email security

Today, we released our CISO Benchmark Study, an annual global survey of information security leaders working at organizations of all sizes and in all industries all over the world. With over 3200 respondents across 18 countries, the study offers a solid view of what’s on the minds and to-do lists of…

There are two kinds of people in this world: those who have been affected by Business Email Compromise (BEC) scams and those who don’t know they have been hit with BEC. It’s happening all the time, in your company, right now. People are getting emails that look official, from a realistic company ema…

Go phish! Cyber-attacks are big business. And the bad guys know that in any business, the more revenue you can generate with least investment means larger profits. It makes sense that when the bad guys find a reliable attack vector, like email phishing, they’ll use it for as long as it makes financi…

Every October, we celebrate National Cybsersecurity Awareness Month (NCSAM). This NCSAM, the five weeks of October are focused on five separate cybersecurity themes: simple steps to online safety, cybersecurity in the workplace, prediction for tomorrow’s internet, consider a career in cybersecurity,…

While email remains the #1 threat vector, the tools attackers use continues to evolve — we’re no longer dealing with annoying emails sent by amateurs.  Instead, well-funded and persistent organized crime and nation states create vast email schemes. At the heart of these attacks? Massive amount…

The Challenge of implementing SPF and DKIM It’s no surprise that email authentication standards such as Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) have not been widely adopted. However, organizations must take advantage of them to tackle two of the most pressing email securi…

This blog post was collaboratively written with Dinesh Shadrach. Dinesh Shadrach is a Sr. Product Manager in Cisco’s Security & Networking Business group where he oversees the design and evolution of Cisco’s cross-architecture software buying programs.    Security breaches dominate the hea…

It wasn’t until late 2017 that threat researchers discovered spam campaigns delivering crypto payloads using email attachments. In some cases, a Word document downloads the crypto payload via a malicious macro. Attackers also continue hiding malware in email attachments. It’s safe to assume that the…

If an average employee at your company got an email from an executive with an urgent request, would they question whether the email was coming from the actual sender? They probably wouldn’t. The reality is that most people would act on the request because of its time-sensitive nature. They assume th…