TECH TRENDS
Jack Chapman , SVP of Threat Intelligence , Egress
consequences could be devastating as they often hold the most sensitive company data , and if that data is sent to an unauthorised recipient it could amount to a full-scale data breach . Therefore , organisations must consider how to protect their senior executives , not just against external actors , but also against outbound incidents .
How can organisations protect their senior executives ?
The most common way an organisation can help their C-suite is by providing them with regular security and awareness coaching . It is commonly known that , in the workplace , attitude comes from the top down , so not only is it important for the C-suite to show an enthusiasm for security awareness , but as the highest-value targets , they are the ones that need to be the most vigilant .
The best approach to inbound and outbound threats
Given the responsibilities of the C-suite and senior executives , email security must not become an additional burden . Organisations must provide them with the necessary tools to mitigate the risk of inadvertently enabling a detrimental data breach . However , sophisticated attacks that target the C-suite use tactics that easily evade traditional security technologies and static DLP isn ’ t dynamic enough to catch the full spectrum of human errorrelated mistakes .
This is why many organisations are opting to layer their native security defences in Microsoft 365 with an integrated cloud email security ( ICES ) solution that can neutralise advanced threats , in addition to preventing data exfiltration and misdirected emails and attachments . x
THE HUMAN ELEMENT ACCOUNTS FOR 74 % OF ALL BREACHES , SO , WHEN THINKING ABOUT AN ORGANISATION ’ S RISKIEST USERS , IT IS NEGLIGENT TO CONSIDER THAT EMPLOYEES ARE ONLY VULNERABLE TO EXTERNAL ACTORS .
As an attack sent to a C-suite is likely to be much more targeted than those sent to the masses , organisations also need to ensure that they are tailoring coaching to each department or individual , based on the jobs they do and the attacks they receive .
In response to frustrations with static DLP being inadequate in dealing with the human element of outbound mistakes , three-quarters ( 74 %) of cybersecurity leaders have considered turning off Outlook autocomplete to prevent misdirected email and attachments .
However , only 20 % have disabled the functionality – the likelihood being that removing autocomplete would cause immense friction to workflow and manually typing in an email address could give opportunity to an equal number of mistakes . This is even more true for busy C-suite roles , who don ’ t have time to write out a long address every time they want to communicate over email .
www . intelligentcxo . com
17