Stay up to date with enterprise technology trends
Get updates that impact your industry from our GigaOm Research Community
Simon Gibson earlier this year published a “GigaOm Radar for Phishing Prevention and Detection” report, which evaluates more than a dozen security solutions focused on detecting and minimizing security threats and vulnerabilities. confidential by email. As Gibson noted in his report, email remains a key vector to attack, reflecting its strategic role in corporate communication.
Earlier this week, Gibson’s report was a prominent discussion topic for David Spark’s popularity The CISO security vendor relationship podcast. In it, Spark interviewed a pair of information security directors—Mike Johnson, CISO for Fast, and James Dolph, CISO for Guidance Software – let them take on the role of anti-phishing solutions.
“First, I want to credit GigaOm for really pointing out the need to decide what to do with the discovery,” Johnson said when asked about his thoughts on choosing an anti-phishing tool. island. “I think a lot of companies think of an anti-phishing solution without thinking about what they will do when the incident activates.”
As Johnson noted, the needs and vulnerabilities of a large organization linked on Microsoft 365 are very different from the needs and security vulnerabilities of a smaller organization working with GSuite. For example, an Excel file filled with malicious macros poses a trusted threat to the Microsoft store and thus argues for an explosive solution to detect and disable malicious payloads before they are present. can be spread and deformed. On the other hand, a smaller company is more at risk with enterprise email intrusion attacks (BECs), since the right to spend is often distributed among many employees within these businesses.
Gibson’s radar report describes both in-band and out-of-band solutions, but Johnson said the cloud-linked infrastructures argue against traditional inline plans.
“If you book an inline solution first [Microsoft] 365 or before GSuite, you may be reducing your credibility, because now you’ve introduced this single point of failure. Google and Microsoft have enormous built-in reliability, ”Johnson said.
So how should IT planners choose the anti-phishing solution? Dolph answered that with a series of her own:
“Has it nailed the basics? Is it compatible with the technologies we currently have? And second, is it reliable, is it adjustable, is it manageable? ” he asks. “Because it can add a lot of cost, especially if you have a small group if these tools are really disrupting email flow.”
Dolph concludes by noting that it is important that insights solutions can help organizations target their safeguards, as well as support both training and awareness of the threat. Finally, he urges the organizations to consider how they can measure the effectiveness of their solutions.
“Can I consider other solutions in the future and how do I compare those solutions to the standards of what we have?”
Listen to Podcasts: CISO Podcast