I had a strong case of déjà vu while attending the recent Gartner Security and Risk Management Summit. That’s because a lot of what I heard from speakers on cybersecurity was familiar. It reflected what IRONSCALES has been championing about email security for the past few years.
It’s exciting to see that our vision for phishing prevention, detection and incident response is moving into the mainstream and gaining recognition in the market.
Here are my top four takeaways from the email security sessions at the Gartner conference.
Neil Wynne: Current email strategies remain flawed
In the constantly shifting email threat landscape, technical controls such as anti-spam and anti-virus solutions aren’t enough to defend against such sophisticated, targeted and advanced attacks.
Recently, our research found that 42% of all email phishing attacks are polymorphic, undergoing permutations to evade email security tools, such as static protocols and signature-based detections.
During his presentation on “Redefining Your Email Security Strategy for 2020 and Beyond,” Neil Wynne noted that most email security strategies are inherently flawed. Most security teams rely too much on technical controls, but they are doomed to fail if they don’t factor users and security analysts in the equation. In Wynne’s view, users must be at the center of the enterprise email security strategy.
Companies that invest in a platform to educate users about phishing threats and provide an easy way for them to report incidents will be better equipped to mitigate the risk of malicious emails.
The new integrated email security architecture
Today, cybersecurity is extremely fragmented, with tools for awareness, secure email gateways (SEG), spam filters, anti-malware and incident response operating in separate silos. Attackers are exploiting this weakness, resulting in major threats slipping through the cracks.
To close the gaps, enterprises need to adopt Gartner’s Continuous Adaptive Risk and Trust Assessment (CARTA) architecture and implement a unified platform that supports threat prediction, prevention, detection and incident response.
The future is autonomous
In a world where incoming threats are growing exponentially, no enterprise can ever deploy enough security analysts to cover the increasing workload.
By 2022, Gartner’s Lawrence Pingree predicted that 30% of security operational playbooks will be fully automated, up from just 10% in 2019.
Thus, autonomous decision-making and email threat defense are inevitable.
Through real-time external sharing and querying, an autonomous security ecosystem would enable an anti-phishing platform to probe endpoint security to trace the path and current location of incoming threats. Likewise, a platform could automatically move to block a suspicious threat, such as a fraudulent URL, at the gateway based on multiple user reports.
We can’t combat threats alone
We are glad to see the market embracing a more holistic platform approach toward email security.
However, there was one key element missing from the PowerPoint decks at the Gartner summit – we call it Federation.
Through a distributed and decentralized approach to threat detection and response, our Federation enables security analysts from one company to act together as one big virtual team with thousands of other security analysts from other companies.
At IRONSCALES, we believe that Federation is an idea ready to be embraced by the market. With this collective cybersecurity approach, we will break down the silos that exist across hundreds or even thousands of organizations. As a result, we will help create a much stronger architecture for email security.
Together with our customers, we’re bringing the power of collective cybersecurity to fight phishing, BEC and other types of email threats wherever they exist around the globe.
Connect with us today to get your company’s inboxes protected from advanced email threats.
Eyal Benishti is founder and CEO of IRONSCALES.