Leveraging People in the Email Security Battle

2021-07-28 13:59

A combination of humans and technology is needed to truly move the needle on email security.

Understanding the email threat landscape - what is emerging, who the threat actors are, what the latest tradecraft is, and the most commonly deployed attack techniques effectively circumventing legacy email security technologies - is critical for an organization to protect themselves.

Every email that bypasses vendor email security technologies and lands in the inbox of employees of organizations is a potential for significant compromise or loss of data.

When you leverage human knowledge to create a feedback loop with appropriate technology in the fastest and most actionable way, you can create a crowd-sourced, self-healing email ecosystem that can position your company to be ahead of the threats that make it through the SEG. MEASURING WHAT YOUR SEG DOESN'T SHARE. The number of blocked malicious emails isn't a true measure of success in the land of email security, but rather how the ones that went by the front-line controls are rapidly detected and prevented from turning into a data breach.

A WORD TO THE SOC AND AWARENESS MANAGERS. A combination of humans and technology is needed to truly move the needle on email security; leveraging humans for detection makes it hard for the attackers to predict whether or not their malicious emails will be identified and using technology to automate response provides scale and speed in resolution.

There is a full range of philosophies around how to simulate email attacks, and how to deal with employees that fail tests.

News URL

http://feedproxy.google.com/~r/securityweek/~3/Y-nzZZvvHJY/leveraging-people-email-security-battle

#email #security