Last year, companies worldwide experienced 50% more weekly cyber-attacks than in 2020, notes Lindsay Blackie, Channel Manager Check Point at Westcon-Comstor. The same research has highlighted how threat actors have increasingly used SMS phishing (smishing) to distribute malware. They have also invested heavily in hacking social media accounts to gain access to mobile devices. Given the distributed working environment that has become commonplace in South Africa, businesses must therefore do more to safeguard endpoint devices, email systems, and cloud-based productivity suites.
There is no getting around the fact that cloud adoption is continually growing. And with many businesses rapidly making the switch to cloud-based infrastructure to support their growth requirements and empower employees to remain operational regardless of their geographic location, securing this environment must be prioritised.
Email and endpoint devices are significant sources of compromise as these are the vectors that benefit the most from human error. People still click on suspicious links, and they still have few cybersecurity measures installed on their personal mobile devices. Remote work has only exacerbated this challenge as people are more prone than ever to fall for email attacks and submitting (thanks to phishing) their account credentials to malicious users. This has become one of the most pressing cybersecurity challenges facing local companies today.
How to defend
Solving these immediate cybersecurity concerns while futureproofing against emerging threats requires the company to adopt a pre-emptive stance on safeguarding its email and productivity suites. These must be fortified to prevent attacks before reaching users, the weakest link in the IT environment. What has become evident over the past two years is how cloud adoption can expose business data and accounts when employees do not practise good cybersecurity hygiene.
But protecting this hyper-distributed workspace necessitates many security functions across user devices, applications, and networks. Integrating this sprawling defensive real estate can easily result in security gaps emerging and a cumbersome infrastructure that is difficult to manage and scale. Just consider the cloud-based touchpoints that must be protected. There is endpoint security from a device perspective, VPN remote access, mobile security, secure internet browsing, and email security all trying to work in harmony with one another.
Complete protection
Whether a business is using Microsoft 365 or Google Workspace, it looks to reduce the complexity of protecting its data and employees from compromise. Being able to deliver complete protection from threats to emails and productivity suites has become a priority.
Unfortunately, traditional mail protection solutions only protect email accounts and not the productivity suite applications they integrate with. These solutions are also deployed outside the cloud mailbox and do not block internal email attacks in real-time.
With almost half (49%) of companies worldwide being unable to detect an attack or breach on employee-owned devices, the time has come for technology and business leaders to think differently about cybersecurity. The mobile threat will only worsen as more local businesses adopt hybrid work practices. The legacy way of protecting against mobile threats is no longer good enough.
Mobile-first
Thanks to the availability of more sophisticated technologies like those from Check Point, a new breed of cybersecurity solution is emerging. Capable of dealing with everything from phishing attempts, malicious email attachments, or zero-day ransomware, these completely integrated endpoint solutions are powered by artificial intelligence engines and continually-learning threat intelligence networks to stop attacks before they happen.
They can safeguard against mobile attacks across vectors, including the application, network, and operating system layers. The most effective ones use real-time threat intelligence to guard against zero-day phishing campaigns actively. They also use URL filtering to block access to known malicious Websites from any browser. One of the key differentiators is a solution that can enforce conditional access to ensure that even if a mobile device becomes infected, it cannot access corporate applications and data.
Changing times
There is no getting around the fact that the mobile endpoint ecosystem is expanding. But with it, so too is the attack surface available to threat actors. Email and productivity suite security can no longer be considered a nice-to-have. If a company is to remain operational in the new digital world of work, then it must have an integrated mobile cybersecurity environment in place.
Providing proactive defences against sophisticated social engineering attacks and business email compromises has never been more important. Companies across industry sectors must protect sensitive business data and maintain regulatory compliance with advanced data loss prevention.
This can only happen using a modern, agile, and integrated cloud-based cybersecurity solution that automates all the complexities of keeping the environment safe while not causing any disruption to the employee experience in meeting their daily objectives.