'Email is dead. It's a thing of the past.'
In the IT industry, this statement, or something like it, is said regularly — usually corresponding with the rise of a new communication or collaboration platform. Each time this happens, it's prudent to remember a general rule around tools: as long as they retain specific advantages for the human beings using them, they generally endure.
Email has many such advantages, so it's not going anywhere. Perhaps email's most significant advantage, however, is allowing the user to experience 'pull' communications in a world of near-constant 'push' notifications.
Increasingly this means the user retains autonomy deciding when to engage — in fact, with a renewed emphasis on work-life balance, this is an original email characteristic that makes it seem new again.
Email is also superbly linear, permitting easy access to an instantly organized trail of information between parties, supporting efficiency and follow-up. And it comes with a deeply familiar user experience.
Not only is email everywhere, but it is "built into" our lives as a required mode of communication for too many activities to name. In this sense, the net effect means email as a method of communication has entirely too many endpoints to die anytime soon.
Even as some consumers back away from regular email use, it's not a complete withdrawal. What's easier — having a receipt texted to a phone where users need to dig for it at some later date, or emailed directly into what is effectively already a filing system?
All of these advantages also have consequences for cybersecurity.
Unfortunately, this ubiquity has also covered email in a kind of invisibility cloak regarding cybersecurity. At the best of times, most people struggle to conceptualize the threats to data and operations. Digital holes punched in systems by hackers are not as apparent as a broken window or a lock on a filing cabinet, even though the amount of material taken could be magnitudes greater.
The challenge is even more significant with email, with its years of stored correspondence and gigabytes of granular information that can be monitored and exploited by patient bad actors. As a result, organizations often don't consider email as part of the security infrastructure.
This situation leads to missing a critical component of email security: the need to accurately apply intelligence via advanced email protection to ensure business information is not lost or hacked.
Email remains a security problem for organizations. Cybercriminals continue to favor email to distribute malware, phishing scams, and spam because email gets delivered to the end user, wanted or not, and email can be easily faked to appear legitimate.
The Trustwave 2021 Email Threat Report, featuring data and analysis from the SpiderLabs Email Security Research and Malware Analysis Team, details some of the most significant email threats organizations face, and provides insight on the tricks and techniques cybercriminals are using to snare their victims.
Email is an information and workflow system. For this reason, an organization cannot achieve effective email security without understanding the user and organizational needs. Unfortunately, no magic tech bullets can replace a security approach that fits hand-in-glove with how a particular organization uses email.
For example, helping the user organize inbound emails through smart categorization and routing reduces the risk of a successful phishing attack. In addition, reducing volume increases individual abilities to vet threats in those rare but vital moments when something bad slips past the screening technology.
Keep in mind that no company has a boilerplate implementation for email security, and email security is not a set and forget product. Even a minor error in threat detection can lead to a poor outcome. So don't underestimate the continuing need for end-user email security awareness and the ability to detect a phishing attack.
Resilient cybersecurity requires effective email security, and effective email security requires a constant engagement between the latest threat intelligence and the email security system itself.
An organization must look at an email security product as a critical player in the continual evolution of threat knowledge. It must also be part of a multi-layered security architecture, basically a multi-faceted product that synergizes its proprietary advantages with the advantages of other security products.
The secret sauce to defend against cyber threats must be a multi-disciplinary threat-hunting team standing behind the product, capable of deep-diving into novel threat samples and then providing those findings to the team that incorporates them into the email defense.
However, this kind of comprehensive global threat intelligence sharing becomes the secret sauce when it rapidly assimilates into a defense at speed. Therefore, email security solutions should immediately apply threat data in real-time to drive an organization's security posture forward.
It's worth remembering that the fundamentals of email security revolve around whether it can be appropriately customized to balance everyday, practical use with risk reduction.
The application of scored heuristic traits, optimized by machine learning, can maximize detection and minimize false positives. Yet, the flexibility to create an organization's own rules and apply business logic can equally work to protect the business from email compromise.
Making email work as a communication tool requires the ability to fine-tune security settings, so the workflow isn't interrupted. So, while AI and ML solutions will help bolster email security by adding screening capabilities based on behavioral learnings, this will need to be accompanied by unique security parameters related to business operations.
Here's to a future of secure email and secure organizations.