Vailmail’s CMO on Creating a Modern, Layered Email Security Strategy
Vailmail Chief Marketing Officer David Appelbaum offered insights into email security and its importance to today’s organizations during his presentation at the 2018 Information Technology & Security Forum in Boston on December 12. In his presentation, “Closing the Loop: Creating a Modern, Layered Approach to Email Security,” Applebaum provided tips to help an organization build an effective email security strategy.
How an organization analyzes email security may have long-lasting ramifications. If an organization misses even a single email-based attack, for example, it could suffer a data breach. And if this data breach goes undetected for an extended period of time, it could cause significant damage to the organization and its stakeholders.
Email plays a key role in organizations of all sizes and across all industries. Yet some organizations ignore email security – despite the rapidly evolving challenges surrounding cyberattacks.
“We all need email … and email is the core piece of technology that has remained constant across the entire business. But [email] is also extremely vulnerable,” Appelbaum pointed out. “Email is probably one of the most open vectors for attacks in business today.”
Phishing email attacks are becoming increasingly common across the globe, and they enable hackers to access sensitive data from an organization’s employees. Meanwhile, if sensitive corporate data falls into the wrong hands, an organization puts its employees, customers, brand reputation and revenues in danger.
With the right approach to email security, an organization can reduce or eliminate phishing dangers and other cyber threats. To develop this approach, an organization first must allocate time and resources to create and deploy an effective email security strategy.
“There is a significant mismatch between threat and spend,” Appelbaum said. “Email authentication in general is one of those [business areas] that tends to fall through the cracks.”
Furthermore, an organization must evaluate its cloud services.
Organizations often use email-based cloud services. As organizations search for ways to become more productive and efficient, their use of cloud services may increase, too.
If an organization understands its cloud services and the security risks associated with them, it can determine which email security technologies can help it stop cyberattacks before they happen. Oftentimes, it helps to examine a variety of email security technologies to ensure an organization can address email-based attacks that are common across its particular industry.
“All cloud services that you are deploying now rely on email and using your domain to speak to service outages, reporting, receipts [and more],” Appelbaum indicated. “There is a huge increase in the amount of usage that your domain has simply due to the increasing [number] of cloud services.”
Email authentication tools may prove to be exceedingly valuable as well. By using these tools, an organization is better equipped than ever before to identify the root cause of an email-based attack so it can tailor its email security strategy accordingly.
“You can authenticate and authorize email to close off threat [vectors] to find out if an individual is properly sending email on your domain,” Appelbaum stated.
Also, leveraging the Domain Name System (DNS) can have far-flung effects on an organization.
DNS tracks web traffic queries and provides an organization with insights into email account use. That way, DNS helps an organization understand who has access to sensitive data so it can take steps to secure this information properly.
“Every single email server is registered in DNS,” Applebaum noted. “[DNS] is open, everyone has access to it and utilizes it as a primary source of truth for email getting sent.”
Although artificial intelligence (AI) and machine learning are integrated into assorted email security tools, these technologies offer no guarantees.
In some instances, AI and machine learning empower organizations to quickly analyze their email security efforts and identify cyberattacks. Conversely, these technologies sometimes create data privacy issues and cannot provide context into email-based cyberattacks.
“If you start to focus on [email] content … there is a huge privacy violation,” Appelbaum said. “The goal is to let good [content] through and keep bad stuff out … [AI and machine learning] can recognize email terms, but they can’t recognize context.”
Going forward, organizations must prioritize email security. The number of email-based attacks likely will increase in the foreseeable future, and organizations are responsible for keeping pace with the growing cybersecurity landscape.
IT and marketing professionals who collaboratively deploy email security solutions may reap the benefits of their efforts for years to come. Together, these professionals can discover user-friendly email security solutions that help an organization protect its sensitive data against a broad array of cyber threats. Perhaps best of all, IT and marketing professionals can help an organization implement email security solutions that improve productivity and drive revenue growth.
“From a technology standpoint, you can justify an [email security] effort to revenue,” Applebaum indicated. “You can add value, protect your organization and add revenue.”
A seasoned software-marketing executive with 25 years’ experience across a variety of technology areas, David Appelbaum is an award-winning innovator in the use of social media and digital mediums for B2B marketing. His campaigns have been covered in The NY Times, AdWeek and across social media and Hollywood.
Visit Argyle Executive Forum's CIO LEADERSHIP DINNER: What Lies Beneath – Diving into the Murky Depths of Multi-Tier Risk in San Francisco , CA on Jan 15, 2020