• 18 March 2022
  • 5 min read

Top email security takeaways from 2021

This is a guest blog written by the amazing folks over at Guardian Digital. If you are interested in guest blogging for TSC, get in...

Fly d m T7l XZ Pjk7 U unsplash 580x250 acf cropped

This is a guest blog written by the amazing folks over at Guardian Digital. If you are interested in guest blogging for TSC, get in contact with our team here.

More people than ever are relying on technology due to a shift from office-based workplace culture to remote solutions. This process has provided hackers with new ways to target businesses and gain access to their networks. If there's one thing we’ve learned, it's that we must look back and analyse these challenges to gain insight moving forward. Some lessons learned in 2021 include the mentality of not “if'' but when an attack will occur, employees need expert cybersecurity awareness training, ransomware attacks are on the rise and most businesses lack preventative email security measures and require supplementary security.


Threats Predicted for 2022

We previously saw cybercriminals take advantage of remote and hybrid work environments to attack an organization’s email security system using malicious attacks such as malware and ransomware. As we move forward we must recognize that the ongoing cybersecurity crisis reinforces the need for stronger solutions. We can expect much of the same in 2022, as well as an array of new attacks likely to take companies by surprise.

Fileless malware, for example, is an emerging threat that is quickly becoming a popular method for exploiting businesses. Essentially turning systems against themselves, fileless malware attacks leverage operating system tools for malicious purposes. It works as an email-borne threat that runs in a computer’s random access memory (RAM) and exploits existing, trusted system applications to install and run malicious code on target systems. This code is then used to encrypt and exfiltrate sensitive data, directly transferring it to the attacker. 

Zero-day attacks are also becoming increasingly problematic for businesses. The term “zero-day” is used to describe the threat of unknown or unaddressed security vulnerabilities in software or applications. Because of this, attacks on zero-day vulnerabilities are often executed without users’ knowledge and can come at expensive costs for organizations in the price of system downtime, productivity loss, data theft, and harm to your reputation.

Another threat to be mindful of is CEO fraud, an email scam where a group of cybercriminals targets or impersonates a C-level executive within an organization. The target will be someone who has access to financial information or other sensitive data. The aim of this malicious scam is to trick an employee into sharing valuable data or conducting a fraudulent wire transfer.

To be prepared for inevitable attacks, one must know what to expect and how to protect against them. Cybersecurity trends and predictions for 2022 include:

  • Lax monitoring of a workplace environment will lead to an increase in data breaches & malware infections.
  • The cyber cold war among several nations will intensify.
  • Companies and governments will pay more in damages from data breaches.
  • Misinformation campaigns will increase, aiding phishing schemes and propaganda.
  • Attacks using deepfake technology will increase, which will work to manipulate social media users.
  • As finances are becoming more digitized, cryptocurrency will be attacked more often.
  • Remote workers will experience an increase in mobile malware attacks.
  • Attackers will exploit penetration tools more by learning to use them as ransomware attacks.

The Question Is Not “If,” But “When?”

Attacks vary based on several considerable factors such as the specific business that was attacked, their industry, and the hacker in charge. Businesses will continue to face these attacks–and the aftermath of them, especially those that do not have an effective email security strategy that goes beyond the built-in capabilities of Microsoft 365 or Google Workspace. 

Businesses of all sizes run the risk of facing permanent closure at the worst, and at a minimum suffering hefty costs in the form of lost productivity, data theft, system downtime, reputation damage, and regulatory actions. Companies should consider implementing a robust cybersecurity program and awareness training that consists of a series of responses that can make it considerably easier to manage those challenges as they appear.


Employees Need Proper Training

According to the DBIR conducted by Verizon, 85% of data breaches involve human error. Attackers took advantage of both the expectation of mistakes made by staff, but also the pandemic, creating related scams to phish and deploy ransomware. Better approaches are needed for staff cybersecurity training as they are the first line of defence and can often prevent a successful attack if they know what to look out for.

Best practices benefit both the company and the employee, as both the employee’s private information and their livelihood are at risk should a hacker make an attempt. Training should be tailored to roles, include everyone from entry-level to executive-level staff, and should be mandatory and frequent. Cybersecurity awareness is a skill that should be present in every single employee.


Businesses Must Have A Plan for Ransomware Attacks

Training and protocols are necessary, but there is still much more that can be done. For example, security and IT teams should have a failsafe plan in case defences are breached. This plan should identify resources, which tools have ransomware prevention, protection, or recovery functionality, and identify the incident response team and their roles. The plan should also include: 

  • Determining whether an incident is a ransomware attack 
  • Analysing the scope of the infection 
  • Containing the threat by disconnecting the infected systems from the network 
  • Assessing the type of ransomware 
  • Eradicating the infection 
  • Recovering from the incident 
  • Reporting on what happened 
  • Learning from the attack  

Third-Party Supplementary Security Is A Necessity

Defence-in-depth is necessary for effective email security, but should be considered the final line of defence. Single security features alone are ineffective in defending against modern attacks and are often incapable of anticipating one coming. For this reason, businesses must implement a multi-layered cloud email security solution to supplement the static, single-layered email security system they’re already relying on. These various layers of security work harmoniously to detect and block threats, building upon each other to provide stronger, more effective protection than each feature would on its own.


Conclusion

2021 saw an increase in several attacks that are expected to continue and evolve in 2022 and beyond. The time to look the other way has run out, and businesses must implement better practices if they want to keep their staff, reputation, and customer information safe from malicious actors. 

As we move forward it is important that we remain committed to learning from the past to make us more resilient in the future.


The Insider, TSC’s online information security publication is read by thousands of cybersecurity professionals every year. It has given information and cybersecurity professionals everywhere a single place to keep up with the latest thinking around the human side of their profession and interact with a community of like-minded and engaged individuals.

We are always looking for high-quality content that delivers what our audience is looking for. Can you help us?

If you would like to become one of our guest bloggers, please download our blogging guidelines here and follow the submission process. Alternatively, if you would like a chat on how we can work together, please complete the contact form here and we will be in touch.

See how we can help you protect your organisation today?