February 28, 2017Our promise to the industry was to engage, educate and provide valuable insight into major cybersecurity issues facing organizations around the world.
Here is a small recap of what happened at RSA Conference, so you can feel like you were able to attend:
Moment 1: ‘Cyber Resilience Think Tank’ at the San Francisco NASDAQ Center
The Mimecast team hosted a great event at the San Francisco NASDAQ Center for an early morning ‘Think Tank’ lead by Mimecast’s CTO, Neil Murray, and moderated by Venable’s CEO, Ari Schwartz. Security thought leaders from various industries joined in one room to network and share the challenges organizations face today with cyber resilience. As organizations work to become adopt a more cyber resilient strategy there was consensus among the peers in the room that the diversity of the attack must equal the diversity of the defense.
Moment 2: Dark Reading Interview with Bob Adams
Lights, camera, action! What a moment for our very own senior cybersecurity strategist, Bob Adams, who was in front of the camera for an interview with Dark Reading. Bob highlighted the latest security gaps with internal email and the proposed solution, which Mimecast launched at the start of the show. He also discussed how to gain valuable insight into the attacks being missed by many incumbent email security solutions. Interested in watching? Click on the image to watch the full interview below
Moment 3: Live Hacks at the Mimecast Booth
Full house, no problem. Security experts Bob Adams, Julian Martin, and Matthew Gardiner demonstrated onsite ‘LIVE HACKS.’ The gist of the hacks incorporated social engineering attacks, phishing attacks and the ease at which a hacker can use email as a primary hacking mechanism to own the target’s system, gain bank information and take over someone’s video camera without them knowing. You can view the live Periscope video below if you would like to take a look for yourself.
Moment 4: Insights into the latest Cyber Threat Plaguing email
Who doesn’t like working on solving problems with clients? At the event, we got to meet with many customers and new prospects. Thank you, to everyone who stopped by the booth. We were able to share the latest email security threats we see organizations face daily. This included 421 unknown malware threats, all of which were missed by a number of incumbent email security solutions. Check out a summary of these threats in our latest Email Security Risk Assessment infographic we had posted in the booth here.
February 13, 2017
If you equate internal threats with just malicious insiders you need to read on. When thinking of the people behind internal threats you need to be concerned about three profiles, not just one:
- Compromised Insiders: These employees have had their accounts or systems taken over by an external attacker through credential harvesting, phishing or the installation of various forms of malware. While many of these takeovers are initiated via email, web drive-bys, botnets, and other modes of entry can also be the source of the compromise.
- Careless Insiders: There are also employees at every organization who ignore or simply don’t fully understand the organization’s security policies and rules. We call these folks, Careless Insiders. While ignoring security policies is not done with malicious intent, the actions – such as sending sensitive information insecurely or to the wrong people – can put the organization at greater risk of sensitive data leakage or attack.
- Malicious Insiders: And last but not least, are the Malicious Insiders. Though not common, malicious insiders do exist, and when they strike can cause significant damage. These rogue employees either intend to profit personally from or do damage to the organization by stealing, leaking or compromising confidential data or systems.
So, which one is the real problem? Unfortunately, the answer is all of them! In a recently published survey and report from Forrester, respondents were asked whether their organizations had had security incidents from each of the three types of insiders over the last 24 months. The answering was sobering: 63%, 57%, and 41% respectively had incidents from each type, respectively – Compromised, Careless, and Malicious. Clearly, internal threats are really threatening and not as rare as one might hope.
To more fully address the security threats represented by the each of these internal threat profiles, Mimecast recently announced the latest addition to our Mimecast Target Threat Protection security service: Internal Email Protect. Internal Email Protect provides for the scanning of attachments and URLs for internal-to-internal emails as well as content filtering enforced by Data Leak Prevention services. It also includes the ability to automatically delete infected emails and attachments from employees’ inboxes. In addition, so that your organization doesn’t become an attack stepping stone to one of your partners or customers, Internal Email Protect also adds the scanning of attachments and URLs for your outbound emails. Even more exciting, Mimecast is the only cloud-based email security service that has this capability!
Unfortunately, internal threats are a fact of business life. But by adding Internal Email Protect to your implementation of Mimecast Targeted Threat Protection, this service can reduce the risk that your organization will be negatively impacted by them.
View our Internal Email Protect Press Release here.
It’s no secret that social engineering attacks, like phishing, spear-phishing and domain spoofing have grown from being a nuisance to a colossal problem. But, perhaps the most colossal problem of the moment is Business Email Compromise, otherwise called CEO fraud or whaling.
Whaling attacks can cost companies millions in financial losses. In fact, according to the U.S. Federal Bureau of Investigation, whaling attacks led to more than $2.3 billion in losses over the last three years. Cybercriminals are able to pull off these deceptive scams by posing as a CEO, or other executive, sending an email asking the unsuspecting target to initiate a wire transfer or send payroll and other sensitive data.
It’s time to protect your organization from whaling attacks. This means you must get to know the ‘5 Phases of a Whaling Assault’ so you can both educate your employees and increase your technology defenses. They are:
- In the Crosshairs: In the first stage of an assault, fraudsters use social media networks to gather intel on their target.
- The Domain Game: Next, armed with just enough detail, they register a domain similar to the actual domain for the target company.
- Gone Phishing: An employee receives the phishing email, but doesn’t notice the subtle warning signs that it’s fraudulent.
- Victim’s Assistance: The target follows the call-to-action in what appears to be an authentic email from someone familiar.
- On the Money: But, it’s not authentic. The attacker now moves the funds from the fraudulent bank account or has sensitive employee information like W-2 forms and social security numbers that are used in a larger scam.
Are you ready to take action against whaling? Download: “Whaling: Anatomy of an Attack” to learn more, including why whaling works, examples of recent high-profile attacks, and ways to defend against whaling fraudsters.
I am in San Francisco this week for the annual security event, RSA Conference. This year, aside from the normal discussions about attacks and defense techniques and technology, the industry has returned again to a topic close to my heart: Skills training and recruitment.
As we see the security threat grow, anyone that runs a security team or a company creating technology like I do at Mimecast, is acutely aware of the pressure to recruit the talent you need to keep up.
One of the speakers at the conference speculated that while we are worried today about the thousands of unfilled vacancies we see in the industry this will be dwarfed quickly by a predicted global shortage by 2020 in the millions.
So what can we do?
First, we can use technology to better automate security activity. Reduce the burden of more simple security tasks that require people right now.
But I think the real requirement is to motivate and inspire young people in particular about the opportunity to make a real difference to their community (global, national and local) through a career in IT security.
The world’s economy and public services now rely on technology. In many ways you could say it is data that makes the world go round not money.
Protecting the technology, data and services of the world’s organizations is vital work. Inspiring work. An important public service even.
The damage both economic and social that cyber-attacks cause is substantial. We have all read the headlines and with each year, the stories seem more stark and worrying. Attacks on critical infrastructure like electricity grids as seen in Ukraine last year. The theft of personal data from healthcare providers. The extortion of critical funds from public and private organizations who have become the victim of whaling or ransomware attacks. All of these seem to be daily events now.
So, as young people in particular start out in work and are looking at their options to make a difference in the world, we need to tell them how a career in IT security ranks alongside other inspiring professions of vital public service like healthcare, law enforcement and education.
Money and training will only go so far in tackling our recruitment challenge – tomorrow’s workforce want and deserve more than that. They want to make a difference and for those with the necessary skills, a career in IT security gives them just the opportunity they are looking for. We just need to tell more of them about it in those inspiring terms.