Stranger emails: rethinking anti-phishing solutions in the enterprise

Phishing attacks are not new, but they remain a major threat to businesses. According to a report from PhishMe research, phishing forms the basis of more than 91% of breaches. While there’s been a massive increase in the number of anti-phishing solutions available on the market and businesses have been forking out big bucks on them, there’s really very little to show for it all. Phishing attacks appear to be on the rise. According to Microsoft’s latest security intelligence report, adversaries continue to use phishing as a preferred method of breaching businesses due to its effectiveness — detections rose 250% between January and December 2018.

It’s a problem that businesses have to tackle. The increasing volume and sophistication of phishing attacks are causing real financial damage to businesses in both downtime and direct fraud. Unfortunately, there is no silver bullet technical defence that will get the job done.

Speaking with Information Age, James Baker, board advisor at Keepnet Labs, argued that businesses need a more holistic approach to mitigating phishing attacks.

Tech Nation’s cyber security cohort: Keepnet Labs’ company profile

Due to inadequate security measures, organisations are facing an increased risk of phishing attacks and ransomware in the near future 

Technology is not a silver bullet

According to Baker, too many businesses assume technology is an adequate solution for phishing attacks. He’s of the view that people and processes are equally as important to a strong defensive posture.

“Anti-virus providers don’t block everything and that’s partly down to performance issues or not wanting to block too many emails that are perhaps safe,” he said. “When technology fails to prevent attacks, trained employees are the last line of defence to protect your company. Processes are important to track the attack trends, update the gaps in your defence technologies, and train the employees.”

He added: “Because cyber attacks are carried out with human intelligence, combating it with human intelligence is the most realistic solution.”

People

While employees have become more familiar with the hallmarks of phishing attacks and the need to protect data, knowledge gaps remain that cybercriminals can exploit — 83% of global organisations experienced phishing attacks in 2018, underscoring the urgent need to educate end-users.

Businesses need to ensure employees remain vigilant to the threat posed by phishing attacks and ongoing training should be part of that to spot check employees and ensure they respond correctly and continue to follow the guidelines they’ve been given.

Cyber security scores: a new standard in mitigating risk?

Andrew Martin, founder and CEO of DynaRisk, explains how cyber security scores are improving employee engagement for enterprises

Bad actors are always coming up with new and innovative ways to trick employees. For example, some now look at social media profiles belonging to employees and send bespoke emails based on what they find — this is known as spear-phishing.

Baker argued, to keep anti-phishing strategies effective “the focus should be on the ‘human factor’, using engaging, structured, content to raise cyber security awareness and engender ‘active defence’ behaviours.”

Incident response and sharing information

According to Baker, because no individual is beyond reproach, achieving an automated incident response is the next logical step in reducing the impact of an attack on your organisation.

“If we can get just one employee in an organisation to identify a threat and report it, we can then let our system take over and discover if anybody else has received it,” he said.

For Baker, this concept of threat sharing has applications on an industry-wide level too. For example, using a communal platform, one organisation can share threat analysis data with another organisation. This cross-referencing provides a greater detection probability of malicious attacks.

Keepnet Labs is part of Tech Nation Cyber — the UK’s first national scaleup programme for the cyber security sector. It is aimed at ambitious tech companies ready for growth.

Avatar photo

Andrew Ross

As a reporter with Information Age, Andrew Ross writes articles for technology leaders; helping them manage business critical issues both for today and in the future