Email Risk is Universal: Securing Business Email in Every Industry Sector - Information Technology (IT)
- by Brittany Day
Information Technology (IT)
Email is the attack vector of choice among cybercriminals, and email-borne threats are constantly evolving to become more prevalent, advanced and dangerous. Research by Verizon reveals that over 90% of cyberattacks are carried out via email. Because of this, it is imperative that service providers and other businesses in the technology industry have a sound email security strategy in place to protect both themselves and their clients from phishing, ransomware and other malicious threats.
Lately, spear phishing attacks targeting businesses in the technology sector have taken a new twist: attackers are asking for documents to be sent to them as opposed to hacking into systems and stealing these confidential files themselves. A popular tactic around tax time has been for threat actors to pose as a CEO and ask for employee W-2s to be forwarded to them. This is what happened in the notorious 2016 data breach that Snapchat experienced. A threat actor posing as Snapchat CEO Evan Spiegel emailed an employee in the payroll department and made a W-2 request. The employee, not carefully checking the email address, forwarded sensitive information including Social Security numbers and stock holdings to the attacker.
Technology companies could be doing much more to protect individuals and organisations from the threats posed by spear phishing. Cloud email providers are in the email business - not the email security business - and take a broad-brush approach to protecting users. More focused protection is needed because the specific threats that each business faces are unique. Companies in the Information Technology sector should be utilizing a solution that identifies the biggest threats within an organization and implements a complete, end-to-end information protection program with advanced encryption technologies, mitigating the risk of data leaks and breaches.
We’ve also compiled a list of general technology best practices that organizations can follow to protect their business in any industry.
Must Read Blog Posts
- Demystifying Phishing Attacks: How to Protect Yourself Now
- What You Need to Know to Shield Your Business from Ransomware
- Shortcomings of Endpoint Security in Securing Business Email
- Microsoft 365 Email Security Limitations You Should Know
- Complete Guide to Email Viruses & Best Practices to Avoid Infections
Latest Blog Articles
- Thinking Strategically about Email Security in 2021 and Beyond
- Open Source: A Powerful, Yet Underutilized Weapon against Phishing & Zero-Day Attacks
- Buyer's Guide: What to Prioritize in an Email Security Solution
- Buyer's Guide to Microsoft 365 & Workspace Email Security
- EnGarde Cloud Email Security: The Logical Solution to Cyber Risk in Microsoft 365
- Exchange Servers Are Vulnerable - Learn How To Secure Your Email Server Now
- Top Email Security Risks in 2021 - How To Set Your Business Up for Safety & Success
- Ransomware By The Numbers: How Big Is My Risk?
- SMB Ransomware Warnings & How To Prevent an Attack
- Apache SpamAssassin 3.4.6 Release Fixes Two Potentially Aggravating Bugs