Page 124 - Cyber Defense eMagazine September 2023

P. 124

What’s more, it may be a useful option to share a few memos with employees. The memos help to
mitigate risks, associated with a number of threats (phishing emails, use of unreliable passwords,
installation of programs, etc.)

The second step is to deploy tools for protection of email services. Such software ensures protection
against external threats, for instance, NGFW helps to block potentially malicious network traffic, antispam
software reduces amount of phishing emails, SPF, DKIM and DMARC protocols help to verify whether
email senders are legitimate.

Some solutions for mitigation of internal threats can also help to deal with the task. For instance, some
time ago we also added the functionality, which detects cases when the domain and the sender’s real
address differ to our DLP solution.

What’s more, it’s helpful to develop specific regulations, which will govern how employees should behave
in various situation, including potentially dangerous ones.

There is a step change taking place in the amount of BEC attacks. According to ComputerWeekly, the
volume of Business Email Compromise (BEC) attacks doubled during the course of 2022. This means,
that companies have to ensure advanced protection and thus reduce risks and outcomes of corporate
email compromise.

About the Author

Sergio Bertoni, the Leading Analyst at SearchInform which is the global risk
management tools developer. Sergio has plenty of hands-on experience in the
sphere of information security and has been contributing to the company's
success for years. Sergio comments on different infosec topics, including
information security trends and new methods of fraud (from simple phishing to
deepfakes), provides advice on how to ensure security of communication
channels and shares best practices for organizing information security
protection of businesses. Sergio can be reached at the company website
https://searchinform.com/.

119 120 121 122 123 124 125 126 127 128 129