Email is the number-one threat for cyber-attacks, according to the Cisco 2015 Annual Security Report.* The increasing amount of business-sensitive data sent by email means the potential for leakage is excellent.
Hacking is now industrialised, and targeted campaigns are more sophisticated. Email virus attacks and spear-phishing schemes are on the rise, delivering malware designed to infiltrate data centres where high-value data resides. The advanced malware that malicious actors deploy can easily evade point-in-time security solutions and spread quickly through a network.
In today’s threat landscape, where the security perimeter has been pushed to the cloud and data is a prime target for attack, the chance of a compromised network is virtually assured. That’s why today’s organisations need email security that provides:
- Protection Across the Entire Attack Continuum—Before, During, and After an Attack
- Stay Ahead of the Evolving Threat Landscape
- Handle the Wide Variety of Spam and Viruses
- Protection to Sensitive Data and Prevents It from Leaving the Organisation
- Addresses New Attack Vectors as They Emerge
Requirement 1: Protection across the Entire Attack Continuum – Before, During, and After an Attack
Employees once checked text-based email from a workstation behind a company firewall. Today they access rich HTML messages from multiple devices, anytime and anywhere. Ubiquitous access creates new network entry points that blur the lines of historically segmented security layers.
Today’s email security solutions provide continuous monitoring and analysis across the extended network, so enterprises have greater ability to stop threats and protect users across the full attack continuum—before, during, and after an attack.
Requirement 2: Stay Ahead of the Evolving Threat Landscape
Modern web security requires the ability to block malware from both suspicious and legitimate sites before it reaches a user. Business tools that increase productivity can significantly increase the probability that users will encounter malware. Even legitimate websites can pose a threat by malware designed to hide in plain sight. Web security in this environment must be capable of dynamic reputation – and behaviour-based analysis. It also must be nuanced enough to support policies that give employees customised access to the sites they need while selectively denying the use of undesired sites and features like web-based file sharing.
Requirement 3: Handle the Wide Variety of Spam and Viruses
Phishing continues to prove its value to criminals as a tool for malware delivery and credential theft because users still fall prey to common spam tactics, according to the Cisco 2015 Annual Security Report.
Although there is no such thing as 100 per cent protection from spam and viruses, organisations can reach a catch rate higher than 99 per cent by layering and integrating multiple antispam engines and various antivirus engines. A security architecture that tightly integrates various engines and allows them to work together automatically and transparently not only increases protection levels but also reduces false-positive rates, as they serve as a check and balance against each other.
Requirement 4: Protection to Sensitive Data and Prevents It from Leaving the Organisation
Modern email security solutions can help reduce the chance that critical data will leave the network either by accident or by design. Organisations need the ability to detect, block, and manage risks in outbound email. Solutions with content-aware, policy-based data loss prevention (DLP) and encryption capabilities can offer that protection. Outbound antispam and antivirus scanning, along with outbound rate limiting, helps organisations keep compromised machines or accounts from ending up on email blacklists.
Requirement 5: Addresses New Attack Vectors as They Emerge
Preventing data from leaving the network and ending up in the hands of unauthorised users also requires organisations to know at all times which users are attempting to gain access to the network, from what location, and from what type of device. This requires a highly secure mobility solution that can provide information on user identity and location, device operating system and version, and user access privileges. Next-generation firewalls can then enforce network access based on context. Enterprises should look for email security solutions that offer flexible deployment options that encompass physical appliances, virtual appliances, the cloud, and hybrid offerings. In addition, solutions should be able to scale from hundreds to thousands of users with little disruption.
Why use Cisco as your Email Security Model?
To protect their data, networks, and users, today’s organisations need a threat-centric email security model. They must be able to address the full attack continuum across all attack vectors and to respond at any time, all the time, in a continuous fashion—before, during, and after an attack. With Cisco email security, organisations can monitor and control data flowing into and out of the enterprise.
Antispam Defences – Cisco provides a multi-layered antispam approach for comprehensive protection. Cisco combines the outer layer of filtering based on sender reputation and an inner layer of screening that performs an in-depth analysis of each message for a defence that stops spam from reaching company inboxes.
Outbreak Filters – Protect your email with a zero-hour antivirus solution that defends against brand-new viruses. Outbreak filters support an average of 13 hours ahead of traditional reactive antivirus solutions.
Cisco Advanced Malware Protection – Cisco AMP integrated capability spans Cisco FirePOWER™ network security appliances, endpoint protection for PCs, Cisco email security, Cisco web security, and mobile and virtual systems.
Robust email security solutions, like those from Cisco, are a core component of a modern security strategy because they rely on real-time intelligence; provide precise access control; and are content, context, and threat aware. With Cisco email security solutions, you are protected across the entire attack continuum. Cisco service offerings are available to help you assess and deploy your security solution quickly and cost-effectively.
By Matthew Cooper, Comms Express