7 Email Security Mistakes that Weaken Cybersecurity Posture

Get ready for a 45-minute unique journey down … and then out … of the circles of CISO hell, where you’ll find 7 types of CISOs who refuse to recognize and learn from their mistakes—and who are condemned to weakened cybersecurity postures

But this Inferno is different; there is actually plenty of hope. As you’ll hear in this very candid conversation between our co-founder and CSO, Blake Darché, and our senior product manager, Kevin Wilson (a former CISO himself), there is a path to securing your email and organization.

CISO Hell: Who’s in Charge Here?

Here is a brief introduction to some of the CISOs you’ll learn about in this Webinar. Find out how they went awry; and — more importantly — how to escape from the consequences of their errors and even earn their way to a phish-free “Paradiso.”  

The “Mad Scientist” believes they found the right formula to make patchwork tools into a secured fortress. For relying on self-designed security systems like custom email servers, this CISO is now sentenced to an impossible task: to endlessly “tune” email security defenses without ever reaching the perfect way to turn patchwork tools into an impenetrable bastion. If that sounds familiar, see how even a Mad Scientist can escape the chains of the tuning loop and endless experiments.

The Security Scrooge believes it’s cheaper to maintain old legacy vendors than to adopt cost-effective security that can preempt modern threats. The punishment is to eternally pinch pennies and end up burning dollars with new features for legacy tools (with long, multi-year contracts) like Secure Email Gateways. Especially painful is missing out on industry disruptors that cost less and perform better. Part of their task is to learn over and over the grueling lesson that despite the spending, cybercrime is costlier than ever

Only vendor accountability can lead the Security Scrooge out of CISO Hell, and the escape route lies in an unlikely direction—the COVID-19-induced disruption of SaaS pricing models. Gartner can help guide these CISOs in taking advantage of opportunities for email security solutions at reduced cost.  

The Train Wreck is an unhappy CISO (and those who report to him or her) by spending too much time and resources training employees to be “aware” and not enough on internal and supply chain threats. The Train Wreck is being punished for putting impossible burdens on the end user—relying on distracted employees to fend off attacks of infinitely ingenious hackers. These sufferers must learn their humiliating lesson over and over. For example, according to KnowBe4’s 2020 Phishing by Industry Benchmarking Report, 90 days after simulated phishing training, over 14 percent of enterprise employees were still “Phish-Prone.”  

Train Wrecks can leave CISO hell when they learn that only preemptive action keeps phish out of the inbox in the first place, rather than distracted or ingenuous workers. 

The Believer blindly trusts in the assurances of “establishment” leaders like Microsoft and Google — which are great for the cloud collaboration solutions they provide, but are not cloud security vendors. What’s the risk of believing in these companies’ infallibility? A heightened risk of cloud email attacks  that tools not specialized for security cannot secure their organizations. Only when Believers take control of their security destiny can they break free of CISO hell.

Watch the on-demand webinar to meet the rest of the 7 CISOs, and take a journey filled with expert advice that can save you from repeating cybersecurity’s worst mistakes.  

Want to keep up to date with the latest phishing trends? 

Subscribe to our newsletter here!


How to replace your email gateway with Cloudflare Area 1

Leaders and practitioners responsible for email security are faced with a few truths every day. It’s likely true that their email is cloud-delivered and comes with some built-in protection that does an OK job of stopping spam and commodity malware.

Introducing email link isolation – Email gateway replacement playbook

This week was a big one for us at Cloudflare, one of our four innovation weeks which we hold annually, showcasing new developments, product news and reference architectures.

Superhero strategies for the Phish Fight

Today is National Superhero Day, and we would like to dedicate this day to you—the SOC teams and the security experts on the frontline of the phish fight.