The State of Email Security 2018 Report
The latest threats, confidence killers and bad behaviors—and a cyber resilience strategy to fix them
Mazars is an international, integrated and independent organisation, specialising in audit,
accountancy, tax, legal and advisory services. The firm’s offices in the Netherlands employ a staff of 600 people who work hard every day to make a difference to their clients. As a professional services firm dealing with often sensitive and personal client data, the firm has always been acutely aware of its security responsibilities. As IT director Frank Keessen puts it: “It’s unthinkable that we should allow our clients’ information to fall into the wrong hands. In fact, guarding our IT systems against cyber threats is crucial to our reputation and to client trust.”
However, Mazars extensive use of email to communicate with clients and colleagues, coupled with the emergence of an array of new email borne threats has made managing email security a lot more challenging.
“The days when email security issues were limited to spam and general malware are gone,” Frank said. “Hackers have got much more sophisticated and, over the past couple of years, we’ve seen a large rise in ransomware attacks, mainly delivered via email attachments or malicious links in emails.”
On top of that, the potential impacts of a successful attack are set to become much more significant under GDPR, for instance with loss of customer data punishable with huge fines.
“If our commitment to client confidentiality and data security wasn’t enough to make us take emerging risks seriously, then the punishments that can be levied under GDPR would certainly focus the mind,” Frank explained.
It was clear to Frank that he needed to identify a solution that would effectively defend Mazars against these new threats, and stay one step ahead of an ever-changing threat landscape: “I wanted an integrated service and partner that would be proactive in dealing with evolving threats. At the same time, it needed to be low friction for the team – a minimal admin overhead and certainly not based on many point solutions.”
As it happened, the solution Frank wanted was within easy reach. “We were using Mimecast for our email archiving, general email security and continuity,” Frank said.
“That was partly to help us comply with Dutch law, which requires we keep a seven-year archive, but also to give us the single email gateway, guaranteed data sovereignty and audit trail we need for GDPR compliance.”
By adding Mimecast Targeted Threat Protection to the mix, Frank could defend Mazars against advanced threats like spear-phishing links and malicious attachments quickly and easily.
“With Mimecast in my network I can sleep easily at night, knowing we are protected and compliant - in four years, we’ve had 99.999999% uptime,” added Frank. “It requires no specialist skills and effectively represents a zero-overhead solution, so once I understood that Mimecast could extend that peace of mind to cover advanced threats, it was an obvious choice.”
Frank and his team initially deployed two elements of Mimecast Targeted Threat Protection. Attachment Protect automatically sandboxes all attachments as they pass through the Mimecast secure email gateway, which all but eliminates the threat from malicious attachments.
“Mimecast gives us excellent protection against weaponised attachments, scanning every file at the Mimecast cloud to identify and block threats before they even get to our network,” Frank explained. “Attachment Protect is defending us against a lot of ransomware attacks, blocking on average 44 bad attachments per month.”
Similarly, URL Protect, inspects and rewrites every link passing through the gateway in real time – and scans on-click – protecting all devices from delayed exploits.
“We’re simply not seeing any bad links getting through any more,” Frank said. “Mimecast is rewriting thousands of links, and blocking an average of 209 bad links per month. I’d glad to say that ransomware events like WannaCry simply passed us by.
Mimecast doesn’t only give Mazars the protection it needs today. Frank also feels its proactive stance on emerging threats helps to future proof its defences – giving it a degree of the cyber resilient that the boardroom increasingly demands.
“Issues like GDPR plus events like WannaCry and Petya have really pushed cyber security up the boardroom agenda, so it’s great to feel we are one step ahead.”
“That’s down to the advanced protection we get from Mimecast, as well as its focus on addressing threats before they become issues for us. For instance, we are currently looking at adding Impersonation Protect to our set up, to guard against CEO fraud-style impersonation attacks
Integrating Mimecast data into the QRadar system through the data logging API, means it can be correlated …