Protect against data breaches by reducing human activated risk
Empower your teams to work and communicate securely
It’s estimated that 85% of breaches involve a human element1. The problem is that human activated risk takes many different forms – some intentional and many accidental.
Mitigating these risks is critical, but it can’t come at the expense of business productivity.
Egress can help you manage this balance.
Business Email Compromise
Business email compromise (BEC) is one of the hardest attack techniques to detect. Threat actors impersonate or hijack a legitimate business email account that belongs to a trusted vendor, CEO, or other executive, using social engineering to trick their target into fraudulently transferring funds or divulging sensitive information.
The signature-based detection in Microsoft 365 native security and secure email gateways (SEGs) cannot detect BEC attacks at the rate modern enterprises need to prevent financial losses, data exfiltration, and reputational damage.Learn more
Supply Chain Compromise
A single compromised vendor can result in a high proportion of their customers also becoming compromised, simply because the attacker was able to leverage their trusted relationship as an entry point and socially engineer their victims.
Email threats from compromised accounts have traditionally been hard to detect, but none more so than those from trusted suppliers and business partners. The native security in Microsoft 365 and secure email gateways (SEGs) struggle to detect phishing emails sent from trusted domains, leaving organizations exposed to account takeover, data exfiltration, and financial losses from fraudulent payments.Learn more
Invoice & Payment Fraud
Your Accounts Payable department is a priority target for many attackers due to the financial power they hold.
Attackers will often send random invoices through in hopes they'll be paid without second thought, but more frequently they'll socially engineer the victim to make the phish seem legitimate.
Unfortunately, they’re often successful.Learn more
Many phishing attacks use sender impersonation to socially engineer their victims by adding credibility.
Cybercriminals have evolved their email impersonation attacks to get through Microsoft 365's native security functionality and secure email gateways (SEGs). This leaves it down to individual employees to determine which emails are legitimate and which are spoofed, with a single mistake exposing organizations to credential theft, data exfiltration, and fraudulent payments.Learn more
Phishing is one of the most common attack vectors for ransomware. A threat actor might phish a user’s credentials, use them to launch a BEC attack and then sell the compromised account on to a ransomware actor. Or a ransomware actor might simply purchase compromised credentials and use them to progress the ransomware attack.
As threat actors find new and creative ways to deliver ransomware payloads, legacy detection techniques are failing to keep pace and users have little margin for error.
Account takeover is a formidable threat to organizations because once an attacker has a user's credentials, they're easily able to exacerbate their damage.
Traditional signature- and rule-based detection methods can't stop them, because any emails that threat actors are sending from the hijacked account are coming from a legitimate source with a network of trusted relationships.Learn more
Misdirected Emails & Files
Misdirected emails and files is the leading cause of data loss incidents reported to regulators. When people are under pressure, tired, or simply not concentrating, they make mistakes – such as choosing the wrong recipient via Outlook autocomplete or attaching the wrong files to an email.
The static data loss prevention (DLP) solutions delivered by Microsoft 365 and secure email gateways (SEG) don’t understand the anomalies in human behavior to detect accidental email data loss, and they can’t scale to deliver effective DLP for today’s enterprise.Learn more
Employees who intentionally exfiltrate data understand how to work around the policies and technical safeguards in place to steal valuable information or to inflict the most harm.
At the same time, organizations also suffer from non-malicious exfiltration from employees forwarding data and files to personal accounts to work on their own devices or print at home.
Traditional, static data loss prevention solutions, such as those provided by Microsoft 365 and secure email gateways (SEGs), are not intelligent enough to detect the subtle behavioral changes that people exhibit when exfiltrating data and prevent these incidents from occurring.Learn more
Breach of Information Barriers
Organizations need to control internal email communications between employees to prevent conflicts of interest that can lead to severe operational inefficiencies, damaged client relationships, and financial losses.
The static, rules-based email data loss prevention (DLP) offered by Microsoft 365 and secure email gateways (SEGs) is unable to scale to meet the modern enterprise needs. It requires too much administrative overhead to maintain DLP policies, such as when working with multiple clients with similar names. Static DLP is also unable to understand the context in which individuals share information to dynamically prevent emerging risks.Learn more
Breach of Confidentiality
Unauthorized access to personal information is a leading cause of security incidents reported to regulators.
Relying on people to select the appropriate level of protection can result in under encryption, when they forget, don’t understand the safeguards required, or simply find it quicker not to encrypt emails. Similarly, securing every outbound email or relying only on keyword policies can lead to over-encryption, which can frustrate senders and their recipients.
Traditional email encryption solutions are unable to automate email encryption in response to real-time risk, leaving organizations struggling to manage unworkable one-size-fits approaches.Learn more
Enhance M365 Protection
The native functionality in Microsoft 365 offers valuable foundational email security capabilities. However, advanced phishing attacks still get through its signature-based detection, while static data loss prevention can’t account for the anomalies in behavior that cause accidental and intentional security breaches.
Organizations must enhance Microsoft 365’s native security with intelligent email security.Learn more
Augment your Security Awareness and Training
People are more vulnerable to error when they are in Type 1 thinking. They act quickly and unconsciously, unable to recall historic training. As a result, SA&T programs that deliver generic training content on a periodic schedule are unable to meaningfully change people's behavior at the point of risk, such as when they're responding to a phishing attack or sending an email to the wrong person.
It’s in these moments that people need intelligent technology to augment SA&T, alerting them to threats in real time and nudging them into more logical, lower-risk Type 2 thinking.Learn more