Email remains the top initial threat vector of choice for most malicious actors which means it’s crucial that organisations pay close attention to keeping their email gateways secure. Emile Abou Saleh, Regional Leader – Middle East, Turkey & Africa, tells us about the importance of human behaviour in preventing these types of attacks and offers advice to CISOs looking to strengthen their email security strategies.
What is the current cyberthreat landscape in the UAE?
The cyberthreat landscape in the United Arab Emirates (UAE) is rapidly evolving, with cybercriminals increasingly targeting people rather than infrastructure. In fact, Proofpoint’s recent survey of CISOs and CSOs in the region revealed that that 82% of UAE organisations suffered at least one cyberattack in 2019. Over half (51%) reported multiple incidents and almost a third (31%) experienced one.
From email-based threats, such as Business Email Compromise attacks (BEC), to compromising cloud accounts and debilitating ransomware attacks, cybercriminals are aware that employees can easily be tricked. Using social engineering attacks, cybercriminals can steal credentials, siphon sensitive data and fraudulently transfer funds. Employees across all job levels and functions can put your business at risk in numerous ways, from using weak passwords and sharing credentials to clicking on malicious links and downloading unauthorised applications.
To address this, organisations must consider how often they are being targeted, the risks these attacks pose and how prepared they – and, more importantly, their workforce – are. Employee education and security awareness is often the difference between an attempted cyberattack and a successful one.
How much of a target are emails and why, and what threats are introduced via email?
Email is and will remain the initial threat vector of choice for most actors.
Email-based threats are among the oldest, most pervasive and widespread cybersecurity threats hitting organisations worldwide. From massive malware campaigns targeting millions of recipients with banking Trojans to carefully crafted email fraud, the email threat landscape is extremely diverse, creating a wide range of opportunities for threat actors to attack organisations.
More importantly, email allows threat actors to attack individuals within an organisation, a far more lucrative and effective approach than targeting infrastructure. These threats must continuously grow in sophistication as humans become better at detecting them over time.
Credentials are often phished via email – a method of attack that remains alarmingly effective. Cybercriminals are increasingly using compromised credentials to access email accounts, sensitive information and corporate systems.
Proofpoint research found that account compromise was in fact the leading method of cyberattack in the UAE in 2019, impacting 28% of companies, followed by credential phishing (20%) and insider threats (17%). Phishing and impersonation attacks/Business Email Compromise (BEC) attacks accounted for 15% each amongst the organisations targeted last year.
In line with this, email fraud via Business Email Compromise (BEC), in which an attacker gains access to an email account and spoofs its owner, is on the rise globally – and is now being described as one of the most expensive threats on the cyber landscape. In fact, the latest FBI report estimates total worldwide losses as a result of BEC at US$1.7bn in 2019.
Evidently, the threat outlook is fast-evolving and we will continue to witness cybercriminals trying to gain foothold and steal sensitive information via email-borne attacks.
How important is human behaviour in preventing these types of attacks?
Cybercriminals are increasingly targeting people rather than infrastructure. In fact, 99% of cyberattacks require human interaction to be successful.
CISOs and CSOs in the UAE recognise this human risk to their organisations, with 39% believing that their employees make their business vulnerable to a cyberattack.
Common security errors made by employees according to CSOs and CISOs include poor password hygiene (29%), mishandling sensitive information (25%), falling for phishing attacks (24%) and clicking on malicious links (20%). Interestingly, 19% cited criminal insider threats as a growing concern for businesses.
Despite facing a fast-evolving threat landscape, 75% of CISOs and CSOs in the UAE admitted to training their employees on cybersecurity best practices as little as twice a year or less. Meanwhile, only 23% of organisations in the UAE train their employees more than three times a year.
Organisations must ensure that their employees are equipped with the knowledge and the tools to defend against all manner of threats. Employees at all levels must understand how simple behaviours – password reuse and mishandling of data – can have significant, far-reaching consequences.
In order to do that, companies need to ensure they deploy regular and effective security awareness training to educate employees about best practices as well as establish a people-centric strategy to defend against threat actors’ unwavering focus on compromising end users.
What should a robust email security strategy look like?
The best email security strategies foster a combination of technology and people. With the constant uptick in phishing attacks, it’s vital that businesses invest in modern email security solutions to detect and block as much of these threats as possible, removing the guess work from users.
We recommend that organisations prioritise a people-centric approach to security that protects all parties (their employees, customers and business partners) against these threats, including layered defences at the network edge, email gateway, in the cloud and at the endpoint, along with strong user education.
How is Proofpoint helping to secure organisations?
Proofpoint invests 20% of revenue back into R&D – one of the highest in the industry – to ensure our products stay ahead of emerging threat tactics.
Email is the preferred tactic for targeted attacks, from fraudsters to large scale cybercriminals to nation states. With accurate malware detection and blocking, coupled with credential phishing and email fraud protection, Proofpoint Email Security drastically reduces potential information loss and financial consequences due to infection and compromise.
Technical solutions and controls, while important, are just one aspect of a broad and deep defence. The cornerstone is regular, comprehensive and adaptive employee training. Proofpoint Security Awareness Training is focused on engaging end users and arming them against real-world attacks. Proofpoint does this by using personalised training based on our industry-leading threat intelligence to reduce an organisation’s risk.
(FOR ITC) Can you provide insight into how you work with channel partners to deliver your solutions to end users?
Our channel partners and global customers can look to us to provide an unmatched level of insight into Very Attacked People (VAPs) as well as to protect them and the information they create from advanced cyberattacks and compliance risks and respond quickly when incidents occur.
In fact, one of the most prevalent challenges continues to be related to the protection of organisations’ Very Attacked People (VAPs) with most employees now working remotely and cyberattacks becoming more sophisticated every day.
In light of the current pandemic, Proofpoint is providing free access to its Security Awareness Training content for organisations to share with employees, to ensure they are alert to the latest cyberthreats.
To support remote workforces, Proofpoint can also offer its cloud-delivered secure remote access solution, Proofpoint Meta, to help relieve the pressure around scaling access to applications and strengthen organisations’ cloud-based architecture.
The current pandemic has highlighted the need for channel partners to continue to leverage their relations with their customers for a healthy partner ecosystem.
While organisations will encounter many unique challenges during this time, we at Proofpoint along with our channel partners are on hand to support. Hence, we recommend that security and IT teams keep in close communications with their home-based workforce as well as their partners.Click below to share this article