7 Email Security Mistakes that Weaken Cybersecurity Posture

Get ready for a 45-minute unique journey down … and then out … of the circles of CISO hell, where you’ll find 7 types of CISOs who refuse to recognize and learn from their mistakes—and who are condemned to weakened cybersecurity postures

But this Inferno is different; there is actually plenty of hope. As you’ll hear in this very candid conversation between our co-founder and CSO, Blake Darché, and our senior product manager, Kevin Wilson (a former CISO himself), there is a path to securing your email and organization.

CISO Hell: Who’s in Charge Here?

Here is a brief introduction to some of the CISOs you’ll learn about in this Webinar. Find out how they went awry; and — more importantly — how to escape from the consequences of their errors and even earn their way to a phish-free “Paradiso.”  

The “Mad Scientist” believes they found the right formula to make patchwork tools into a secured fortress. For relying on self-designed security systems like custom email servers, this CISO is now sentenced to an impossible task: to endlessly “tune” email security defenses without ever reaching the perfect way to turn patchwork tools into an impenetrable bastion. If that sounds familiar, see how even a Mad Scientist can escape the chains of the tuning loop and endless experiments.

The Security Scrooge believes it’s cheaper to maintain old legacy vendors than to adopt cost-effective security that can preempt modern threats. The punishment is to eternally pinch pennies and end up burning dollars with new features for legacy tools (with long, multi-year contracts) like Secure Email Gateways. Especially painful is missing out on industry disruptors that cost less and perform better. Part of their task is to learn over and over the grueling lesson that despite the spending, cybercrime is costlier than ever

Only vendor accountability can lead the Security Scrooge out of CISO Hell, and the escape route lies in an unlikely direction—the COVID-19-induced disruption of SaaS pricing models. Gartner can help guide these CISOs in taking advantage of opportunities for email security solutions at reduced cost.  

The Train Wreck is an unhappy CISO (and those who report to him or her) by spending too much time and resources training employees to be “aware” and not enough on internal and supply chain threats. The Train Wreck is being punished for putting impossible burdens on the end user—relying on distracted employees to fend off attacks of infinitely ingenious hackers. These sufferers must learn their humiliating lesson over and over. For example, according to KnowBe4’s 2020 Phishing by Industry Benchmarking Report, 90 days after simulated phishing training, over 14 percent of enterprise employees were still “Phish-Prone.”  

Train Wrecks can leave CISO hell when they learn that only preemptive action keeps phish out of the inbox in the first place, rather than distracted or ingenuous workers. 

The Believer blindly trusts in the assurances of “establishment” leaders like Microsoft and Google — which are great for the cloud collaboration solutions they provide, but are not cloud security vendors. What’s the risk of believing in these companies’ infallibility? A heightened risk of cloud email attacks  that tools not specialized for security cannot secure their organizations. Only when Believers take control of their security destiny can they break free of CISO hell.

Watch the on-demand webinar to meet the rest of the 7 CISOs, and take a journey filled with expert advice that can save you from repeating cybersecurity’s worst mistakes.  

Want to keep up to date with the latest phishing trends? 

Subscribe to our newsletter here!

 

Understanding the Four Business Email Compromise Attack Types

Business Email Compromise (BEC), also sometimes referred to as email account compromise (EAC) or vendor email compromise (VEC), is a type of phishing attack that takes advantage of an existing relationship between a victim and organization.

Area 1 Security Announces the Most Spoofed Brand of 2021

Dear America’s sports-loving, company-securing fans: Before you find yourself glued this weekend to (what some call) THE biggest game in college basketball history, we are here to crown the 2022 March Hackness winner!

2022 March Hackness: The Return of the Phishing Bracket

Area 1 Security’s Sixth Annual March Hackness: The Perfect Phishing Bracket is here! Learn who made the list of the top brands that attackers use in phishing lures.