This is Part 1 of a 2-part series. Please click the link at the end of the article for part 2.
Our data suggests that while over 95% of malware attacks still come through email, the skyrocketing popularity of collaboration apps is opening up a new attack surface for hackers to exploit. Tools like Slack, Teams and Zoom are
frequently used to share sensitive company information. Most are also integrated tightly with cloud email platforms, so a vulnerability in one tool can open a pathway for criminals to move across the enterprise and steal valuable data.
95%of malware attacks still come through email As email and collaboration threats evolve, Mimecast is responding by developing next-generation protection to strengthen both of these environments. We’re building on more than two decades of email security by adding new capabilities such as account takeover protection, multivector threat protection, and URL pre-delivery scanning.
Here is a look at nine new capabilities and best practices to configure and manage your email and collaboration security today. These steps will ensure you’re protecting your organization from evolving threats, driving towards
resilience, and building a more secure culture along the way.
1. The Human Risk Command Center
If you’ve already implemented Mimecast email security and collaboration protection, you have access to the Human Risk Command Center. Now is the perfect time to explore this powerful tool. The Human Risk Command Center
draws data from all Mimecast products, and even when used just with email security it provides significant immediate value. You can identify your most attacked users, gain insights into the specific risks targeting them – including malware and phishing attempts stopped before reaching their inboxes – and use this information to make smarter decisions about prioritizing protection within your organization.
2. URL Pre-Delivery Scan
Email security is evolving, and Mimecast is leading the charge with a fundamental shift in how we protect your organization from URL-based threats. We’ve recently released URL Pre-Delivery Scan – a capability that transforms our approach from reactive protection to proactive defense.
When users click suspicious links, they are blocked. The technology works as designed. Yet users keep reporting “suspicious emails” in their inboxes,
frustrated that potentially dangerous messages made it through in the first place. This perception gap matters. When employees lose confidence in their email security, they ignore legitimate warnings or develop workarounds that introduce
new vulnerabilities.
URL Pre-Delivery Scan brings the full power of Mimecast’s multi-step URL inspection pipeline to bear before emails reach any inbox. This targeted
approach delivers comprehensive protection without compromising the performance your organization depends on.
3. Account takeover protection
One of the most dangerous threats companies and individuals face is an outright takeover of a corporate account. Once an attacker gains control,
they steal money, commit fraud, and gain access to other accounts.
Mimecast has launched account takeover protection, a new feature that spots what’s happening in a particular account and gives options for how to circumvent a problem. The Account Takeover module complements existing security layers, detecting signals of compromise to flag suspicious accounts.
Security teams can take proactive actions based on patterns of use, or they can take action in the moment to stop a potential takeover in progress. Depending
on the assessment of the threat, they could hold a user’s emails, reset the user’s password, remove access to their administrative resources, or potentially take
away their corporate resources. Using capabilities from across the Mimecast Human Risk Platform, the team can take action based on the person’s role, their
security history, or other factors that contribute to a risk evaluation.
4. Multi-vector threat protection
The threat landscape has changed dramatically since the days of traditional malware and spam. Attackers have evolved and are aware that they can bypass
single point detection. To combat these growing threats, security vendors need to evolve as the threats do. Multi-vector threat protection is new cloud-based
detection technology that takes all of the elements from Mimecast’s existing scanning layer, correlates them, and puts together a holistic view on whether a
message is malicious or not.
Multi-vector threat protection defends email and collaboration suites against cyber threats such as phishing, impersonation attacks, malware, and
AI-generated attacks. It uses a multi-layered approach with features like URL Protect, Attachment Protect, and Impersonation Protect to stop threats before
they impact users, and also includes capabilities for internal threats and data protection. Think of Multivector as the conductor at the last stop on a train ride
announcing whether a message is safe or not.
An additional benefit it provides is a detailed analysis about decisions involving email threats. It applies multiple indicators, including sender reputation,
sending email, suspicious content patterns, and brand impersonation like a Microsoft credential harvesting site. This makes it easy for a helpdesk, CISO or security expert to explain why the multi-vector detection engine flagged a particular message.
Please CLICK HERE for Part 2 of this series.
Click the banner below to protect your organization across email, collaboration, compliance, and human risk.
