How To Mitigate Email Security Risk With Continuous Feedback Loops

Ian Baxter |
Oct 16, 2019
Email security, continuous feedback loops

Warren Buffett once famously said that cyberattacks were “the number one problem faced by mankind,” exceeding even the threats from nuclear, biological and chemical weapons.  

While the relative risk of these global threats may be debatable, one thing is clear – Organizations are under increasing pressure to strengthen their email security against ever-more sophisticated phishing and other cyberattacks.

To combat these threats, technical controls like secure email gateways (SEG) can help, but they can never be enough. Email security is both a human and technology problem and thus requires solutions that address and leverage both aspects.

Unfortunately, the cybersecurity technology landscape is extremely fragmented today. Employee awareness tools, SEG, spam filters, anti-malware and incident response tools operate in non-integrated silos. Attackers are exploiting this fragmented cybersecurity landscape. As a result, major threats are slipping past perimeter security and landing in the email inbox. 

To close the gaps, enterprises need to adopt Gartner’s Continuous Adaptive Risk and Trust Assessment (CARTA) architecture and implement a single, integrated, self-learning email security platform like IRONSCALES that supports threat prediction, prevention, detection and incident response.

Harnessing human and machine intelligence for email security

By analyzing and feeding data from actionable human and machine intelligence, self-learning email security solutions can constantly improve their ability to predict, detect and respond to email threats in real time. These continuous feedback loops constantly analyze and learn from this intelligence from multiple sources including:

  • Employee phishing reports
  • Internal and external security analyst decisions
  • Sandbox and threat emulation results
  • Content and URL scanners
  • Mailbox monitoring to detect unusual patterns and email spoofing  
  • Distributed crowd-sourced threat intelligence

Creating feedback loops of decentralized threat intelligence 

No single technical control will ever protect against or stop 100% of all email phishing attacks. Some attacks will slip past the SEG or even more advanced business email compromise (BEC) point solutions and make it into the mailbox.

Employees need to be empowered to help identify and mitigate social engineering-driven attacks inside the mailbox. Then, as these reports are evaluated by their company’s security analysts or SOC team, they may be classified as false positive or true phishing threats.  These reports set up a continuous feedback loop of decentralized, real-time threat detection that learns and improves decision making and reflect real-time intelligence on this enterprise phishing protection layer across the globe.

With continuous feedback loops, SOC teams can prevent phishing emails from going undetected due to a lack of communication across technical and non-technical controls. Time is of the essence. Email security technology must provide automated true incident response and remediation across all affected mailboxes with the single click of a button, not continuous iterations of ‘search and delete’ script and rule-driven responses. 

Cutting through the noise to drive smarter email security decisions

As  Gartner notes (Fighting Phishing – 2020 Foresight, July 19, 2018), “We can’t escape the fact that humans and machines complement each other and together they can outperform each alone. ML reaches out to humans for assistance to address intent uncertainty. ML aids humans by supporting administrator awareness and providing assistance to higher-tier SOC analysts.” 

We couldn’t have put it better. Technology alone cannot stop all threats, but they can help cut down on the noise, so humans can do what they can do best – make informed decisions, faster. 

Ready to implement an email security platform built on an  adaptive security architecture that combines human and machine intelligence to automatically prevent, detect and respond to advanced email threats while predicting future attacks? Learn more about the advantages of a closed feedback loop by downloading our white paper,  The Seven Essentials of a Modern Email Security Platform.


SUBSCRIBE TO OUR BLOG