Going from vulnerable to cyber resilient against email-borne threats doesn't have to be time-consuming, expensive or painful. Step one is making cyber resilience planning a priority; it should be part of your organization's foundation and business strategy. Next, have a firm understanding of your needs, strengths and weaknesses. Finally, consider every aspect of your business in your planning, and spread out the responsibility – even if it means layering in a third-party solution. You're ready to get started. Here are the four pillars of cyber resilience planning.
PILLAR #1 SECURITY: Security is your front-line defense, and a layered approach is key. Remember: Cybercriminals use email in a lot of different ways to execute attacks – even from within your organization. This means you want an email security scanning layer that not only blocks spam and viruses, but also protects users from phishing, ransomware and impersonation fraud. And technology capabilities such as URL filtering, attachment sandboxing, instant preview and safe-file conversion of all incoming attachments are must-haves. It's important to always stay one step ahead of attackers. One way to do this is through centralized monitoring, analysis and intelligence sharing to help better anticipate and defend against emerging tools, tactics and techniques. Plan to integrate your email security system with third-party SIEM systems such as Splunk or LogRhythm.
PILLAR #2 DATA PROTECTION: As threats like ransomware evolve, it's more important than ever to have a separate and safe copy of your data. Once launched, email-borne threats can traverse a network quickly. If your archive is accessible to an attacker, it can be rendered useless, and your business can suffer. Your archive should be immediate – with data captured in transit – as well as tamper-proof and perpetual. And users need the ability to sync files, folders, data and calendars - and recover them if an attack occurs. The bottom line: your business needs to function; end-users need the ability to find what they need when they need it; and you need fast search and e-discovery capabilities to meet regulatory compliance and governance requirements – no matter what. The only way to guarantee all of this is to create a central repository of corporate data which is stored for 99 years in a fully encrypted, immutable and redundant system.
PILLAR #3 BUSINESS CONTINUITY: Email systems, whether hosted on-premises or in the cloud, can go down. Should downtime occur – whether due to a breach, human error or technical failure – you need to be prepared to quickly and seamlessly switch to an available service. Doing so should allow your employees to continue to work and access everyday tools, like Microsoft Outlook or G-Suite by Google Cloud, without disruption. But business continuity is about more than just email communication flow. Access to data is equally important. For example, new external regulations, like the General Data Protection Regulation (GDPR), make having anytime access to your email archive critical for organizations – even during an outage. Why? You are legally required to respond to GDPR subject requests quickly.
PILLAR #4 END-USER EMPOWERMENT: Employees are your most valuable customer. Technology features can create a powerful human defense against email-borne threats – but employees need to understand how to use them, what to look for, and how to respond. Regular end-user training can help maximize your organization's agility to respond to cyber threats. This helps make for a stronger, more productive workforce while investing everyone more broadly with cyber resilience responsibility.