It’s 2017, and many organisations are still grappling with solving two of the biggest routes of attack into their business from the Internet - via their employees' in-boxes and web browsers.
Employees no longer consider web access and email a nice to have. In almost every organisation they’re considered a basic part of the workplace, like a desk and a coffee machine. Simply put, email and web access are fundamentals of most job functions as most businesses move operations increasingly online and adopt digital transformation.
The reality is stark however. Today, web and email represent the biggest and easiest routes to deliver a cyberattack via your employees. Attackers of multiple motivations all use the same techniques that continue to succeed, be that nation state or otherwise.
Let’s look at some of the concerns of both in-boxes and web browsers below:
- Spear-phishing attacks remain unstoppable, while detection continues to fail.
- Employee awareness, whilst useful, is unreliable; humans make bad decisions.
- 91% of spear-phishing attacks are credential theft attacks (according to Verizon DBIR 2016).
- Web browser architecture dates back to 1995, opening vulnerabilities, a.k.a. client side code execution.
- Detection solutions “gap” that fail to stop attacks.
- Customers are blocking more and more web content due to risk, causing productivity issues.
Isolation of both email and web content offers you a new way to no longer rely on system patching, detection engines working, and employees making good choices.
The business benefits of isolation are clear. Enabling access to more of the web in a safe manner, with the benefit of productivity gains is great. Less desktop infections and re-images are big cost saver, and your SOC will thank you for less events to look for.
With GDPR and other regulations looming, I’m sure you would like less cyberattacks to worry about. Isolation offers the opportunity for you to get ahead of cyberattacks, whilst still enabling your business to function as normal.
Come over to see us at The Cumberland Arms pub during InfoSec Europe for a chat, demo and a cold beer! https://www.menlosecurity.com/infosec-2017-registration-page-menlo