Verify the sender, check the recipient: the DMARC piece of the cybersecurity puzzle
Keeping one’s business safe from cyberattacks can be a challenge, but you can mitigate many risks by taking a layered approach to security. The purpose of a layered security framework is to ensure that each defence component complements the others, with specialist tools covering the different elements of the organisation’s exposure online.
Phishing attacks via email are the number one threat to businesses around the world. According to the FBI, business email compromise (BEC) was the most expensive cyberthreat in 2020 out of a total US$4.2 billion lost on cybercrimes last year. Thieves impersonate internal corporate officers, suppliers, customers, and even partners in trusted law firms used by the company.
BEC attacks are as efficient as they are profitable — they netted US$1.8 billion with just over 19,000 attacks. To put that into perspective — it took 241,000 email phishing attacks to “only” make US$54 million. Little wonder that emails are still a favourite modus operandi.
Organisations don’t just lose money; they lose business too. According to a Frost & Sullivan whitepaper, nearly half (48%) of consumers stopped using an online service after a data breach incident. For the majority in the SMB/SME sector, it’s worth noting that small businesses are particularly vulnerable: 46% of cyber-attacks are targeted at them.
Aside from educating email users to be more security-aware, another way of protecting the sender, recipient, and their data is by deploying a higher-security approach to guard the email channel. Email security remains one of the top challenges for IT security teams and the most impactful step in protecting against business disruption, data loss, and financial damage. As an older protocol, it’s inherently insecure and needs very careful treatment by experienced administrators.
Even without being successfully targeted by hackers, misconfigured email servers and security tools can lead to companies getting blacklisted as spammers, with email services essentially shut down without notice. That’s why many companies — even high-end enterprises — use specialist email security and configuration professionals to maintain and protect this basic but central business tool. This article highlights one such provider, The Missing Link.
As an initial scouting exercise, the company will investigate any weaknesses in a business’s IT environment before providing recommendations personalised to fit the needs and strategy of the SMB. As part of an overall cybersecurity strategy, it may advise deployment of industry-recognised tools such as Mimecast’s DMARC Analyzer to help strengthen data protection overall, and email security specifically.
For those of a more technical mindset, The Missing Link’s three-part blog series explains that the primary goal of DMARC is to help prevent a company’s email domain from being used as a source of email spoofing, phishing scams, and other cybercrimes.
DMARC adds an additional layer of security by giving an insight into all incoming email activity and gives organisations more understanding of what’s going on under the hood of email — so often a “black box” of technology in many organisations. With better knowledge and a 360° visualisation what’s trying to enter their email ecosystem, The Missing Link clients can make more informed decisions and apply effective and best-fit DMARC (Domain-based Message Authentication, Reporting, and Conformance) rejection policies.
In short, DMARC Analyzer gives better information on which domains or third parties are approved, and which ones are on a “nope” list, and applies its policies across all the organisation’s email services. Legitimate emails from verified SMTP servers do not get rejected, emails from anywhere that fail the tests are rejected or held.
“When it comes to cyber security, our goal is to minimise the risk of attack across all aspects of our business,” said Carl Rowley, cyber security manager at ENGIE, the largest independent power producer in the world. “[The Missing Link] are proactive when it comes to identifying, analysing, and alerting us to any threats. And when they recommend solutions to problems, they are always well researched and accompanied by options, along with the positives and negatives for each.”
In addition to nursing email serving clusters, spam filtering and file-scanning at server level, setting up DMARC compliance can be tedious for the uninitiated. In some cases, the entire DMARC lifecycle can take up to three to six months before the results can be seen. The Missing Link can help businesses achieve the DMARC policy reject maturity level in a shorter, pre-defined timeframe and thereby bring the significant benefits from the technology home much more quickly.
“The Missing Link team consulted us on various options, and we decided that Mimecast would be the most suitable solution for us. […] We successfully combat numerous web security risks and phishing attacks and essentially enforce email security controls throughout our organisation’s perimeter. The Missing Link’s engineering and service delivery team handled the project excellently, and we couldn’t be happier with the end result,” said Brian Chalmers, financial controller at Australia Sailing.
“Engaging The Missing Link provides me with peace of mind – I know that if our staff follow the right procedures, they’ll get the right advice, and our IT systems will be well maintained and secure,” Chalmers added.
Hackers play a numbers game: for every thousand automated probes sent out, there may be two or three online organisations that present easy targets. By adding layers of integrity like DMARC and other interlocking security layers from The Missing Link, companies remove themselves from the “low hanging fruit” category. The internet cannot ever be 100% safe, but it can be a great deal safer.
Unsure where to start? Click here to gain 360° visibility and governance across all your email channels, resolve continuing security issues, and keep your IT environment free from potential breaches.
