage IT, and hopefully, a philosophy that helps drive your business and customer relationships.
Now, more than ever, organizations need a broad approach to cyber resilience planning and they can’t expect do it alone. Industry leaders need to continue to push cyber resilience and provide actionable insights and prescriptive advice to drive towards a more cyber resilient future.
Think Tank contributors included:
- Matt Crouse, Director, Information Security & Compliance, Lucky Brand, LLC
- Joe Gajdosik, Director of IT Security, Curtiss-Wright Corporation
- Jason Gunnoe, Chief Information Security Officer, Bridgestone Tires
- Cathy Hammond, Chief Security Architect, Teleflex
- Jim Hansen, COO, PhishMe
- Gary Hayslip, Chief Information Security Officer, City of San Diego
- Ed Jennings, COO, Mimecast
- Joel Lowe, Head of Information Security, Sonic Automotive
- Neil Murray, Chief Technology Officer, Mimecast
- Phil Owen, Global Head of Information Security, IHS Markit
- Helen Rabe, Head of Information Security, Costa Coffee
- Brian Reed, Chief Product Officer, ZeroFox
- John Sapp Jr., Director, IT Security & Controls, Information Security Officer, Orthofix, Inc.
- Ari Schwartz, Managing Director of Cybersecurity Services, Think Tank Moderator, Venable, LLC
- Maurice Stebila, IT Security, Compliance & Privacy Office, Harman International Industries
- Chris Wysopal, CTO & Co-Founder, Veracode
March 28, 2017
The Great MigrationMicrosoft Office 365 offers a compelling business case to organizations - trade resource intensive on-premises infrastructure and software for services managed by Microsoft and delivered from the cloud. The rate of adoption tells us the benefits are attractive. In fact, recent Mimecast research finds that 99% of Office 365 users are receiving some benefit from the service.*
The research also uncovered some very interesting information regarding how businesses with between 250 and 7,500 email users are making the move to the cloud with Office 365. First the survey found that 58% of companies were using Exchange Online with another 29% planning to in the next twelve months. For those thinking about how many employees to move up to the cloud, our research finds that the average is about 70% of the total email users. I believe this shows the importance of hybrid environments, an area that Office 365 has proved it’s supremacy over other cloud collaboration solutions.
Given that for most organizations, not everyone will be on Office 365, our research set out to find the other mail servers being used. Not surprising, many flavors of Exchange on-prem were in use with the following breakdown.
What other email service provider does your organization currently use?
IBM Lotus Domino
With a large number of organizations already moving to the cloud and many others considering Office 365, it’s interesting to look at how companies are making the transition. Mimecast research finds that about one third of companies are using a cutover migration while two thirds are opting for a hybrid migration. Hybrid migrations are generally less risky as users can be switched over a longer time period with a safe fallback position to on-premises if something should go wrong. Organizations making the move are also keenly aware of the need to port archived email to the cloud. 9 in 10 organizations have already or plan to move existing mail to the cloud.
In addition to what migration approaches most companies are using, Mimecast wanted to find out what were the top concerns when making the move from on-premises email. I guess not surprisingly, 6 in 10 were most concerned about downtime during the migration. Especially considering that over 85% view email as critical to their organization. One surprising stat was that in the event of an Office 365 disruption, almost half of the organizations said they would just wait for Microsoft to restore the service while the other 50% would look to a third party for help with email continuity. It’s obvious which employees would be more productive!
Other top concerns for the migration include security concerns of senior employee’s email privacy, on-premises system requirements for sending email and the overall impact to employee productivity.
Interested in learning more about how Mimecast can help ease the transition to Office 365 and make email safer for business? Check out the ebook, Confidently Move Your Email To The Cloud.
*The research is based on a survey with 600 CIOs, IT directors or IT managers in the US, UK, South Africa and Australia. Research was conducted by Vanson Bourne between October and December 2016.
Mimecast Adds New Continuity Features to Monitor, Alert and Respond More Quickly to Mail Flow Disruptions
In a recent global survey of 600 IT decision makers, Mimecast found that 88% view email as critical to their organization with 55% saying email is mission-critical. This isn’t surprising; email is often the first thing we check in the morning and the last thing we check before going to bed. Any email disruption can bring productivity to a screeching halt—severely impacting customer service, preventing new sales, and impacting day-to-day operations.
Mimecast is pleased to release new Continuity Event Management features designed to ease the challenges of identifying, diagnosing and responding to mail flow problems on Microsoft Office 365™, Microsoft Exchange™ or G Suite by Google Cloud™. When every second counts, Mimecast reduces the time to respond to email disruptions so organizations can avoid the problems caused when this critical infrastructure isn’t working.
Mimecast Continuity Event Management features enable administrators to:
Monitor –Mimecast monitors for high latency and failed deliveries, both inbound and outbound, so admins stay on top of potential issues.
Alert – Organization specific thresholds for mail flow give administrators the ability to tailor when they are notified. Once a threshold is met, an automated alert is generated and sent via SMS or to an alternate email address. Administrators are alerted to problems on any device, anywhere.
Respond – A fast response continuity event portal provides the administrator with key metrics on the mail flow problem and gives details to quickly assess the severity of the problem. One-click activation starts continuity, with Mimecast sending and receiving email until the primary system can be recovered independently. An SMS message to employees reduces manual tasks and ensures the employee base follows company procedures.
Whether your organization operates on-premises, from the cloud or in a hybrid environment, problems still do occur. By analyzing customer data, Mimecast finds that 11% of detected outages were due to server or service issues that lasted 24 hours. Another example is the June 30, 2016 mail disruption of Microsoft Office 365™ which lasted for over nine hours on the last day of the month and last day of the quarter across most tenants in the United States.
No company can predict when a mail flow problem will arise and as the Office 365 incident points out, any disruption during a critical time can have widespread consequences. With the new features, available March 2017, Mimecast makes it easier to detect and manage mail flow disruptions.
Learn more about Mimecast’s leading Mailbox Continuity service and new event management features.
Microsoft® Office 365™ is proving popular and adoption continues to accelerate.
A recent Gartner study found that 78 percent of IT decision makers say their organization is already using or is planning to use Office 365. This is 13 percentage points ahead of what the same survey found in 2014.
The adoption numbers clearly indicate that Office 365 is a product the market is eager for. Microsoft is adding over 50,000 customers to Office 365 a month and has well over 60 million commercial users.
While the growth of Office 365 has been explosive, when I talk to CIOs and IT directors, I often hear from them a reminder that the risks facing on-premises environments don’t change when organizations move email to the cloud. The security threats remain and companies need to prepare for, and shield employees from, productivity crippling downtime.
The scale of the platform is massive but it is important to remember Office 365 depends on a number of technologies working in concert to provide a seamless service. In the case of email, this means that Microsoft Azure Active Directory (AD), Exchange Online Protection (EOP), archiving and the administration console must be always on and always accessible. If any of these services are disrupted or compromised, the result is stark, employees can’t send, receive or access email—and potentially worse, admins can’t control this critical communication platform for their business.
Mimecast experts have engaged in hundreds of Office 365 migrations and service implementations for companies of all sizes. As part of the process, we find that there are usually five key questions to ask during the migration process:
- Do I have a back-up plan if my email system goes down from cyber-attacks, human error or technical failure?
- How do I track outages and ensure I engage my vendors with the right language in the contract to cover my organization?
- If a system outage occurs, how do I respond in the most efficient way from a technical perspective?
- What other services can I use to ensure 100 percent uptime?
- Who within my organization do I need to brief prior to, during and after an outage occurs?
By answering these five questions, organizations can take a proactive approach before a system outage occurs and have a layered cyber resilience strategy to maintain productivity.
There will always be a give-and-take between the benefits and potential limitations of a move to the cloud so it is important to have the facts – as Microsoft Servers and Services MVP and author of “Conversational Office 365” J. Peter Bruzzese frequently says, “Don’t sleepwalk into the cloud.”
If you’d like to hear the answers to these questions and more about the best way to prepare for potential risks of Office 365 register today for the webinar, Cloud Outages Happen – Be Prepared, here.