February 28, 2017Our promise to the industry was to engage, educate and provide valuable insight into major cybersecurity issues facing organizations around the world.
Here is a small recap of what happened at RSA Conference, so you can feel like you were able to attend:
Moment 1: ‘Cyber Resilience Think Tank’ at the San Francisco NASDAQ Center
The Mimecast team hosted a great event at the San Francisco NASDAQ Center for an early morning ‘Think Tank’ lead by Mimecast’s CTO, Neil Murray, and moderated by Venable’s CEO, Ari Schwartz. Security thought leaders from various industries joined in one room to network and share the challenges organizations face today with cyber resilience. As organizations work to become adopt a more cyber resilient strategy there was consensus among the peers in the room that the diversity of the attack must equal the diversity of the defense.
Moment 2: Dark Reading Interview with Bob Adams
Lights, camera, action! What a moment for our very own senior cybersecurity strategist, Bob Adams, who was in front of the camera for an interview with Dark Reading. Bob highlighted the latest security gaps with internal email and the proposed solution, which Mimecast launched at the start of the show. He also discussed how to gain valuable insight into the attacks being missed by many incumbent email security solutions. Interested in watching? Click on the image to watch the full interview below
Moment 3: Live Hacks at the Mimecast Booth
Full house, no problem. Security experts Bob Adams, Julian Martin, and Matthew Gardiner demonstrated onsite ‘LIVE HACKS.’ The gist of the hacks incorporated social engineering attacks, phishing attacks and the ease at which a hacker can use email as a primary hacking mechanism to own the target’s system, gain bank information and take over someone’s video camera without them knowing. You can view the live Periscope video below if you would like to take a look for yourself.
Moment 4: Insights into the latest Cyber Threat Plaguing email
Who doesn’t like working on solving problems with clients? At the event, we got to meet with many customers and new prospects. Thank you, to everyone who stopped by the booth. We were able to share the latest email security threats we see organizations face daily. This included 421 unknown malware threats, all of which were missed by a number of incumbent email security solutions. Check out a summary of these threats in our latest Email Security Risk Assessment infographic we had posted in the booth here.
February 14, 2017
Would it surprise you to learn that in recent testing Mimecast has seen a 13.2% false negative rate for incumbent email security systems? Does your current email security system let through an inordinate amount of spam, malware, malicious URLs, or impersonation emails?
How would you find out if it did? Is your primary source for detecting false negatives your users? Do you wonder how your email security performance compares with your peers?
The fact is, until now, there hasn’t been much data comparing or benchmarking the performance of email security systems. They all claim the ability to defend against spam, malware, spear-phishing, malicious links and other email attack techniques. But how good are they really? How do they compare in their ability to block opportunistic email-borne attacks as well as more targeted attacks?
In working with our more than 25,000 customers, Mimecast has seen firsthand that email security systems do not perform equally well. To address this lack of data head-on, Mimecast launched its Email Security Risk Assessment (ESRA).
The Mimecast ESRA has three goals:
- To test the Mimecast cloud security service against an individual organization’s incumbent email security system. To help the organization see in one report the number, type, and severity of email-borne threats that are currently getting into their organization.
- To inform the security industry with hard data on the effectiveness of various commonly-deployed, email security systems.
- To inform the security industry with hard data regarding the number, type, and severity of email-borne threats that are actively being used in attacks.
In an ESRA, Mimecast uses its cloud-based Advanced Security service to assess the effectiveness of other email security systems. The ESRA test passively inspects emails that have been inspected by the organization’s incumbent email security system and received by their email management system. In an ESRA, the Mimecast service re-inspects the emails deemed safe by the incumbent email security system and thus looks for false negatives, such as spam, malicious files, and impersonation emails.
The results we’ve uncovered so far are concerning: Email attacks ranging from opportunistic spams to highly-targeted impersonation attacks are getting through incumbent email security systems both in large number and in various types.
To learn more and to see the results of the ESRA tests completed to date, please check out this paper.