Practitioners Report the Need for Layered Email Security

In a recent survey, a majority of practitioners agreed on the need for protection that augments email gateways to deal with phishing attacks.

By: Edward Amoroso, CEO and Analyst, TAG Cyber

On July 22, 2020, TAG Cyber and Cofense will present a webinar to discuss the survey results and present phishing defense strategies for companies who want to increase their efficacy against phishing attacks. You can learn more about the webinar and register here.

As phishing has become more prevalent and sophisticated, security experts have focused more on securing endpoints and email, the latter being the simplest way into an organization’s network. While cyber security teams have numerous defensive controls, according to a recent industry survey conducted jointly by TAG Cyber and Cofense, experts agree that deployed controls such as secure email gateways (SEGs) are necessary as a first line of defense but, on their own, aren’t sufficient to keep attackers from exploiting the endpoint.

  1. Never
  2. Daily
  3. Weekly
  4. Monthly
  5. Hourly

Conducted by email and web and targeted at mid-to-senior level security practitioners, the survey concluded that 50% of organizations report that phishing emails bypass deployed SEGs daily. One respondent, the Chief Information Security Officer of a major financial institution, replied, “SEGs are getting much better at blocking emails with links and forms, but spam asking for money or hardware or simply probing for valid email addresses still get through at a daily rate.”

The survey asked security practitioners to answer the following question: Our security team sees phishing emails get past our Secure Email Gateway (SEG) at the following rate:

The remaining 50% of respondents reported that phishing emails bypass SEGs weekly (26%) and monthly (24%). Frank Abelson, President of Navitend, which provides managed services, including security to business and government customers, agreed that a layered approach is recommended. “Many of our clients combine gateway solutions with additional controls such as training to protect their inboxes from phishing,” he said.

Another respondent, also a CISO at a financial firm responded, “Phishing emails will always get through. I don’t think any SEG is going to be 100% effective, or even 75%, because there are so many variables that can be changed to evade detection. We accept this to be true, and therefore have other controls…that can block access to the links once clicked, isolation that can render pages inert, or visual cues to indicate to the employees that the e-mail might not be safe.”

To learn more about the survey’s results and layered phishing defenses, register for the webinar.

Aaron Higbee, CTO of Cofense, sees this as an opportunity. “We have known for years that human detection combined with automation is necessary to protect employees from phishing attacks,” he said. “We are not surprised that this TAG Cyber survey found attacks leaking into enterprise inboxes.”

All third-party trademarks referenced by Cofense whether in logo form, name form or product form, or otherwise, remain the property of their respective holders, and use of these trademarks in no way indicates any relationship between Cofense and the holders of the trademarks. Any observations contained in this blog regarding circumvention of end point protections are based on observations at a point in time based on a specific set of system configurations. Subsequent updates or different configurations may be effective at stopping these or similar threats.
The Cofense® and PhishMe® names and logos, as well as any other Cofense product or service names or logos displayed on this blog are registered trademarks or trademarks of Cofense Inc.

This post was first first published on Cofense’s website by Cofense. You can view it by clicking here