Given the prevalence of email-based attacks, and the growing number of phishing attacks containing ransomware occurring globally, email security should be a forefront concern for any organization.
By Industry Perspectives | Nov 07, 2017
In the month following the Deloitte breach, consumers and businesses are still at risk of having personal and proprietary information stolen. The Deloitte hack compromised critically private information of six “blue chip” clients including usernames, passwords, IP addresses, and health information. Deloitte failed to utilize multi-factor authentication on a portion of their email system, giving cyber criminals easy access to the accounts.
The cyber criminals then sifted through emails looking for any valuable information they could use or sell for a profit. While the Deloitte hack was contained and only affected six clients, consumers and businesses are at risk from any organization that stores sensitive information about them and fails to implement critical cybersecurity measures. Consumers and businesses can have their information compromised by a variety of organization including healthcare organizations, educational institutions, legal firms, accountancy firms, financial institutions, and businesses/third party vendors through data contained in email accounts.
Regardless of the type of organization, there should be a greater level of responsibility and protection for consumer and client information. Organizations have failed to implement cybersecurity, and it is now an epidemic. By 2019, cybercrime will cost the global economy an estimated $2.1 trillion dollars. To protect consumers and themselves, organizations must implement cybersecurity measures. Given the prevalence of email-based attacks, and the growing number of phishing attacks containing ransomware occurring globally, email security should be a forefront concern for any organization.
A critical first step is to ensure the use of multi-factor authentication for account logins. This added layer of security is integral to account protection and user verification. Cybercriminals seek out the easiest targets to make the fastest profit, utilizing multi-factor authentication encourages the criminal to move onto the next target.
Another consideration for organizations is email encryption. Despite valiant efforts to keep cyber criminals from gaining access to email accounts, inevitably they will find a way in. Each employee with a company email address is a potential point of entry for a cybercriminal. Negligent employees that don’t follow password protocols, fall victim to phishing schemes, and download third party applications that contain malware, create opportunities for cyber criminals to gain access.
In the case of Deloitte, once cybercriminals gained access to the account they downloaded and archived the data to servers overseas to later sort through for any valuable information. Email encryption services put two-factor authentication and an extra level of security on all emails sent, eliminating the value proposition for cyber criminals by disallowing their ability to read the encrypted emails. It would be like breaking into a bank, but the vault is empty.
Securing and protecting email accounts is a critical consideration for organizations of all sizes, from Big Four CPA firms to small businesses. Organizations should begin waging the war against cybercrime today by implementing multi-factor authentication for email accounts and considering an email encryption service. Increased global productivity through advances in technology should not come at the cost of privacy and security.
Using E-Mail Encryption to Combat Cyber Breaches
Founded in 1991, Future Quest Technologies was created based on a fresh consumer need: on-site technology delivery. Future Quest Tech strove to be, and successfully became, a woman-owned trusted provider of Information Technology products, services and support. For 20+ yrs now, I've focused on financial crimes and digital investigations. My aim is to guide other FinCrime Investigators to be the best investigators they can be.
Subscribe to:
Post Comments (Atom)
-
Missing evidence is not the same as missed evidence or evidence that is lost. When I speak of missed evidence it relates to evidence that...
-
Romance and Pig Butchering Scams: History, Impact, and Prevention By Eina JL Schroeder, CAMS/CFCS Romance Scams Imagine your single, read...
-
It’s a little more complicated than just copying data By Barbara Krasnoff Sep 2, 2020, 4:35pm EDT Two-factor authentication (2FA) is ...
No comments:
Post a Comment