Email continues to be one of the most significant causes of data breaches for organizations around the world. The recent Microsoft Exchange Server attack, possibly initially caused by a phishing attack, has put a renewed focus on email security related risks for organizations, both large and small.
Cybercriminals are increasingly using the email channel to gain access to corporate systems and steal financial information and other sensitive data. In 2020, 75% of organizations were targeted by a phishing attack – and 22% of data breaches reported by Verizon were caused by phishing.
Traditional approaches to email security, including secure email gateway technologies, are struggling to prevent sophisticated phishing attacks. This has led to the emergence of a new category of cloud-based email security technologies, designed to tackle the problem of phishing attacks head on.
To discuss the importance of email security, and how we can keep ourselves and our employees protected against phishing attacks, we spoke to Gil Friedrich, co-founder and CEO of email security firm Avanan.
Why Is A New Approach To Email Security Needed?
Before Avanan, Friedrich worked as VP of R&D and VP of Technology for ForeScout– where he helped to develop their market-leading Network Access Control solution.
It was at ForeScout that the genesis of Avanan began. “In more and more of our discussions with customers, a theme kept coming up,” Friedrich says. “’How do I implement your technologies in the cloud?’”
Friedrich and the other co-founders of Avanan understood that, rather than adapting old technologies to the cloud using cumbersome proxy architectures, a new approach was needed. They believed the future of the cloud was in API and cloud-to-cloud connectivity.
Today, this is becoming the mainstream of what customers expect in their email and collaboration security suites, but threats coming from the email channel remain as widespread as ever.
“Email is so unique,” Friedrich explains. “Anyone in the world can send your organization a message. This gives us power, but it also creates risk because it allows us to communicate without pre-approval or trust.”
This gives cybercriminals the chance to manipulate users and has led to the rise of sophisticated social engineering and business email compromise attacks specifically designed to bypass email security technologies.
“Email gives us power, but it also creates risk, because it allows us to communicate without pre-approval, or trust.”
For this reason, Avanan takes a different approach to email security. “Unlike Secure Email Gateways that scan the email before it reaches O365, we protect O365 from the inside,” Friedrich explains. Email gateways disable the inbuilt phishing protection in Office 365 and replace it with their security, while Avanan acts as another layer of protection.
Avanan also uses machine learning systems to detect phishing attacks. These systems are trained on attacks that are missed by Microsoft and Google. “We don’t care about the easy attacks,” Fredrich says. “Default email security systems catch those. Our machine learning is focused on sophisticated and more targeted attacks. What’s unique to us, is that we deploy in-line. That means the email never reaches the inbox until we clear it.”
Avanan is designed for a wide range of businesses, working fundamentally in the same way for Fortune 500 companies for small businesses. For larger businesses, Avanan also offers professional services and SOC training, as well as more advanced capabilities such as SIEM integrations, SOAR/SOC workflows and forensics tools.
The State Of Email Security Today
Over the past year, the pandemic and the rapid move to remote working have led to a major increase in email security attacks, driving organizations to look for better ways of protecting their users.
“Avanan actually saw an increase in demand, and our number of customers tripled during 2020,” Friedrich says. “The pandemic accelerated the move to cloud-based solutions, as the arguments against the cloud don’t make sense when everything is remote.”
Looking forward, Friedrich believes that, even as organizations start to move back to the office in some capacity, there’s no going back from the cloud. “Those that moved to cloud-based services will not reverse their decision and a hybrid workforce will still heavily rely on digital communication. In many ways, COVID was an accelerator to what was already happening, and we don’t expect this to change.”
In addition, major recent cyber-attacks like the recent SolarWinds attack and the Microsoft Exchange Server breach have given organizations a reminder not to become complacent when it comes to their cybersecurity and, in particular, email security strategies.
The scale of these attacks mean they are likely to have lasting impacts on the industry. Analysts are already predicting that the recent Exchange breach will further push organizations to cloud-based security technologies.
“What the Microsoft Exchange Breach demonstrated is that vulnerabilities and security risks will exist in both cloud and on-premise services,” Friedrich says. “But when it’s cloud-based, the vendor is able to push a fix to all customers immediately. On-premise services don’t enjoy the same benefit, and so vulnerabilities exist for a much longer time before all systems are patched. The old assumption that on-prem is more secure, was just proved incorrect.”
“The old assumption that on-prem is more secure than the cloud, was just proved incorrect.”
However, cloud-based email has its own security flaws. “The downside of cloud-based email is that cybercriminals are spending every effort to hack Microsoft and Google because, if they do, they get access to so many customers at once. There’s an arms race between hackers discovering a vulnerability, and Microsoft and Google trying to respond quickly,” Friedrich says.
“This is where Avanan comes in. By running behind the default security as an additional layer before the inbox, we’re able to block what the default layer misses, and hackers have no idea we’re there.”
What Does The Future Look Like For Avanan?
Avanan is one of the leading vendors in the API-based protection market—the only one to offer pre-delivery protection—which Friedrich calls a revolution in how email security is implemented. “This is a natural change that is coming on the footsteps of the move of email to cloud-based services and the expansion of the communication channels, from mainly email to a full collaboration suite,” he explains.
“The second aspect of this revolution is implementing machine learning inside this security layer and combining AI with business intelligence capability that allow customers to understand what the machine has learned and the impact, in a simple and effective way.”
“This is a revolution that goes beyond just the usage of ML in security and is the natural next step of AI. We’re seeing with SIEM/SOAR platforms, endpoint and XDR, and email too. It’s part of our advantage today compared to legacy solutions, and we are going to continue developing in this direction.”
How You Can Stay Secure Against Email Threats
If your organization is struggling to handle email threats such as phishing, Friedrich recommends strong email security, and security awareness training. “Phishing specifically requires both an email security product that will filter as much as possible and a solid program for end-user awareness training. Make sure you have both,” he says.
“Our research shows that implementing Avanan reduces phishing attacks by 99.2%. Think of what that means to end-users, SOC teams, and your security risk in general. Finally, make sure you implement a security layer that is in-line. Anything else is not a real security layer.”
Thanks to Gil Friedrich for participating in this interview. For more information on Avanan visit: https://www.avanan.com/