Intelligent CIO North America Issue 05 | Page 43

FEATURE : EMAIL SECURITY
How can organizations instil confidence in their employees to ensure that these incidents are reported ? getting malware , who ’ s getting those Business Email Compromise attacks and who ’ s credentials are compromised ?
In the past we had a tendency to shame the individual , even with the simulated phishing attacks that we send out to raise awareness . We can ’ t victim blame or shame the individual – unless of course there is repeated behavior – we need to make them feel safe . They are ultimately victims and we need to make it easy for them to report and reward them when they do identify a bad email . There ’ s also gamification that you can bring into this to make it much more interesting and engage your employees .
What advice would you give those wishing to bolster their email defenses ?
Fundamentally , organizations need to focus on implementing a people-centric security program . Your people are the new perimeter , at the core of cyberdefenses and they are under attack by cybercriminals . It ’ s important for CISOs and CIOs , and all security professionals , to understand the business as well as the criminals do . Understand who your very attacked people are , who ’ s being targeted with what , who ’ s getting credential phishing , who ’ s
Because based on that visibility into your very attacked people you can then build a security program that ’ s tailored to your business and threat profile of your users . It ’ s not generic at all but is highly effective because it ’ s based on the risks that you face .
Protect your business , protect your suppliers , protect your employees and ultimately , by doing that , you ’ re protecting your data as well . p

YOUR PEOPLE ARE THE NEW PERIMETER ,

AT THE CORE OF CYBERDEFENSES AND

THEY ARE UNDER ATTACK BY CYBERCRIMINALS .

www . intelligentcio . com INTELLIGENTCIO NORTH AMERICA 43