Why You Need More than O365 Built-in Security

Microsoft® Office 365® is as popular with enterprises as it with cybercriminals. Find out why built-in security isn’t good enough.

March 18, 2019

Your organization can be fortified, an experienced IT team keeping constant watch, but a single well-intentioned and unsuspecting employee can wreak havoc by doing something they do a dozen times a day—clicking on a link in an email message.

Email is cybercrime’s most popular conduit for compromise. It’s easy to exploit through the actions of users and the security provided by popular email services like Microsoft® Outlook 365® just doesn’t measure up. It takes more than the native security to protect your enterprise against email attacks that grow more sophisticated every day.

Trend Micro recognized early that email hackers were adding new tactics to their well-known Trojan, backdoor, and ransomware exploits. To be ready for mainstream use by attackers, Trend Micro reacted immediately, developing new technologies, including advanced machine learning and behavioral analysis, as a part of our XGen™ security strategy. At the same time, we advised organizations to implement a multilayered cybersecurity regime that uses the right defensive techniques at the right time. 

"Trend Micro’s email security solutions offering caught almost 9 million high-risk email threats in 2018 alone—threats that were not detected by Office 365’s built-in security ..."

The phish are evolving.
Trend Micro data shows that phishing attacks represented 87 percent of all high-risk email threats detected in 2018, and that new variants are appearing all the time. While employee education is a critical component of any email security strategy, additional security is also required over the native protection provided by email services. Trend Micro’s email security solutions offering caught almost 9 million high-risk email threats in 2018 alone—threats that were not detected by Office 365’s built-in security nor by third-party email gateways.

Have you been compromised?
Business email compromise (BEC) is one of the newer phishing variants. BEC attacks attempt to gain access to corporate executive email accounts and spoof the owners’ identity to defraud the organization of money. Between December 2016 and May 2018, the FBI reported a 136 percent increase in BEC-related financial losses to enterprises around the world, with the total exposed dollar impact reaching US$12.5 billion. And with the BEC attack aperture expanding to include directors, managers, and their staff, this threat is certain to grow.

Trend Micro has developed proven protection against BEC, including writing style DNA analysis, and a full range of phishing, ransomware, and internal email and file sharing risks to address the shortcomings of Office 365’s native security and reduce enterprise risk of compromise.

Learn more about how a blend of cross-generational threat defense techniques can it make it safe to click an email again in Securing Office 365 from Trend Micro.

Securing Office 365

Office 365 is a cybercriminal favorite. Is the built-in security good enough?

About Trend Micro Research

Trend Micro Research is powered by experts who are passionate about discovering new threats, sharing key insights with the public, and supporting efforts to stop cybercriminals. Our global team helps identify millions of threats daily, leads the industry in vulnerability disclosures, and publishes innovative research on targeted attacks, artificial intelligence, Internet of Things (IoT), cybercriminals, and more. We continually work to anticipate the next wave of threats and deliver thought-provoking research that can shape strategic industry direction.