February 13, 2017
If you equate internal threats with just malicious insiders you need to read on. When thinking of the people behind internal threats you need to be concerned about three profiles, not just one:
- Compromised Insiders: These employees have had their accounts or systems taken over by an external attacker through credential harvesting, phishing or the installation of various forms of malware. While many of these takeovers are initiated via email, web drive-bys, botnets, and other modes of entry can also be the source of the compromise.
- Careless Insiders: There are also employees at every organization who ignore or simply don’t fully understand the organization’s security policies and rules. We call these folks, Careless Insiders. While ignoring security policies is not done with malicious intent, the actions – such as sending sensitive information insecurely or to the wrong people – can put the organization at greater risk of sensitive data leakage or attack.
- Malicious Insiders: And last but not least, are the Malicious Insiders. Though not common, malicious insiders do exist, and when they strike can cause significant damage. These rogue employees either intend to profit personally from or do damage to the organization by stealing, leaking or compromising confidential data or systems.
So, which one is the real problem? Unfortunately, the answer is all of them! In a recently published survey and report from Forrester, respondents were asked whether their organizations had had security incidents from each of the three types of insiders over the last 24 months. The answering was sobering: 63%, 57%, and 41% respectively had incidents from each type, respectively – Compromised, Careless, and Malicious. Clearly, internal threats are really threatening and not as rare as one might hope.
To more fully address the security threats represented by the each of these internal threat profiles, Mimecast recently announced the latest addition to our Mimecast Target Threat Protection security service: Internal Email Protect. Internal Email Protect provides for the scanning of attachments and URLs for internal-to-internal emails as well as content filtering enforced by Data Leak Prevention services. It also includes the ability to automatically delete infected emails and attachments from employees’ inboxes. In addition, so that your organization doesn’t become an attack stepping stone to one of your partners or customers, Internal Email Protect also adds the scanning of attachments and URLs for your outbound emails. Even more exciting, Mimecast is the only cloud-based email security service that has this capability!
Unfortunately, internal threats are a fact of business life. But by adding Internal Email Protect to your implementation of Mimecast Targeted Threat Protection, this service can reduce the risk that your organization will be negatively impacted by them.
View our Internal Email Protect Press Release here.
The RSA Conference whirlwind is only days away. Are you ready? Is it possible to be ready? Don’t forget to pack your Tylenol and your sensible shoes. Like many of you, even though the conference is for a full week, my free time at the conference is extremely limited with many competing priorities. Planning is required to make the best use of my time. Beyond working the Mimecast booth and meeting with customers, prospects, industry analysts, and journalists, what will I do with my free time? Attend some sessions.
In no particular order, here are the 5 sessions that have caught my eye that I will make every effort to attend:
- Lessons from a Billion Breached Records-Ever wonder what happens with all those stolen data and how they were stolen? And why do attackers often dump this data publicly? With breaches representing a billion breached data records in scope, it sounds like the speakers are in a pretty good position to sort this out for me.
- Cyber-Insurance: Fraud, Waste, or Abuse – Does this session sound a bit pessimistic about cyber-insurance? I frankly have not understood how insurers can reasonably underwrite a risk, in this case cyberrisk, for a loss whose probability of occurrence and size of impact is impossible to predict. I am expecting a cautionary tale in this session for sure – maybe even some anger!
- Practical Intelligence Sharing: ISACs and ISAOs– Intelligence sharing has certainly made progress, but it seems to me that we still have a long way to go. This session is closely related to my current strategy focus at Mimecast as we collect a tremendous amount of data by processing the email of our 20K+ customers and inspecting ~650M emails every day for threats. But how best to share the meta-information we glean from this data with customers and industry groups? I hope this series of sessions will add to my insights on this.
- Targeted Attacks Against Corporate Inboxes – A Gmail Perspective– Another session of the five that directly relates to what we do at Mimecast for email security. Always interesting to hear what one of the big email service providers is seeing and doing (and not doing) around email security.
- Psychology of an Eastern European Cybercriminal: Mindset Drives Behavior– Under the guise of knowing your adversaries, this session looks quite interesting as it will focus on making some of the nameless and faceless cybercrime bosses a bit more human. While I don’t expect to come out of this session with any sympathy for them, perhaps I can pick up some tricks to help our customers better defend against them.
In my 15 consecutive years of attending RSAC, I never cease to be amazed by the scale and scope of the conference. Let’s all try to attend some sessions this year! These are my 5 suggestions. What other ones do you think should be on my list?
Mimecast Adds New Continuity Features to Monitor, Alert and Respond More Quickly to Mail Flow Disruptions
In a recent global survey of 600 IT decision makers, Mimecast found that 88% view email as critical to their organization with 55% saying email is mission-critical. This isn’t surprising; email is often the first thing we check in the morning and the last thing we check before going to bed. Any email disruption can bring productivity to a screeching halt—severely impacting customer service, preventing new sales, and impacting day-to-day operations.
Mimecast is pleased to release new Continuity Event Management features designed to ease the challenges of identifying, diagnosing and responding to mail flow problems on Microsoft Office 365™, Microsoft Exchange™ or G Suite by Google Cloud™. When every second counts, Mimecast reduces the time to respond to email disruptions so organizations can avoid the problems caused when this critical infrastructure isn’t working.
Mimecast Continuity Event Management features enable administrators to:
Monitor –Mimecast monitors for high latency and failed deliveries, both inbound and outbound, so admins stay on top of potential issues.
Alert – Organization specific thresholds for mail flow give administrators the ability to tailor when they are notified. Once a threshold is met, an automated alert is generated and sent via SMS or to an alternate email address. Administrators are alerted to problems on any device, anywhere.
Respond – A fast response continuity event portal provides the administrator with key metrics on the mail flow problem and gives details to quickly assess the severity of the problem. One-click activation starts continuity, with Mimecast sending and receiving email until the primary system can be recovered independently. An SMS message to employees reduces manual tasks and ensures the employee base follows company procedures.
Whether your organization operates on-premises, from the cloud or in a hybrid environment, problems still do occur. By analyzing customer data, Mimecast finds that 11% of detected outages were due to server or service issues that lasted 24 hours. Another example is the June 30, 2016 mail disruption of Microsoft Office 365™ which lasted for over nine hours on the last day of the month and last day of the quarter across most tenants in the United States.
No company can predict when a mail flow problem will arise and as the Office 365 incident points out, any disruption during a critical time can have widespread consequences. With the new features, available March 2017, Mimecast makes it easier to detect and manage mail flow disruptions.
Learn more about Mimecast’s leading Mailbox Continuity service and new event management features.
A long time ago, a supercomputer named Deep Thought concluded that the answer to the ultimate question to the meaning of life, the universe, and everything was 42. Although it took Deep Thought 7 and a half million years to produce this answer, it concluded that finding the answer would have been much simpler had it known the question. Deep Thought didn't understand what the "ultimate question" was. And we'll agree; it's definitely hard to provide an answer without a question. Here at Mimecast though, we have the question…the ultimate question…42 of them to be exact!
Join us as we get to know our Mimecast experts in a new blog series called “42 Questions.” We may not find out the answer to life at the end, but we’ll definitely find the answer to what our expert thinks it means to be a Mimecaster, the top security threats they worry about, and even their favorite superhero just to name a few. That should hold us over while we come to a consensus on why 42 is the answer to the meaning of life, the universe, and everything! Enjoy!
Video Script below:
JLW: I’m Jamie Whalen, Social Media Manager at Mimecast and we’re here with J. Peter Bruzzese, a Mimecast employee and Microsoft MVP. We will be asking him a set of 42 quick rapid response questions to get to know who J. Peter is just a little bit more. Are you ready for 42 questions?
J.PETER: You bet- “Greetings Mimecast and Jamie!”
1. What is your MVP Technical expertise?
Awarded 7 times, first 4 times was for exchange 2nd two times was for Office 365. And to put it all into one bucket, the office service, and services bucket.
2. Favorite actress?
3. Favorite movie?
Rocky I, II, III
4. Infrastructure or Software as a service?
Software. Infrastructure is very legacy facing which is still necessary for a hybrid move to cloud but with container and such along with SaaS really providing what most organization need… I see SaaS as the real future in 5 years’ time.
5. Favorite food?
Anything parmesan. Chicken, eggplant, etc.
6. Why do you consult for Mimecast?
When I was first looking at Office 365, I liked it but I felt like there was a need for something else to fix all of the gaps in Office 365. And so, in looking around, the only solution I found that could fill the gap of security, archiving, availability, was Mimecast. And so I decided to work for them.
(Want to see the sleep chambers? They encourage napping!!! I’m a huge fan of napping.)
7. Typical bedtime?
Good question. Any time after midnight.
8. Bed attire?
Pajama bottoms and a t-shirt (either incredible Hulk shirt or some other superhero).
9. Scariest place you’ve ever been?
I lived in Ciudad del Este Paraguay for a year. It’s on the border of Brazil and Argentina. It had its scary moments.
10. Nicest place you’ve ever been?
Ariel de Cabo, an area right above Rio de Jenario.
11. How many languages do you speak?
One – English. But I can also hold conversations in Spanish, Portuguese and Mandarin.
12. Say something in Mandarin?
Wo de mingze Li Xiao Lung.
13. What did you just say?
My name is Bruce Lee.
14. Favorite sci-fi weapon?
15. Coolest career moment?
First published book in my hands and the first time I was awarded the MVP for Exchange.
16. Favorite third party bolt-on solution for Exchange on-prem or online?
Mimecast (look around!)
17. Facebook or Twitter?
Twitter. I don’t do Facebook.
18. Top 3 security threats you worry about?
Spear phishing, Ransomware, Impersonation wire transfer hoaxes.
19. Coolest party game?
Binary Code Conversion. It’s where you take decimal numbers and convert them to binary and vice versa. How’s that for geeky?
20. Favorite superhero?
Marvel- the Hulk. But if you’re talking about DC- Superman.
21. Coolest tech person you’ve met?
(Take out iPhone and show picture of Steve Wozniak) Steve Wozniak.
22. If you could go to Mars would you do it?
Absolutely not… have you seen the Martian? Yeah… no thanks.
23. What’s your favorite color?
24. Least favorite color?
25. Favorite tech gadget you can’t get enough of?
26. Favorite comedian?
27. How would you describe the last election?
Well… I’m neutral but I did hear someone call it a Kobiyashi Maru… and that was funny.
28. Favorite number?
29. What’s your favorite part of Office 365?
30. What’s your least favorite part of Office 365?
(Hey, I heard someone you knew made something here, what and where is it? – enter Parson’s Green)
31. Who built this table?
John Dickey, the owner of the Timberguys. Really awesome stuff.
32. Favorite part of the Mimecast space?
This table in the Parson’s Green room. Believe it or not, the wood came from a boat that was owned by Louis Boxer.
33. How do you know him?
We went to school together.
34. How would you describe yourself?
Two words: driven and passionate
35. Who makes you laugh?
36. What’s keeping you busy these days?
A lot of traveling, talking about cyber resilience and risk mitigation. Specifically with Office 365. With the many threats that are facing the world, you need something on the front end of Office 365 to help provide mitigation and that resiliency. Speaking about here in the states, UK, and Canada.
37. What is a great enhancement a company can assist with, a third party bolt-on enhancement?
Mimecast is one. The enhancements that Mimecast can assist with is really amazing. It’s not just a siloed solution, Mimecast was developed in the cloud, not ported into the cloud. And, they hit upon security, archiving, continuity. Hitting on all things 0365, which really hits on everything you would need to be successful. Mimecast is the only solution I have found that can do that.
38. What’s something you can’t do?
39. What do you like best about Mimecast?
Well as a solution, Mimecast is something that provides a full blanket of resiliency. Mimecast is security, archiving, continuity. It protects you from the bad guys, and if something goes wrong it’s the continuity that keeps you up and running. The fact that you can continue to be up and running no matter what is something that Mimecast can give you.
40. What’s the best gift you’ve received?
My two children. A boy who’s 9 and a girl who’s 6.
41. Dogs or cats?
Dogs, I’m allergic to cats.
42. Last question, what’s the best part about being a Mimecaster?
The best part is the people, the people at Mimecast they work hard, are very diligent. They are committed to providing cyber resiliency to their customers. I think it’s fantastic. But hands down, it’s the people that make Mimecast.
Stay tuned for a new 42 questions coming up in February. Where you’ll get to know Mimecast a little bit better.