It is both a daunting and alarming figure. Over the course of 2022, according to Statista, it is estimated that a staggering 333.2 billion emails will be sent and received globally, a number that will come in at 347.3 billion next year and hit the 376.4 billion mark by 2025.
During the opening day of IT World Canada’s MapleSEC 2022 this week, a discussion took place between Jim Love, chief information officer (CIO) of ITWC and Alkin Gorgun, field chief information security officer (CISO) for Cloudflare that focused on the potential havoc all of that email activity has and no doubt will cause an organization.
Describing it as one of “our greatest areas of vulnerability,” the conference guide noted that, “by some estimates as much as 90 per cent of system breaches may leverage email as a key element. We ignore this at our peril.”
During the session, Love told attendees it is not only the “most popular form of business communication, it is also one of the most popular ways that we are attacked. Without a doubt, some of you are getting malware, phishing, or other potential threats in that email.”
Gorgun responded by saying that fact alone is why, no matter what email system is in use, a Zero Trust strategy must be implemented, despite the fact that users of Google Workspace, formerly known as G-Suite, and Office 365 contain native security controls.
“(They) are pretty good and they are getting much better at blocking those highly volumetric attacks. We can, in fact, stop about 95 per cent of (them) just with the native controls within these tools. The trouble is that the attackers are always evolving, they are always changing their methods and it is becoming a real problem.”
Asked how email programs should be set up to eliminate the threats, he said the answer lies in implementing new solutions. Gartner, he said, recently released their market guide for email security, and in that, they recommend that any new solution must contain an AI or machine learning component: “What these new tools do is look at the way that people communicate in an organization through natural language processing.”
In the guide, the research firm states that “email security refers collectively to the prediction, prevention, detection and response framework used to provide attack protection and access protection for email. Email security spans gateways, email systems, user behavior, content security, and various supporting processes, services and adjacent security architecture.
“Effective email security requires not only the selection of the correct products, with the required capabilities and configurations, but also having the right operational procedures in place.”
Cloudflare’s offering is called Cloudflare Area 1, a cloud-native email security platform it says identifies and blocks attacks before they hit user inboxes, enabling more effective protection against spear phishing, business email compromise (BEC), and other advanced threats that evade existing defenses.
Gorgun said that “machine learning is only as good as the data that you’re feeding it. We’ve built one of the world’s largest web crawlers that crawls the entire world wide web and we ingest about six petabytes of data every two weeks. And we feed that through our AI agent.
“Through the use of this machine learning, we’re watching every attack, every URL, every web, every IP address, to really understand what is happening from an attacker perspective.
“We’re finding we can stop attacks pre-emptively. About 24 days before the attack launches, we see indicators of a domain going up, some activity happening, and we can correlate with our massive learning engine to bring that protection to enterprises.
“One example of that was a Global Fortune 50 company, insurance company. They had Office 365, they have email security with Microsoft, they have a secure email gateway in place. They ran Cloudflare. Behind all of these, in a three-month period, we picked up 14,000 advanced attacks; these are people coming after them actively, and we saved them over a million dollars.”