Malicious Spam Comes Roaring Back and Cisco Email Security is Ready
“Did you get my email? The really urgent one? About funding for your new project?” “Maybe. I can’t tell. My inbox is full of spam and I am busy scrutinizing every email and domain name to make sure the sender is a valid person that I actually know and the attachment is a valid… Oh wait, now my screen is locked and someone wants bitcoins to reopen all my files.”
Far-fetched, perhaps, but it would be close to the truth without effective email security. Malicious email messages are the leading way in which attackers gain access to company networks and a critical point of vulnerability for organizations of all sizes. Ransomware is a billion-dollar industry and one of the fastest growing markets for attackers – and email is the most common delivery mechanism for it. Data breaches resulting from phishing attacks – also known as Business Email Compromise – are daily headlines. And spam, which had been at all-time lows for several years, is roaring back in astronomical volumes – and more spam messages are now malicious. In fact, without email security, for every 100 emails in your inbox, 65 would be spam, and five would contain malicious content. Which five are malicious? That’s where email security comes in.
Given the importance of email in running your business, the need for effective email security has never been greater. And fortunately, Cisco Email Security makes tackling each of these challenges easy. In a recent test by Opus One, Cisco Email Security was shown to have the best spam effectiveness and the lowest false positive rate against 5 other vendors. It can also be deployed with Cisco Advanced Malware Protection (AMP), our industry-leading solution that has been a leader in NSS testing for the past three years – detecting 100% of malware with the fastest time to detection in the most recent test. That’s a powerful combination – a one-two punch if you will – that helps you not just cut down spam, but drastically reduce risks from malware, spear phishing, ransomware and other sophisticated attacks. And Cisco Email Security is vastly more effective because it is part of our overall architecture and benefits from Talos, Cisco’s threat research team that continually incorporates up-to-date intelligence into all products and solutions in the portfolio.
Clearly, not all email security is created equal and “good enough” is no longer, well, good enough. So, of course, we decided to make ours even better. With our latest release of Cisco Email Security, we are improving an already threat-centric product, and adding features that offer even greater visibility into inbound and outbound threats, geo-location control over protection, and greater security for administrative access to meet today’s access policy requirements. Below is a quick overview of some of the new features that can help your organization gain more control and better protect against the latest email threats.
Better Protect Against Cyber Crime with Geolocation Based Filtering
When you have no business relationships with a given region and your email volume from that location suddenly spikes, you can be relatively certain that the content is malicious, possibly even targeted cyberespionage. When your CFO gets persistent emails from a geography known to produce sophisticated spearphishing attacks, the ability to quickly control email content based on the location of the sender better protects your executives against compromise.
With Geolocation Based Filtering, Cisco Email Security now enables organizations of all sizes to scan and block malicious content according to policies set for the country from which the emails originated. Emails can be whitelisted/blacklisted by country or, at a more granular level, content and message filter policy can be set to block, quarantine or filter emails based on the location of the sender.
Provide Strong Outbound Protection with Advanced Malware Protection (AMP)
Not only do organizations have to worry about the damage done by incoming malware, you can also face a loss of IP or domain reputation if malicious content leaves your organization via email. This can result in potential downtime, additional costs and creates additional work for already busy IT teams. Now with the same license, you can enable AMP to monitor both inbound and outbound emails.
But the value of AMP doesn’t stop there. AMP continuously monitors and analyzes all file activity, processes, and communications from the moment it hits your network until it leaves. If a file starts behaving maliciously at any point in time, AMP will detect it and retrospectively provide tracking and analysis to show where it’s been and what actions it’s taken, so that your security team can quickly and surgically remediate any issues. Only Cisco offers Advanced Malware Protection across the network, endpoints, and into the cloud, giving administrators the visibility and control needed to more quickly locate end users sending malicious files and remediate any issues.
Stronger Access Control with Two-Factor Authentication
Attackers often abuse privileged accounts to access critical data, stage breaches and create additional points of vulnerability and it is a risk that must be addressed by compliance teams in many industries. Cisco Email Security now offers Two Factor Authentication for access to Email Security Appliance (ESA), Cloud Email Security (CES) and Security Management Appliance (SMA), enabling a dynamic second factor for role-based access that can be enforced using a token or One Time Password (OTP).
To achieve more effective security, speed matters. So, Cisco Email Security now offers Engine Rollback, so that admins can rollback current engine and signature updates to previous versions. This gives IT teams the control they need to quickly take action and helps reduce the time it takes to detect and remediate problems.
With this release, Cisco also adds the most effective Data Loss Prevention feature ever to ensure you keep your sensitive data where it should be. The new Cisco DLP solution delivers high-performance, comprehensive data loss prevention – helping organizations of all sizes prevent leaks, enforce compliance, and protect their brand and reputation.
How many emails did you get since you started reading this? How many spam messages and phishing attacks did your email security keep at bay, so you could find the emails your colleagues have sent with critical business content? With email and spam volumes continuing to rise, effective email security will remain a key priority for all organizations, regardless of size or industry. Look out for more blogs on this critical topic including information about federal certifications. In the meantime, is it OK if I have someone send you an email with more details?
To learn more about how Cisco Email Security helps provide the visibility and control needed to protect against the latest threats, visit www.cisco.com/go/emailsecurity.