Recently, I’ve been speaking with a lot of CISOs, security industry veterans, and analysts about risk.
They all seem to agree that the vast majority of risk facing enterprises is attributable to four vectors:1 - applications/servers
2 - access
3 - web
4 - email
And if you look at each as a percentage of the total risk CISOs are trying desperately to mitigate, web and email account for nearly 85%.
Today’s security products effectively address application and access security, but traditional email and web security products are only addressing a fraction of the 85%. This is due, in large part, to the difficulty in detecting and preventing targeted spear phishing attacks.
The spear phishing vulnerabilities stem from the fact that legacy email security solutions are largely based on reputation, that is whether an email link is known to be “good” or “bad”. A link’s reputation is determined via third party data feeds, or internally by way of large-scale email traffic and data analysis.
In the case of spear phishing attacks, which target specific individuals within an organization, the email link is usually unique, as is the target user, hence there is no third party reputation data available, nor is there enough data to analyze internally to make an accurate determination. If the determination is incorrect, users are sent directly to a site where credentials can be stolen, or malware can be downloaded to an endpoint. A single error can facilitate a pervasive attack that can cause billions of dollars of damage.
Given the effectiveness and pain of spear phishing, wouldn’t it be great to simply make it go away? That time has arrived with Menlo Security’s new Phishing Isolation service.
Phishing Isolation eliminates credential theft and drive-by exploits caused by email attacks. By integrating cloud-based Phishing Isolation with existing mail server infrastructure such as Exchange, Gmail, and Office 365, all email links can be transformed to pass through the Menlo Security Isolation Platform. When users click on an email link, they are 100% isolated from all malware threats, including ransomware. Websites can also be rendered in a read-only mode which prevents individuals from entering sensitive information into malicious web forms.
With their users safe isolated, administrators can monitor behavior statistics, and provide customizable time-of-click messages that help reinforce anti-phishing awareness training. Administrators can also define workflow policies for groups or individuals that determine if or when web input field restrictions can be relaxed. With zero dependency on error-prone threat detection methods, such as data analytics, it is the only email security solution that protects every email user the instant it’s deployed. The bag of chips? It requires no new hardware or end-point software.
So now we can finally eliminate the phish and signifcantly reduce the outstanding risk.