Has COVID-19 made local government less cyber secure?
Email is a powerful instrument for sending messages anywhere to anyone, so much so that it has become a universal tool of communication, both in and outside the business environment. Its status also makes it a prime target for threat actors, and the risks from malware, phishing, and ransomware regularly make the news headlines, as well as keeping an entire industry of technology in business providing security for inbound email flows.
However, another area of email security is now ready for a little more attention than it is currently given. Outbound email security focuses on building in controls to offset identified risks from the so-called insider threat, which spans various scenarios in which sensitive, confidential, or simply the wrong information is accidentally or deliberately sent to the wrong recipients. This outbound email data protection applies.
- from the composition and transmission of email, through
- understanding the context and sensitivity of content and recipient, to
- encrypting sensitive data while being sent (in transit) and while stored (at rest), and
- applying controls such as revocation or retraction to prevent or mitigate data leakage.
In some sectors, whether through regulation, highly confidential data, or specific privacy needs, there may be a higher risk of deliberate or sloppy intent or action that must be detected and blocked. Organizations operating in these areas, including financial services, legal, healthcare and other parts of the public sector, will find that it is not only in their best interests to do more to protect against data leakage through misdirected emails, but that it is something with which they must comply, and demonstrate compliance. For this reason, outbound email security and data protection has been important to, and had most of its deployments in, these sectors.
However, organizations in all sectors use email for some form of important business communications, and for the transmission of sensitive data that should only be seen by certain recipients. They are also all affected by data privacy and protection regulations. Attacks continue to increase in number and severity and can result in the use of accounts and privileges being taken over by those with malicious intent, such as using email to exfiltrate data. Nor are legitimate users infallible, and mistakes from inadvertent or accidental data sharing have significant consequences. All these scenarios can be mitigated with the right controls in place.
Applying the necessary controls and greater rigor, without making the process so difficult or time-consuming that it gets circumvented anyway by frustrated users, is a challenge that organizations will increasingly need and want to address. Encryption could be seen as the way to apply the strongest control, especially for data in transit, and using shared public keys for authenticating access by recipients, but machine learning now opens up ways to intelligently assess the complex relationships between email senders, recipients, and the content they share.
Taking steps to ensure greater data protection and avoid data leakage is something that all companies must deal with, and outbound email security needs to be addressed. This paper sets out the fundamentals of such technology and explores and compares the approaches taken by a number of vendors that have a specific focus on this area.