Resources

Blog

What is a DMARC Policy?: The 3 Types, Which to Implement & Other Requirements

In this post, we’ll briefly explain what a DMARC policy is , how to set up your DMARC email record, what the three types of DMARC policies are and when to implement each one, and how to diagnose and fix any issues associated with it. Basically, your DMARC policy tells email receivers what to do with illegitimate or possibly fraudulent emails—whether to reject, quarantine, or accept them. Overall...
Blog

The Science Behind the Scenes: How Machine Learning Combats Phishing Attacks and BEC

Because email remains the most ubiquitous form of business communication, it continues to be a favorite attack vector for cybercriminals. Email has always been vulnerable because it was not originally designed with security or privacy in mind. As a result, email security vendors emerged to protect this critical communication channel. In the early days, many vendors used signature or reputation...
Blog

99% of User-Related Threats Are Email Impersonation Attempts

Threats in corporate inboxes hit new highs with a quarter of all reported emails classified as malicious or untrustworthy. 99% of these threats were email impersonation threats, such as BEC and credential theft lures, that lack attachments or URLs delivering malware payloads. Cybercriminals continue to bypass traditional email security tools and reach end users by impersonating individuals...
Blog

DMARC Quarantine vs. DMARC Reject: Which Should You Implement?

You did it! You can now take a quiz and accurately answer "What Is DMARC?"! Next you've generated your DMARC record, implemented your policy, and authenticated your email domains. DMARC is no easy feat in itself and now, after DNS requests, third-party conference calls and writing internal policies, you are ready...to enforce a stricter DMARC policy ! If your DMARC policy has been set to p=none...
Blog

Are Cybersecurity and Data Protection Now Integral to Business Success?

A famous front cover of The Economist in 2017 declared that the 'world’s most valuable resource is no longer oil, but data.' The value of data has indeed increased significantly. Organizations rely on data and data analytics for almost every facet of their operations and use it to make insightful decisions to help move the business forward. Many have invested in the tools and solutions - AI, CRM...
Blog

How Data Classification Helps Organizations Maintain a Strong Data Security Posture

The rise of globally dispersed workforces and new work from home requirements are placing extraordinary pressure on every organization’s cybersecurity. And wherever there is upheaval, so cyber criminals thrive. Alongside the devastating health and economic impacts of the coronavirus pandemic, we have also seen an escalation in cyber-attacks. A recent CISO/CIO survey , looking at cybersecurity...
Blog

Five Ways to Secure Data Within the Defense Supply Chain

Unsurprisingly the defense industry requires the most secure information sharing environment in the world, but what implications does this have for ensuring the effective mitigation of cyber risks? There is something of a paradox between the need for complete information governance in the defense sector and the rise of IoT, BYOD, cloud computing and the democratization of data in today’s blurred...
Blog

Prevent Supply Chain Cybersecurity Attacks with Safer Data Sharing

When considering cybersecurity policies and risk management, protection from phishing, ransomware, and other Advanced Persistent Threats (APTs) are usually top of mind. Data loss protection usually makes the list as well. However, one area of risk that can be overlooked is supply chain cybersecurity attacks. Trusted partners are vital to organizations but the cyber risks they pose can be just as...
Blog

Stop Cyber Attacks Before They Start: Data Harvesting and Targeting

The Greek philosopher Plato wrote that “the beginning is the most important part of the work.” The great American statesman, scientist, and philosopher Benjamin Franklin similarly emphasized the importance of planning when he stated that “by failing to prepare, you are preparing to fail.” It is unfortunate that many cybercriminals heed their advice today. The number of threats continues to...
Blog

Cybersecurity Risks in the Supply Chain Are Leaving Organizations Vulnerable

When it comes to cybersecurity, any organization is only as strong as its weakest link. It may have invested in the best email security solutions , information security , web security solutions , and Advanced Threat Protection (ATP) on the market. It may also have trained its employees to recognize and react to cyber-attacks and put in place the processes to deal with social engineering lures...
Blog

The Not-So-Hidden Dangers of Hidden Data

Odds are, files and documents in your organization are not sitting in a folder on a desk or in a filing cabinet in the office. On the contrary, they are sitting on the cloud or computer desktop, and they are being transferred over email. The convenience of sending documents quickly with a few clicks has transformed the speed of business. But, like all things digital, convenience comes with risks...
Blog

Gone Phishing: What’s the Best Way to Educate Staff on Security?

How do you work out the weakest link in your team? Who is that employee most likely to fall prey to the socially engineered scams that are making billions of pounds for cyber criminals on the black market? Pertinent questions in the aftermath of the recent Kaspersky Lab report that revealed more than 100 banks, financial institutions and e-payment systems in over 30 countries had been targeted by...
Blog

The Seven Deadly Sins of Cybersecurity

Knowing what your employees are up to, enables you to strengthen your security policies. We all make mistakes at work from time to time. And sometimes we do things we know we shouldn’t. In the fast paced modern world, it’s easy enough to send an email to the wrong person or end up taking company information home. Often the consequences will be a bit of embarrassment, but every now and again they...
Blog

Cybersecurity and the Finance Sector: The Need for Stronger Data Protection Capabilities

After the fallout of the recent Capital One and Equifax data breaches, Clearswift commissioned a survey into the financial services sector to find out the extent of financial companies’ data protection capabilities. Worryingly, the results highlighted that 70% of financial enterprise organizations have experienced a cyber security incident in the past 12 months. This finding (among others...
Blog

Do You Have a Sensitive Data Protection Checklist?

Data breaches and data loss, including the loss of sensitive information, are scary scenarios, and while no one can guarantee a cyberattack will not happen, there are ways to protect your organization’s data. We take a look at the top five tips for protecting your sensitive data.
Blog

Maintaining Cybersecurity During Rapid Digital Transformation

Digital transformation is the process of using digital technologies to create new — or modify existing — business processes, culture, and customer experiences to meet changing business and market requirements.
Blog

Phishing with Invisible Ink

You might remember as a child, there was a revelation…invisible ink. Stepping forward to today, there is now a new type of phishing which uses invisible ink, or as it’s also called, ‘zero font’, as a means to beat the spam and phishing filters. Anti-spam / phishing filters work in several different ways; they look for specific words or phrases and there is then a statistical element. If there are...
Blog

Best Practice Steps for Safe Data Sharing

Digital data is everywhere, you only have to look at how much data is transmitted over the internet on a weekly, daily, hourly, or even second-by-second basis to understand just how much data is being shared.