Email continues to be the most popular attack vector, via organizations at their email perimeters, from inside the organization (through compromised accounts, vulnerable insiders, social engineering) or beyond the organization’s perimeters (the domains they own and their brands via impersonation). Cyber threat actors and threat groups are continuously researching and testing out new tactics, techniques, and procedures (TTPs) in an attempt to overcome and exploit this increasingly sophisticated and complicated technology.
To add to the complexity, many global corporations have been forced to adopt remote working policies for office-based employees to help ensure the safety of the workforce during the COVID-19 pandemic, and threat actors have followed them home. An increase in the variety and volume of attacks is inevitable given the desire of financially and criminally-motivated actors to obtain personal and confidential information. The annual State of Email Security report 2020 gives you an overview of the current landscape we are all facing and a guide to help drive continuous improvement to your cyber resilience strategy.
There are many factors to consider when mobilising your workforce, key of which is security. There is a fine balance between having a secure system versus a system that is too secure that stifles the less IT literate users in the workforce from even using in the first place. We would know; we saw a massive spike in the incoming tickets from users who needed some help. Luckily, we had anticipated it and ensured the necessary people were on hand to help.