Just a few months ago the world witnessed one of the largest-ever recorded data breaches. A total of 770 million email addresses and passwords were offered for sale on the dark web.
While this attack mainly affected individuals, businesses are also under threat like never before. Business Email Compromise has cost companies $12 billion since 2013, according to the FBI.
With these twin threats to data and email, it’s clear something has to be done to better secure inboxes. Fast. Particularly when you consider factors including:
By 2025, IDC predicts the world will have 175 zettabytes of data. According to David Reinsel, senior vice president at IDC, ‘Even if you could download 175ZB on today’s largest hard drive, it would take 12.5 billion drives’. One of the drivers for this explosion will be IoT in the workplace – a major challenge for IT leaders having to secure a growing number of connected devices (expected to be 75.44 billion by 2025 – a fivefold increase since 2015).
The world is lacking 2.93 million cyber security professionals. Naturally, this poses grave challenges for organisations, and overworked staff. Some companies may be able to bridge the gap by offering higher salaries, but this leaves smaller companies more vulnerable. When smaller companies are targeted and in turn, their partners may in turn be at risk.
Evolving data protection laws (GDPR being a high-profile example) means email archiving must be in place. Companies have to show – as well practice – adherence to compliance and risk minimisation.
Making defence intelligent
These factors take place against a backdrop of increasingly sophisticated forms of cyber attack. Techcrunch forecasts ‘AI-driven chatbots to go rogue, a substantial increase in crimeware-as-a-service, acceleration of the weaponization of data, a resurgence in ransomware and a significant increase in nation-stage cyberattacks’.
In the face of these threats, traditional email filters are vulnerable. They operate in front of your mail server, so don’t see old emails that can be compared to incoming emails to recognise attacks. False positives can also hold down company productivity. A typical IT team has to spend time on incident response, receiving reports, identify who’s potentially been compromised, give inboxes the all-clear. A long and manual process, which can also leave gaps.
Around a third of all business email compromise attacks targeted CFOs, Finance departments or HR according to Barracuda research.
AI as the first line of defence
However, with AI it’s about recognition rather than reacting, to isolate attacks before they have a chance to take hold. This involves behavioural analysis, where instead of a file’s appearance, it’s the actions surrounding it which have an impact.
For example, using email protection software that detects differences in writing styles. These ‘social engineering’ attacks often come with a request to ‘action urgently’. For added gravitas, they often appear to come from someone in a senior role, where questioning or refusal is less likely. What’s more, they tend to evade standard protection because they come without attachments, suspicious URLs, or malicious code.
Hiding in plain sight
Of course, the volume, variety and velocity of attacks mean that some will breach your perimeter. That’s when it comes down to training your staff to recognise a phishing attempt. For example, calculating who are your ‘high risk’ targets and tailoring special training for them.
They may also need guidance on password security. Accounts with the password ‘password’ have been compromised over 3.5 million times:
Statistics from https://haveibeenpwned.com/Passwords (snapshot 8 Apr 2019)
Blocking email threats before they arrive helps secure your mail server, saving network bandwidth and offering extra protection against DDoS attacks. However, for threats that breach your security, your staff have an increasingly vital role to play. Start by giving them simulated phishing attacks, to test security awareness and identify any gaps in knowledge. After all, it’s only by combining human and AI that you can successfully secure against hackers.