In modern organizations, it’s natural for there to be some friction between cybersecurity teams and employees. While the cybersecurity teams defends the organization’s attack surface with a defense-in-depth combination of tools, processes, and technology, it’s the employees who are really on the front lines.
An organization’s employees act as a last line of defense when static technical controls fail to detect threats or are breached, and it’s common for them to face cyberattacks, such as phishing emails that can hit their inboxes daily. In addition, for many of these folks, doing their jobs involves routinely handling sensitive information professionally and safely. That puts a significant amount of emphasis on individuals making the right security decisions.
With record breaches and cyberattacks occurring at high-profile organizations every year, cybersecurity teams have responded with robust policies and procedures that can sometimes make it even more difficult for employees to perform their duties.
Employees bear the brunt of incident repercussions
In the last decades, the insider threat emerged as one of the most significant risk factors in cybersecurity, and in response most organizations adopted strong policies to prevent insider-related incidents. Egress’s 2021 Insider Data Breach Survey 2021 revealed that there were repercussions for employees in 89% of incidents, ranging from informal warnings to formal disciplinary procedures, being fired or leaving voluntarily, or even being sued by the organization.
Let’s consider that 84% of organizations in our survey experienced at least one breach (for some, many more) arising from an employee mistake. It’s startling that 18% of these cases result in a dismissal. In 23% of the organizations surveyed, employees hacked via a phishing email were fired or left voluntarily.
More intelligent technology can protect employees and mitigate insider risk
Burdensome technologies and procedures leave employees having to choose between safety and productivity. Over half (55%) of surveyed CISOs said they rely on employees as their primary reporting mechanism for insider breaches. Given how important it is for employees and the security organization to work in tandem, CISOs must find innovative ways to reduce the stress placed on employees.
DevSecOps is a rising organizational philosophy that aims to bring IT, development, security, and the business together. By ensuring that they use intelligent technology that protects employees without relying on them alone to be the organization’s primary security defense, CISOs can reduce cyber friction and vastly improve their security posture. The quick emergence of DevSecOps teaches us that a combination of cultural transformation and embracing technologies that fuel automation can tremendously reduce friction between departments and enable unprecedented productivity levels.
Where possible, organizations should therefore automate their security stack to remove rank and file employees as the single point of failure. Not only will this improve security outcomes, but it creates a safer work environment for the employees that organizations depend on most.
Intelligent email security is the cornerstone of frictionless protection
Insider risk poses the most significant cybersecurity threat to any organization, and most of this risk centers around email. Employees are vulnerable to targeted phishing attacks that can expose their email accounts or sensitive company information. They also make mistakes, like misdirecting sensitive emails and customer materials. Unfortunately, some employees also break the rules to make their work-life easier or even for personal gain.
Our survey revealed that this problem is rising even more in the advent of widespread remote work. Over half (54%) of surveyed IT leaders believe remote work exacerbates the risk of insider incidents involving email. From the employee side, 48% of those surveyed stated they have received an email pretending to be a senior employee of their company.
While IT leaders recognize the risks associated with email, it’s essential to acknowledge that there isn’t a better way to communicate electronically. It’s fast, familiar, productive, and leaves a paper trail. This issue is even more complex because traditional data loss protection services repeatedly failed to stop breaches in some of the highest-profile cases.
The essential features of intelligent email security are machine learning and seamless integration
The best data loss prevention (DLP) can stop email breaches before they happen without changing how employees work. Advanced DLP solutions with machine learning work by establishing a baseline of normal behavior to spot deviations and stop breaches before they occur. These systems have features that can inspect messages and attachments and autonomously ensure the contents are suitable for recipients. Protect employees from targeted phishing attacks with solutions which utilize natural language processing (NLP) to analyze each email before it’s delivered to the inbox, ensuring that even the most advanced attacks are detected.
Usability is paramount, and it’s a proven fact that frustrated employees skirt around solutions that interrupt the standard workflow. That’s why it’s critical that any email protection solution not only be automated and frictionless but also able to integrate seamlessly with an organization’s existing email services.