With organisations ever-more reliant on email as their primary communication method, it’s no surprise that threat actors are honing their attacks on business email communications and collaboration platforms, especially in the mid-market.
The Australian Cyber Security Centre (ACSC) reports that two of the top three cybercrimes reported come from email compromise and Business Email Compromise (BEC) fraud. Attackers across the board are using increasingly sophisticated AI and ML tactics to defeat email security systems.
“Cyber Security teams are facing an uphill battle. The increase of sophisticated email attacks, and speed in developing these new email threats, are making it difficult for traditional email security gateway services to keep up. It’s therefore essential for security partners, like Tecala, to evolve our approach to email security.”
The magnitude of the email security threat is caused by the sheer volume of emails coming in and out of our organisations each day. Added to this is the internal transfer and exchange of emails, texts, and messages, through our collaboration platforms like Microsoft Teams and Slack.
The speed at which phishing attacks, malware, spam, and spoofing attempts are evolving – because of the threat actors’ use of AI and ML – is beyond the capability of traditional email security. Too many mid-size organisations lack sophisticated email security frameworks to deal with the combined volume and sophistication of the threats, making it near impossible to monitor and secure every communication.
Even with rigorous employee security awareness training to identify BEC fraud, we’re seeing far too many threat actors breach the lines of defence.
The upshot of all this being, there’s never been a better time to ask yourself the question: “Is my email security service doing its job?”
Tecala’s Next Generation Email Security has been developed to deal with today’s AI and ML-driven threat landscape. Built on Check Point’s patented technology, it uses advanced AI technology to prevent malicious attacks in the cloud before they reach the inbox.
Traditional email gateways acted as intermediaries between your email system and the internet. They intercepted incoming and outgoing email and applied security controls, such as spam filtering, malware scanning, and content inspection.
This traditional email gateway service relied on static rules and signatures to detect and prevent breaches. But threat actors have started to use AI and ML to adapt to and manoeuvre around these rules-based defences.
What’s required now is email security with AI and ML algorithms built in, so they can analyse vast amounts of data to identify emerging threats and patterns in real-time. This innovation is built into Tecala’s Next Generation Email Security to provide enhanced threat prevention and the improved automation of security processes, such as threat hunting and Security Operations Centre (SOC) event correlation.
The nature of AI-and-ML-based tools is that they can inherently improve and evolve themselves, helping you to future-proof against next-generation threats. By scanning every file and attachment for malware and ransomware in the cloud, we create a cyber security email policy that detects and captures malicious emails and files before they reach the inbox.
In the AI and ML driven world, context is everything. Tecala’s Next Generation Email Security uses its own advanced AI and ML to analyse your user’s historical interactions and email usage patterns. By mapping user history and past communications, we provide pre-emptive insight to complex email security threats, such as BEC.
With this capability, you can confidently detect and resolve sophisticated attacks, thus keeping your users and their data safe.
Tecala’s Next Generation Email Security uses language models to determine risk vectors within all your emails, enabling you to automatically learn and discover new threats and techniques as they emerge. This provides a truly predictive and proactive approach.
The AI and ML engine utilises machine learning to build a profile based upon historical information, like login locations, data-transfer behaviours, and email message partners.
The AI component of what we do is constantly learning and improving, with every interaction providing a learning experience for our platform.
Because Check Point technology constantly trains and tunes the AI on your specific tenant, it identifies and blocks attacks specific to your organisation. It’s also trained on the attacks missed by default security and secure email gateways (SEG).
Unlike SEGs, which are largely based on defined rulesets and can only protect incoming email, our Next Generation Email Security platform secures emails in all directions. This offers complete email protection against all external threats, as well as protection against internal misuses of email.
The platform uses a ‘Training Mode’ to scan and analyse a full year (365 days) of past email data to determine trends and expected user’s email behaviours.
This historical email data examines emails for patterns, trends, and anomalies within historical email data to identify typical communication patterns, common sender-receiver relationships, typical attachment types, and other relevant metrics.
When anomalies are detected, a security event is generated so your Cyber Security team can take quick action.
Because our platform is built on Check Point technology, it uses APIs to embed in the Microsoft 365 Tenancy, including SharePoint and Teams. In this way, we leverage the enhanced security protection functionality already residing in the applications.
This API integration also extends to the other email and collaboration platforms, such as Box and Google Drive.
It’s this seamless integration and interoperability that enables our clients to enjoy reduced complexity, while improving the capabilities of your existing technology platforms. This also leads to the optimisation of your IT investments.
Tecala is an ISO27001 Information Security Standard Accredited Managed Service Provider, with a strong heritage in providing Essential Eight cyber security consulting services to organisations in Australia, many of which operate in highly regulated environments.
Our Cyber Security Team are working closely with Avanan, which is now a Check Point company, and a handful of other selected security vendors.
Thanks to these relationships, we’re able to deliver an agile, proactive, and multilayered approach to email and cyber security. Our approach delivers 24/7 ‘eyes on the glass’ to see new threats and risks as they arise, so we can work with you to ensure we intercept and mitigate threats before they become business disrupting events.
Our approach leads to higher catch rates – typically we deliver a 99% reduction in phishing attacks reaching the inbox; enhanced protection from ransomware, account takeover, BEC, and supply chain attacks; and a full suite of security protection for all mentioned collaboration applications and platforms.
For more information on Tecala’s Next Generation in Email Security, or Cyber Security more generally, contact us today.
We use our Technology Capabilities Assessment to engage directly with you and your teams, to measure how well your existing ICT solutions, services and platforms are meeting your business objectives.
Once we fully understand your business dynamics we’ll provide recommendations on the solutions and long-term strategies you need to ensure your people and business enjoy the very best experiences from your IT platforms, services and applications.
The way we should be assessing the viability, relevance, and value of emerging technology is to assess it in relation to whether it can deliver an intelligent business outcome.
In this update, we provide an overview of the changes to the Essential Eight Maturity Model, and provide you with an effective roadmap to maintaining compliance.
