RSA 2017 saw a number of exciting announcements and developments in the world of security. Microsoft called for a Digital Geneva Convention, many experts warned against an over-reliance on artificial intelligence (AI) to defend against cyberattacks, and ransomware was a ubiquitous topic as a new report from the SANS Institute named it the top security threat of 2017. The increasing risk of hackers infecting programmable logic controllers (PLCs) to infiltrate public utilities such as water, power and transportation also got a fair amount of attention at RSA. What’s more, Verizon announced its 2017 Data Breach Digest, which contained several illuminating statistics, including:
“For threat actors, those tactics and techniques used to manipulate or take advantage of victims include phishing (92%), pretexting (4%), and bribery/solicitation (3%). As one would expect, email is the primary means of communication to the target (95%)…”
The Digest highlighted two key things: the role that social engineering and human hacks continue to play in data breaches, and the fact that security is now more than ever a board-level issue. Perhaps most interestingly, we saw security firmly positioned as a proactive business driver, not a purely defensive technology.
It’s this focus on business and the human element that’s beginning to emerge more and more as the core concern for both CISOs and CEOs alike. The success of any company depends on trusted relationships between people and the ability to communicate and transact with trust at massive scale and speed. This fundamental business need is exactly what’s increasingly under attack.
And while companies have historically focused on securing their networks, servers, applications, data and devices, hackers have turned their attention to hacking the one ‘computer’ that allows them to bypass every other security measure in place: the human brain.
Social engineering, identity deception, ransomware, business email compromise (BEC), phishing and spear phishing attacks—the strategy of targeting human perception and human judgment to trick people into harmful actions is nothing new. But with the massive increase in the number of communications people have to deal with daily, the increasing pressures on knowledge workers to move quickly and be more productive, and the fact that email still remains the communication medium of choice for businesses—all this adds up to the fact that tricking a human being into clicking on something they shouldn’t is now the easiest, most common and potentially most devastating form of cyberattack. And as Agari’s own Markus Jakobsson discussed at RSA, 91% of all successful breaches are the result of social engineering and spear phishing:
Think about it. Human judgement is now the greatest risk to cyber security today. While many CISO’s are investing money to protect their networks, applications and data, billions of dollars in financial and reputational damage, and even our public utilities, remain at risk from targeted email attacks.
But it’s not just what we stand to lose that we should consider. It’s what businesses and public services stand to gain by shifting attention to these kinds of attacks. Email and human-to-human communication remain the lifeblood of any enterprise. Digital business transformation isn’t possible without digital communications. Securing digital communications infrastructure empowers businesses to thrive. Last year, business leaders began to realize that security drives business. But now, businesses must protect the final three inches of their networks—the distance between the human eye and the decision-making center of the brain—or all other security investments will amount to nothing.
That’s where we come in. Only Agari offers a machine learning-driven solution that prevents targeted email attacks at the gateway, keeps bad actors out of the inbox, and prevents the human network from getting hacked. Every day, our platform not only protects 3 billion email inboxes globally, but our AI engine gets smarter about how to protect the next 3 billion inboxes. Most importantly, companies who rely on email to drive their business can protect and enhance their digital growth strategies. Already, some of the world’s largest organizations including six of the top 10 banks and three of the top four social media companies trust Agari to safeguard their digital business and keep their workforce safe from the industry’s leading cause of security breaches.
To learn more about how Agari can help you secure your business against the most common and devastating form of cyberattack, get a demo of the Agari Email Trust Platform.