4 Minutes to Security Insight New Video Goes Deep

Take four minutes to watch this video, where email security expert Olesia Klevchuk from Barracuda explains the evolution of email threats—and why a multi-layered approach to security is emerging as the best way to fend off today’s sophisticated attacks.

Video Transcript
Hi, my name is Alessia and I’d like to talk to you about the evolution of email threads and the need for multilayer protection. Today, your email security probably looks something like this.

• You have a secure email gateway that you’re sitting somewhere between the internet and your mail server.
• It filters the inbound mail for things like spam or malware or more advanced email attacks such as zero day attacks using a technology known as sandboxing.
• It doesn’t only filter your inbound mail, it also filters your outbound mail.
• You may also even have solutions in place to archive your data so that you can preserve and search it.
• You may have in place a backup solution that helps you to store your data and email securely and then restore it in case of accidental or malicious loss.

Sounds like a pretty good email protection solution. Well, hackers think so too that’s why they started to use social engineering tactics to bypass your email gateway and deliver mail directly to users inboxes. You may know the tactics as spare phishing attacks, business email compromise, or CEO fraud. What they all have in common is that they almost never use a malicious payload. Things that your email gateway will be looking for. To email gateway, this email looks legitimate and is delivered to your user’s inbox. While protecting your gateway is still absolutely necessary, it’s no longer sufficient on its own. What you need is a multilayered email protection. And here’s what one may look like.

• You still need a secure gateway to filter through the inbound as well as the outbound email, but accidents and disasters may happen.
• You want to make sure that your data and your email is secure and is backed up so you can restore it. You want to build in the resiliency layer for that.But what about all those spear phishing attacks? Well, you need to look beyond securing your gateway.
• You need to secure your inbox through the inbox defence.Use technology that integrates directly with your inbox and is able to see not only email as it’s coming in but also has visibility into historical and internal communication so it’s able to build a sense of what your normal communication looks like within your organization. So if any anomalous activity or an anomalous email happens, you can detect that and start analyzing it for malicious intent. And don’t forget about your users. Improving their security awareness can help you turn them into that last layer of defence, educating them on what phishing attacks look like and how to report it to IT.

So what do the IT departments do once their users report it to them? We hear that incident response and clean up process can be very time consuming and highly manual and resource heavy. That’s why you want to have an automated forensics and incident response. Barracuda total email protection reflects this multilayered approach. Secure gateway and resiliency is delivered through our essential solutions. The inbox defence is delivered through Sentinel and its AI engine and you can train your staff using phishline. All of this is supported by automated, forensics and incidents response. I’m sure you will agree that this is what total email protection looks like.