Posted: 3 Min ReadExpert Perspectives

The Truth About Email/Web Security

As new threats unfold in 2020, you’ll need both the right strategy and the right set of tools as part of a comprehensive, multi-layered to security

Deploying new tech is one reason why many of us love this field. We’re entering a decade that promises the convergence of 5G networks, edge computing and artificial intelligence. And yet, it’s also true that many of us are still mired in old battles, not quite ready to embrace the latest developments.

Take, for example, persistent threats to email and the web. Malware attacks appear in one out of every 412 emails according to the Symantec Internet Threat Security Report. Email remains a major attack vector for mass market/ spam ransomware attacks. And despite internet traffic encryption, the web itself is not much more fortified than email.

Even as both the scale and sophistication of cyber-attacks continue to escalate, many organizations not only remain vulnerable to spear phishing, malware, and even spam, they cannot ensure sender trust by authenticating email senders.

Are companies still not doing enough? In many instances, it’s time for a strategy shift.

Questions That Require Answers

Today’s baseline defenses require important determinations such as:

  • Is that embedded link safe?
  • What’s our defense against spear phishing attacks?
  • Can we assess and respond to active cyber threats?

The answer to those important questions requires both a strategy and a set of tools in place that can provide bankable solutions. Bankable, because anything less than a comprehensive, multi-layered approach is not a risk worth taking.

Embedded Links. The fact is, every embedded link must be evaluated in real-time. Attackers use nefarious techniques such as multiple redirects, shortened URLs, and time-based delays to bypass traditional detection schemes. Ultimately, you want the ability to block malicious links before email delivery. Symantec provides Click-Time URL Protection, which helps block spear phishing and other advanced threats.

Spear Phishing. Again, this starts with evaluating links at the time of delivery. In theory ‘zero-day’ attacks can elude detection for their lack of a signature. But Symantec Email Security follows the links in an attachment even if they redirect to other sites or employ time-based delays. We impose email threat isolation by rendering spear phishing links in a secure execution environment. One advanced component of this program enables organizations to educate end users to both recognize and avoid phishing attacks or other forms of fraud such as impersonation emails.

Active Threats. Do you know which of your enterprise users are most vulnerable to email attacks? One key to an effective email and web security strategy is the ability to gather data and surface insights in real-time. The goal is to identify active threats and shore up vulnerabilities prior to a breach. One way to accomplish this is by logging and analyzing incidents that reveal patterns such as persistent attacks and help you determine where to focus your efforts. Email analytics data can easily be shared with your favorite security information and event management software (SIEM) or Security Operations Center (SOC) programs. Symantec Integrated Cyber Defense makes this even easier because it enables prevention, isolation, detection and response with an integration solution—in the cloud or on premises.

No Playing in This Sandbox

Threat isolation is a technology that will springboard your cyber defenses from dormant into dynamic. It answers the policy question about how to provide secured access to uncategorized and risky websites.

Cloud-based sandboxing capabilities help you to identify and prevent targeted and advanced attacks. By creating a secure execution environment between users and the web—and sending only a safe rendering resources to the users’ browsers—web isolation helps eliminate web-borne threats from ever reaching your end users. Isolated email attachments containing ransomware or malware never infect users.

Threat isolation is a technology that will springboard your cyber defenses from dormant into dynamic.

Under the hood, Symantec’s solution employs advanced machine learning, network traffic analysis and behavior analysis so you’re not blindsided by stealthy or persistent threats. As a service, it provides multi-layered dual anti-virus and heuristic analysis and file-reputation analysis.

Symantec Integrated Cyber Defense, which covers web, endpoint, and email security, enables your organization to repel diverse threats such as spear phishing, ransomware and other forms of malware that would undermine your business.

Looking forward, with 5G networks, edge computing, and AI-based applications beginning to ramp up, it’s likely that the resulting innovations will also exacerbate demand to shore up endpoints, networks, data centers and cloud-based services. Now is the time to embrace that future unencumbered by old foes such as email and web security.

You might also enjoy
Threat Intelligence3 Min Read

ISTR 24: Symantec’s Annual Threat Report Reveals More Ambitious and Destructive Attacks

ISTR Volume 24 is here, providing insights into global threat activity, cyber criminal trends, attacker motivations, and other happenings in the threat landscape in 2018.

You might also enjoy
Feature Stories4 Min Read

The Cyber Security Platform Shift – More Secure, Less Complex

How Integrated Cyber Defense reduces the integration burden on customers in a fast-changing security world

About the Author

Matt Willden

Product Manager: Network Threat Protection

Matt is responsible for the threat detection products used in Symantec Enterprise Division's network protection portfolio. Specifically, Intelligence Services, which provides URL intelligence for Symantec, as well as Content and Malware Analysis.