Email – Friend of Foe?

Written by Richard Cohen

Email is probably the most widely used and important business tool for communication, and you won’t be surprised to hear that emails are the most used vector for Cyber-attacks, and are also the primary method of spreading malware.

The end user is often referred to as the weakest link in the chain, and while it’s probably fair to say that employee awareness and prevention today is higher than ever, it’s also true that attackers are using more sophisticated and highly targeted techniques to breach the wall. In a digital environment where emails are sent from anywhere and on any device, organisations need a robust defense in place and that guards against spam, social engineering & phishing, fraudulent senders, infected files, and blocks risky URLS. Users don’t want to be continuously mining through a library of emails sorting the good from the bad, and employers don’t want them to focus on this in-efficient and risk inherent process.

What level of risk do emails present to organisations? We took a view of one of our customers to find out. A global brand and leader in their field, this customer has Cisco Cloud Email Security deployed globally across 60+ countries and 10,500+ users.

INCOMING MAIL SUMMARY
Message category % Message Volume
Stopped by Reputation Filtering 79.0% 146.4M
Stopped as Invalid Recipients 0.3% 641.7k
Spam Detected 0.9% 1.7M
Virus Detected <0.01% 3,491
Detected by Advanced Malware Protection <0.01% 1,295
Messages with Malicious URLs 0.1% 95.5k
Stopped by Content Filter 0.2% 332.6k
Total Threat Messages 80.5% 149.0M

 

Marketing Messages 2.0% 3.7M
Social Networking Messages 0.2% 346.0k
Bulk Messages 1.5% 2.7M
Total Graymails 3.7% 6.8M

 

Clean Messages 15.9% 29.4M
TOTAL ATTEMPTED MESSAGES – 185.2M

What do the results tell us?

Firstly, a staggering 80.5% (146.9 million!) of all emails represent a threat and have been blocked. A figure of 3.7% graymails leads you to truly appreciate how big this percentage is (these emails seem to fill our inbox quicker than any other) and this stat demonstrates just how far the protective net needs to be cast. In fact, only 15.9% of emails are ‘clean.’

Secondly, the vast majority of ‘Threat Messages’ are ‘Stopped by Reputation Filtering’ and this is where Cisco Email Security steps ahead of the competition with its comprehensive threat intelligence from Cisco TALOS – one of the largest threat detection teams in the world providing real time global threat intelligence, identity and relationship modelling, and behaviour analytics from a wide range of sources, including 600 billion messages, 16 billion web requests, and 1.5 million malware samples daily.

And third – While prevention here has mitigated the other 99.99+% of the risk, there is no security solution available that can guarantee 100% prevention and a layered approach should always be put in place to analyse file activity across the extended network and to quickly detect, contain, and remove advanced malware if it gets through. In this instance <0.01% of threats required detection by Cisco’s Malware prevention tool (Advanced Malware Prevention).

The verdict? By their nature or reputation, some organisations are naturally bigger targets than others, and while these figures may not translate exactly to every organisation, it demonstrates a very real  threat platform and one that every organisation will encounter. Email security from the cloud is essential and needs to deliver comprehensive threat intelligence, reputation filtering, antispam filtering, forged email detection, phishing prevention, Mailbox Auto-Remediation, and post breach advanced malware protection.

If you’d like to talk email security, our experienced team are happy to assist. If you want to see how these stats look for your organisation, Axonex can offer a free trial of Cisco Cloud Email Security for 45 days.

Get your free trial - Cisco Cloud Email Security

Register now