Business e-mail arms race: Why yesterday’s protection won’t save tomorrow’s inbox

Sophisticated e-mail attacks have the potential to cripple the business, damage reputations and change the future of an organisation, which makes the right e-mail security a business necessity, says Richard Frost, Head of Consulting at Armata Cyber Security.

Richard Frost, Head of Consulting at Armata. (Image: Supplied)
Richard Frost, Head of Consulting at Armata. (Image: Supplied)

People remain the most significant cyber security risk. While security teams invest in robust cyber preparedness – according to the Mimecast State of Email and Collaboration Security 2024 Report, nine out of 10 companies have formalised their cyber security strategy – and most are incorporating best practices to protect against the threats, the humans within their organisations are opening the doors to the threats. Cyber crime now sits in the global top 10 of the most significant risks, alongside inflation and conflict, and the number one attack vector is… e-mail.

In 2023, the Mimecast report showed the most common e-mail threats were phishing, spoofing and ransomware, with the latter currently the fastest-growing threat. Ransomware attacks increased 95% year-on-year in 2023 and the cost of payment rose from $212 000 in 2022 to $740 000 in 2023. That’s a 250% increase in just the one attack vector, with spoofing (52% of respondents saw an increase) and phishing (49%) following behind. And human error is one of the single largest contributors to the success of these attacks, with 74% of breaches caused by people making a mistake.

People are falling victim to increasingly intelligent attacks that are playing on their emotions and their distraction. It’s easy, even for someone well-trained in security risks, to click on a link because they’re busy, tired and not paying attention. Employees are also making mistakes because they’re not adhering to security protocols by sharing information on social media or making poor choices when it comes to e-mails, websites and online behaviours.

Penetration testing done by companies like Armata Cyber Security also reveals how easy it is to socially engineer a mistake. After analysing the behaviours and personalities of decision-makers within the business, the penetration testing team constructs e-mails designed to entice them to click on an attachment. Unfortunately, these fake e-mails are successful more often than they should be. In penetration testing, it’s a lesson, but when it comes from a cyber crime organisation, it’s a payload injection, an instruction to pay a fake account or a highly successful phishing attempt.

Now, these e-mails – primarily targeting businesses – are becoming even more capable and virulent because of artificial intelligence (AI). The technology is simplifying the threat vectors for attackers and fooling even the most security-savvy employees. The fine line between a spoofed e-mail from a colleague versus a real one is becoming so thin that spotting the fake is harder than ever.

This is why companies need e-mail security. Yes, budgets are tight and the cost of doing business is increasing, but the cost of a successful breach is millions of rands, reputation and downtime. Spending on e-mail security is less grudge expense and more investment into protecting the business and its people from expensive mistakes. Armata e-mail security solutions protect against inbound and outbound e-mail threats across the key vectors of malware, spam, phishing, DHA and DDOS attacks as well as deliberate or accidental data leaks, outages or social engineering attacks.

With Mimecast Email Security, companies get the benefit of nearly 20 years of continuous enhancement and practical applications within a platform that’s easy to integrate and use, and provides proactive alerting and reporting. Armata provides a variety of security offerings built on Mimecast foundations to provide companies with customised approaches that are relevant to their industry and specific needs.

The tools on offer from Mimecast, and implemented by Armata, can detect phishing, monitor user behaviours, provide user awareness training and ensure 24/7 security awareness throughout the business ecosystem. Intelligent and capable, these tools reinforce an organisation’s security posture and protect against one of the most pervasive threats around. And with Armata’s expertise, organisations of all sizes can benefit from an integration that’s relevant to their market, budgets and requirements.

Don’t wait for a breach to put your business at risk. Secure your e-mail now with Armata’s customised solutions. Contact us today to protect your business and stay ahead of threats.

Share