Q&A: ESET’s Chief Security Evangelist On Securing Microsoft 365 Against Phishing And Email Compromise
Expert Insights interviews Tony Anscombe, Chief Security Evangelist at ESET.
Tony Anscombe is the Chief Security Evangelist for ESET. He has over 25 years’ experience in the security industry and is an author and regular speaker on the current threat landscape, security tech, data protection, privacy, and trust. Tony has also previously served on the board of the National Cybersecurity Alliance (NCA), Mobile Ecosystem Forum (MEF) and Family Online Safety Institute (FOSI) and held an executive position with AMTSO.
Expert Insights recently reached out to the ESET team to share Anscombe’s insights on one of the platforms most heavily targeted by cyber-criminals––Microsoft 365. This Q&A covers the most common challenges organizations are facing in the email security space today, and how security teams can improve their resilience against attacks targeting the Microsoft eco-system.
What are the biggest challenges for customers in the email security space today and how are threats evolving?
Phishing and spear-phishing have evolved to include new methods such as using QR codes or homoglyphs to trick people into scanning and clicking on seemingly legitimate links.
Business Email Compromise (BEC) tries to trick people into believing that a legitimate sender is communicating with them, and these impersonation and email spoofs are getting better every day, especially with the advent of AI technologies. In fact, according to the FBI’s Internet Crime Complaint Center (IC3) report, business email compromise was the most reported fraud in 2023.
The Human Factor remains the weakest link in the chain. No technology can work 100% of the time if it is not used correctly and employees are not trained well. Cybersecurity awareness trainings continue to be relevant and necessary for companies of all sizes.
Zero-Day threats can be initiated through email and AI is also making it easier for adversaries to come up with never-before-seen threats.
How does the ESET Cloud Office Security platform help to teams address these challenges, and how do you differentiate the platform in this competitive space?
ESET Cloud Office Security (ECOS) is constantly implementing new features to address the latest email security challenges. This year, ECOS added homoglyph detection for commonly spoofed domains into its detection algorithm and malicious QR code detection will be added by the end of 2024.
Likewise, a new rule engine for ESET Cloud Office Security is adding anti-spoofing rules to make sure each organization can tailor their settings to their specific needs. We also offer an Email Clawback feature to allow IT administrators to remove suspected spear phishing emails from inboxes before they can be interacted with by their company stakeholders.
Lastly, ESET Cloud Office Security offers integration with ESET LiveGuard Advanced at no additional cost, which prevents zero-day threats by running files in a sandbox and monitoring their behavior.
What are your top recommendations for CISOs in the process of looking for an email security solution for M365?
Do not rely on Microsoft’s protection only. Companies require multiple layers of security. ESET detects hundreds of thousands of threats every year that pass through Defender’s security and that’s where ESET Cloud Office Security acts as an additional security layer.
Business email compromise is significant and can be costly. Email systems need to be complimented with other security, such as multi-factor authentication, vulnerability and patch management, and other technologies that prevent the initial access vector used by bad actors.
Combine technology with human oversight. To assist in avoiding a business email compromise incident, any request for wire transfer of funds or other financial requests should always be combined with physical confirmation, a phone call, in-person approval, etc.
What trends do you expect to see in the email security space in 2025?
Ransomware remains a major focus for organizations and legislators. If regulation makes paying an extortion demand complicated and reduces the monetization back to bad actors, I suspect that bad actors will switch to other methods of extracting money and data from companies. Email systems could be a natural transition.
Further use and refinement of AI and machine learning technology will enhance protection for email solutions going forward. In the same way bad actors are improving the content of emails using natural language models, defenders will utilize the same technology to detect those threats. In effect, security solutions may digest the contents of the email, look for context in relation to the business and the recipient’s function within the business.
Advanced detection solutions using natural language models could also extend to awareness training. If a recipient of a malicious email receives the malicious content with an explanation and identification of false, fake, or malicious bits, then awareness training could begin to take place in the inbox, within normal business operations.
In your view, what should organizations’ top email security planning priorities for 2025 be?
Due to the fact that both bad and good actors are utilizing AI, making full use of a mature security solution that layers and utilizes AI and machine learning will best enhance a company’s email solutions going forward. Additionally, anyone operating Microsoft 365 should prioritize complimenting the environment with a third-party security solution.
Further reading
- Learn more about ESETs’ Cloud Office Email Security platform
- Read our guide to the best Email Security Solutions For Microsoft 365