A stacked approach to cybersecurity

The prioritisation of technology projects for 2021 has been massively affected by the global reaction to the pandemic. The majority of organisations were forced to immediately introduce new ways of working to remain operational during enforced lockdowns. A rapid acceleration of digital transformation followed, to enable flexible engagements with colleagues, customers and partners.

Organisations were forced to operate in a different way, and with minimal notice, many were caught completely off-guard. Cybercriminals seized the opportunity and rapidly sought to exploit newly available security gaps. Almost overnight, organisations had to deal with more technologies and access points as they battled to protect data, systems and reputation.

Over 12 months have elapsed, and the unanimous consensus is that hybrid working is here to stay as productivity benefits, morale and operational cost efficiencies have been recognised. From a security perspective, the increase in flexible working means there’s a lot more to protect as the operational surface attack area has grown.

Most existing enterprise security was not fully equipped to deal with such a rapid growth in digitisation, and a lack of in-house cybersecurity expertise has increased corporate vulnerability as IT environments increase in complexity.

As IT systems extend their collaborative scope, security need to be enhanced to underpin accelerating digital initiatives. Security technology strategies must, of course, support critical business outcomes but the original investment in current security infrastructure must also be considered.

Rather than continuing with point security solutions, a more unified ‘stacked’ approach provides an opportunity to blend new investments with existing technologies, supporting and evolving the security strategy as a whole.

Stacked security solutions follow a building block methodology by adding additional layers of complimentary protection to existing infrastructure. They are generally modular, enabling the specific service to work either independently or as part of wider solution.

To help organisations evolve their cyber protection, we’ve recently added two additional Mimecast elements to our security portfolio that protect against fraudulent Email, Domain and Web activity.

DMARC Analyzer (Domain-based Message Authentication Reporting and Conformance) is a global standard of security certification that detects anyone using your domain without authorisation. The system identifies legitimate and fraudulent inbound emails, and quarantines or rejects mail from all unauthenticated sources.  

Email sent from trusted sources on your behalf that is incorrectly certified will be identified - enabling to you take corrective action. It also stops unauthorised use of your email domain identity, with the dynamic reporting of malicious activity for immediate remediation.

BEP (Brand Exploit Protect) deals with the exploitation of a company identity by cybercriminals who use trusted brands to target unsuspecting people. Attackers will clone and impersonate a website - attracting people through email phishing and fake advertising in an attempt to steal personal information and data.

Both DMARC Analyzer and BEP reporting are included in the single ‘pain of glass’ management console for your entire Mimecast security solution.  

Sure’s Professional Services experts help customers create IT environments that meet specific hybrid working needs - both now and into the future. If you would like to know more about our cybersecurity solutions, please click here  or Contact us for more information on how we can help you.