Cyber Crime
Prevent BEC with AI-Powered Email and Collaboration
Latest Trend Vision One™ platform integration addresses growing need for streamlined IT and security operations across email and messaging environments.
“Email is one of the primary methods that cybercriminals use in their attacks. Seeing the complete security picture from email, servers, cloud, and network to our endpoints is crucial to maintaining a healthy network. Having access to all of this information through a single service saves significant time and resources for our security analysts and IT teams.” - Jimmy Benefield, Technology Coordinator at the DeKalb County School District
The technology landscape moves fast – but some things remain remarkably unchanged. Despite the emergence of alternative platforms, email is still a primary communications channel for internal and external business use worldwide. An estimated 347 billion daily messages were sent and received last year, with the figure set to grow 4% in 2024. The enduring popularity of email also ensures it remains one of the top attack vectors for threat actors. Over two-fifths (43%) of the 146.4 billion threats Trend blocked in 2022 were email-borne.
As organisations continue to expand and diversify their use of communication tools, so does the corporate attack surface. The growing need for email security that integrates with other collaboration tools is the new reality that Trend Vision One™ Email and Collaboration Security was built for.
Security is getting harder
Communication and collaboration tools offer threat actors a significant advantage. It’s a relatively straightforward, low-cost way to reach users: arguably the weakest point in a corporate cybersecurity environment. That explains the gusto with which they continue to launch attacks—from opportunistic “spray-and-pray” campaigns to more targeted efforts which may require prior social media research on targets. The advent of generative AI (GenAI) has supercharged these attacks. Threats include:
Business email compromise (BEC), which made cyber-criminals an estimated $2.7bn+ in 2022, according to the FBI. As the threat carries no malware, it can be harder to detect.
Phishing, which can be used to steal credentials or trick users into installing malware without their knowledge. Despite increased investment in user training and awareness raising, social engineering remains difficult to effectively “patch.”
Ransomware, which continues to cause global organisations significant reputational and financial damage. It may begin with a malicious email-borne payload or credential theft attempt. In the US alone, 2,207 hospitals, schools and governments were directly impacted by ransomware over the 2023, with thousands more private businesses suffering.
Zero-day threats. As of September 2023, the year was on track to record the biggest ever annual number of previously unseen vulnerabilities.
Account Takeover, sophisticated email threat tactics can be used to steal employee credentials. Latest Egress Email Security Risks Report stated that out of all account takeover attacks, 85% start with a phishing email that can either bypass signature-based defences or sent from compromised legitimate domains.
At the same time, the collaboration environment has expanded to include cloud storage and file-sharing tools, and cloud-based productivity platforms. Yet many existing products don’t have a solution that works across both email and collaboration environments. Oftentimes, built-in security tools are limited in their protection scope. Trend Micro has intercepted millions of malicious emails for customers over recent years that platforms like Microsoft 365 failed to stop.
Stretched IT teams are also struggling with a surplus of security point products across email and other environments, both in the cloud and on-premises. These add management overheads and extra cost in the form of unnecessary licences and create security gaps – especially when attacks blend email, network, cloud, endpoint and other threat vectors. These silos also perpetuate barriers between specialist IT teams. In an increasingly dynamic and fluid landscape where the bad guys hold much of the advantage, a singular approach is needed.
One vision for email security and beyond
This is where the Trend Vision One platform comes in. It offers a single version of the truth for IT and security teams to unite around. In practise, this means comprehensive threat protection, detection and response across on-premises and cloud environments. It enables stretched internal teams to continuously manage risk across the entire digital attack surface: including email, users, endpoint, cloud, and network.
Trend Vision One™ Email and Collaboration Security is the latest piece of the puzzle. Seamlessly and fully integrated with the Trend Vision One platform, it unifies email and collaboration security across any email infrastructure. With centralised visibility and management, IT and security teams can continuously monitor an ever-changing attack surface, understand and prioritise risky users, detect suspicious behaviour and threats and take rapid action for containment and recovery.
With this purpose-built solution, users can:
- Prevent phishing, ransomware, BEC and other threats more effectively via AI and sandbox malware analysis
- Drive business agility by enabling secure use of a range of collaboration and email tools including Microsoft 365, Google Workspace, on-premises tools, and cloud file sharing and messaging
- Proactively contain threats and disrupt attacks with Attack Surface Risk Management that continuously analyses employee risk levels in real-time with email user risk assessments
- Eliminate blind spots and enhance detection and response across the entire attack surface using endpoint, network, cloud and third-party intelligence
- Meet and exceed compliance with 200+ pre-built, customisable compliance templates for Microsoft® OneDrive® for Business, Microsoft® SharePoint® Online, Microsoft® Teams, Dropbox™, Box™ and Google Drive
Trend Vision One™ Email and Collaboration Security is also available via the AWS Marketplace for seamless purchasing, deployment and integration with AWS environments. Email threats are here for the long run. It may be time to take a more strategic look at how to manage the resulting cyber risk.