E R T N
P
X
E INIO
OP
How CISOs
can protect
against email
threats
The cost of inadequate email security can be
enormous both in terms of financial damage and
reputation. Intelligent CISO asked Jeff Ogden, General
Manager – Middle East, Mimecast, how CISOs can
protect their organisations from email threats.
H
How much of a risk do
email based attacks pose to
enterprises?
More than 90% of hacking attacks
today begin with some kind of email
phishing attack or spear-phishing threat,
and yet email security is still not being
made a priority by organisations. In
new research by Mimecast and Vanson
Bourne, 39% of UAE organisations say
it is likely that they will suffer a negative
business impact from an email-borne
attack in 2019. If email security isn’t
made a priority, organisations run the
risk of losing data, money, customers
and reputation.
The cost of email security threats on
an organisation can be enormous.
Aside from the fines and legal actions
that result when sensitive customer
information or financial data is breached,
email security threats can cost millions
of dollars in reduced customer
www.intelligentciso.com
|
Issue 13
Jeff Ogden,
General Manager –
Middle East, Mimecast
confidence, damage to reputation and,
ultimately, loss of business. In fact,
Vanson Bourne’s research indicated that
77% of all surveyed UAE organisations
had suffered some kind of loss because
of an email-based impersonation attack
in the last 12 months. responsible work force and security
culture, to bolster your defence by
creating a ‘human firewall’. According
to a report from Gartner, the security
awareness computer-based training
market will grow to more than US$1.1
billion by year-end 2020.
Why is cyber-awareness so
important for businesses? According to research Mimecast
conducted with Vanson Bourne, 95% of
UAE organisations have seen phishing
attacks in the last 12 months, yet
only 32% responded that they train
employees on an ongoing basis on how
to spot cyberattacks.
The human is the weakest link and until
the employee can identify simple threats
like phishing and more advanced ones
like impersonation fraud and spear
phishing, an organisation remains
vulnerable. Despite the most advanced
protections that can be put in place
and despite the best threat intelligence
available, organisations remain
vulnerable because of their employees’
basic lack of security awareness.
However, it is possible to raise
awareness, to create an engaged and
The vast majority of cybersecurity
incidents are a result of simple mistakes
made by employees who have the best
of intentions and these casual mistakes
can cost organisations money, their
reputation – and employees, potentially
their job. As cyberattacks continue to
find new ways to bypass traditional
threat detection methods, it’s essential
41