Virtualization Technology News and Information
Migration to the Cloud Forces Companies to Rethink Their Email Security Strategy

The secure email gateway (SEG) worked for decades, no doubt. It was truly the first line of defense against email-based threats that took advantage of people and technology to enable fraud through malicious links and attachments.

Those solutions, though, no longer work against the new identity-based threats that dominate the email threat ecosystem today. Email and the threats against it are changing faster than ever before. To keep up, email security must do the same.

"Cybercriminals have learned how to evade the legacy email security systems that organizations put in place to protect against bad actors," said Patrick Peterson, CEO, Agari, the next-generation Secure Email Cloud that restores trust to the inbox. "They have changed tactics, using new types of emails to con their victims out of millions. They no longer focus on spreading malware and viruses but instead use identity deception to trick their targets."

Attackers exploit security gaps in the underlying email protocols or the user interface constraints of email clients. As a result, they are able to send email messages that leverage the identity markers of trusted people and use deception techniques informed by social engineering to manipulate recipients into taking a desired action. These messages hide in plain sight, easily bypassing legacy security systems undetected, and use personal and professional context to defraud businesses and individuals.

Criminals scour websites like LinkedIn to determine relationships between people to make an email appear believable. The last barrier they encounter is figuring out ways to bypass the email security defenses, to score big. Once the email has been delivered, they can easily prey on human emotions to trick the recipient into wiring money or divulging sensitive information. As a result, email security protocols must be hardened to this type of attack.

At the same time that cybercriminals are evolving their tactics, businesses are shedding on-premise infrastructure, moving in mass to cloud-based platforms such as Microsoft Office 365 or G Suite. These platforms provide native support for anti-spam, virus and malware blocking, email archiving, content filtering, and even sandboxing-a natural evolution as new technologies are developed in a better way than their predecessors. In the case of email, this means integrating services into the base platform that in the past were bolted on.

Designed to assess incoming emails by analyzing content and infrastructure reputation, these platform-native controls are proving essential to ferreting out spam, malicious URLs and malware, certain keywords, or a high volume of attacks from a single IP address. That said, they lack when it comes to protecting against the advanced email threats that use identity deception techniques. Clearly, a better solution-one designed for the cloud-is needed.

This move to cloud-based email and the onslaught of zero-day attacks that successfully penetrate the inbox are shifting email security from signature-based inspection of email on receipt to continuous detection and response using machine learning to detect fraudulent emails and to hunt down latent threats that escaped initial detection or have activated post-delivery.

Enter the Agari Secure Email Cloud. Through the power of predictive AI and advanced machine learning, the Agari Secure Email Cloud fundamentally transforms email security from event-based inspection of incoming messages on receipt to continuous detection and response for new and latent threats in all inboxes. In actual deployments, this unique technology approach, combined with real-time cloud delivery, performs with 99.9 percent efficacy in detecting rapidly evolving advanced attacks-including those that are highly-personalized and from time-to-time use custom variants of malware, viruses, Trojans, and worms.

A combination of a human-labeled big data, semi-automated learning algorithms, and real-time cloud-based delivery makes the Agari Secure Email Cloud smarter and more reliable with each email analyzed.

Published Wednesday, June 19, 2019 6:16 PM by David Marshall
Filed under:
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<June 2019>