MIMECAST

ENTERPRISE BUSINESS EMAIL PROTECTION

91% of attacks start with email

Mimecast cloud cyber security solutions feature world-class efficacy to protect communications, people, and data with cloud-based email management, security (malicious email, phishing etc), archiving, and continuity services.

AI, Machine Learning, and Social Graphing map communication patterns to detect anomalies, becoming even smarter over time for trusted continuous protection.

Organisations choose Mimecast's Cloud Integrated (for M365) and Cloud Gateway for several compelling reasons:

• To empower employees with Awareness Training
• Protection from Phishing / Spear Phishing
• Impersonation Protection
• To meet Cyber Insurance requirements
• ISO27001 Compliance Requirements

#1 Awareness Training

HOW CAN WE TEACH OUR EMPLOYEES TO RECOGNISE CYBER THREATS?

Organisations depend on people. Threat actors know this, and cyber-attacks continue to exploit human behavior with ever-increasing sophisticated cyber-attacks. Every day, security teams are left playing catch-up. Mimecast stats show that 91% of all ransomware attacks start with an email, which reinforces the fact that cyber awareness training is a crucial component of an organisation's overall cyber security strategy. It helps reduce security risks, ensures compliance, and empowers employees to play an active role in protecting the organisation's digital assets and reputation.

• 100+ humour-driven broadcast quality modules
• 2-3 minute micro-learning approach
• Covers phishing, impersonation, social engineering, and more
• Scheduled 12-month program with industry-configurable content options

• 85% of security breaches
  involve a human element
• 77% cyber security leaders report
  annual increase in attacks
• 66% security pros say their organisation’s
  cyber security budget is less than it should be

Experience award-winning security awareness training with Mimecast Cloud Integrated today:

#2 Phishing

WHAT IS THE GREATEST RISK TO OUR CYBER SECURITY POSTURE?

Phishing is the most common and increasing way that bad actors target employees’ data.

Mimecast provides a comprehensive and multi-layered defence against phishing attacks (using email filtering and scanning, URL protection, attachment scanning, Impersonation protection, and threat intelligence in combination with user awareness training), which are a common and significant threat to organisations' cyber security.

And for organisations using M365 Defender, approximately 11% of malevolent emails are getting through.

#3 Spear Phishing

IS SPEAR FISHING THE SAME AS PHISHING?

The difference between phishing and spear phishing is that it is a more targeted and personalised form of attack.

In spear phishing attacks, the cybercriminals carefully select their victims and craft highly personalised emails designed to deceive specific individuals or organisations.

#4 Cyber Insurance

HOW DO WE ENSURE WE MEET OUR INSURANCE REQUIREMENTS?

There is an ever-increasing demand by UK cyber insurance companies for specific requirements for email security.

These may include:

• Multi-Factor Authentication
• Email Encryption
• Strong Password policies
• Employee Training and Awareness
• Phishing Protection
• Email Gateway Security
• Email Backup and Recovery
• Incident Response Plan
• DMARC email authentication protocol

Best-of-breed Mimecast Cloud Integrated modular solutions are tailored to enable organisations meet cyber insurance requirements.

#5 Impersonation

HOW CAN WE STOP BAD ACTORS DECEIVING OUR CONTACTS BY FAKING OUR ORGANISATION COMMS?

Brand impersonation is a type of cyber threat in which malicious actors attempt to impersonate a legitimate organisation or brand, in order to deceive recipients, and carry out various forms of cyberattacks or fraud. These impersonation attacks often take the form of phishing emails, where attackers use various techniques to make their emails appear as if they are coming from a trusted source, such as a well-known company or a government agency.

The goal of brand impersonation attacks can vary and may include stealing sensitive information, spreading malware, or defrauding individuals or organisations.

Mimecast employs the following techniques and features to mitigate impersonation risk:

• Email authentication (e.g DMARC)
• Anomaly detection using machine learning and behavioural analysis
• URL and Attachment sandboxing
• Content Filtering and Data Loss Protection
• User Awareness Training
• Threat Intelligence

#6 ISO27001

HOW CAN WE MEET OUR ISO27001 COMPLIANCE REQUIREMENTS?

While ISO 27001 itself does not provide detailed requirements for email security, it does establish a framework for organisations to define their own information security policies and controls. Email security requirements should be determined based on an organisation's specific risk assessment and security needs, but ISO27001 can guide organisations in setting up those requirements.

These considerations increasingly include:

• Risk Assessment (cyber maturity exercise that includes email security)
• Malware protection
• Email retention and disposal
• Employee Awareness Training
• Incident Response
• Monitoring and Logging
• Compliance and Auditing
• Vendor Management

ISO 27001 emphasises a risk-based approach to information security, so organisations should tailor their email security requirements based on their specific risks and compliance needs.