Comprehensive Cloud Security

1. How has the year 2016 been for the cloud security market? What all breaches and patches made to the top news?

For the cloud security vendors in general and for Mimecast in particular 2016 was a great year.  Unfortunately it was also a great year for cybercriminals as the criminal industry taken as a collective easily surpassed the billion dollar mark – probably many times over.  There were so many breaches I would be hard pressed to flag any top breach….although certainly Yahoo’s breach comes to mind just based on impact to their M&A plans with Verizon and the quantity of breached accounts.  Mimecast remains very focused on improving email security as this by far has proven to be the primary entry point for attackers via impersonation, social engineering, phishing, and other related techniques

2. How has your security portfolio performed in 2016?

Mimecast’s Impersonation Protect was the first cloud service in the market that directly combatted the cyber security threat from whaling or CEO fraud.

Mimecast’s Targeted Threat Security is also the most comprehensive cloud-based email security and compliance solution on the market today. Mimecast’s massively scalable mail transfer agent (MTA) with its multiple layers of malware and spam protection acts as your email bridgehead in the cloud, stopping known and emerging email borne threats before they reach your network.

The Radicati Group recognised Mimecast as a Top Player in its Secure Email Gateway – Market Quadrant 2016 (https://www.mimecast.com/globalassets/documents/analyst-reports/2016/secure-email-gateway-market-quadrant-2016.pdf )

Similarly IDC did the same –

https://www.mimecast.com/resources/analyst-reports/Dates/2017/1/idc-marketscape-mimecast-named-a-leader-for-saas-email-security/

For the second straight year, Mimecast has been named a Leader in the Gartner Magic Quadrant for Enterprise Information Archiving. In the new report, Mimecast were placed highest in “ability to execute” and furthest in “completeness of vision.”

Mimecast created integrated service bundles to deliver comprehensive risk management and support customers’ cyber resilience strategies – incorporating the latest advancement in email security, archiving, data leak prevention and business continuity.

3. How has the role of security in Cloud evolved over the past few years?

Organizations are now faced with an unprecedented mix of reward and risk as they migrate to the cloud with a vast majority of execs committed to their cloud transformations. Email is usually the first platform organizations move into the cloud. It’s the business application that IT departments are most comfortable relegating to a third party to maintain. Yet it’s also the ultimate Killer App, a vital conduit – and repository – for business-critical and strategic information. Whether cloud-based or on premises, email data is crucial for closing sales, negotiating, and brainstorming. It’s no wonder that email has also emerged as the single biggest threat vector for attacks on corporate information and we believe that we will continue to see this continue in 2017.

4. What should the 2017 CIOs be careful of when it comes to cloud security?

Cloud adoption continues to rapidly increase and so has the demand for integration between cloud based platforms. Email is the most efficient, simplest and cost-effective integration tool currently available to support this and therefore the reliance on email is increasing not just as a primary form of communication tool for businesses but also as a collaboration and integration tool.

As more organizations move their on-premises technology infrastructure to third-party cloud solutions, they are faced with a dramatic shift in operational dependencies, poor visibility into security, and unexpected risk. Now, more than ever, organizations need a fresh and realistic approach to cyber resilience planning that spans security, data protection, business continuity and end-user empowerment.

This is how the world looks in 2017:  First, email has far surpassed phone as the primary business communication medium. The average user sends and receives over 122 emails each day. Second: mobility. BYOD is our new normal. And third: 86% of workers recently surveyed say they use email to share files. Email is a collaboration tool, a workflow tool, and a file management system. While no security program should wholly rely on employees to save them from security incidents, having well-informed and engaged employees greatly helps reduce the risk and mitigate the damage of the inevitable breach.

It’s just as important to deploy a layered security solution for cloud-based email as it is when your email servers are in your datacentre. Cybercriminals have demonstrated boundless creativity in their efforts to exploit technology and human nature to breach corporate firewalls, access sensitive data, and steal billions of dollars. Even as email attacks appear with alarming frequency in news headlines, these exploits continue to grow bolder and more numerous over time.

5. Which aspect of cloud security was the most sought after in 2016 and which will be sought after in 2017?

Targeted threat protection from email-borne cyberattacks like ransomware, phishing and impersonation attacks were more sought after in 2016 and will continue into 2017 as these insidious methods compromise organizations’ data, cripple their productivity and cost them thousands.

In 2017, there is expected to be an increase in cyber gangs. Mimecast also predicts evolving forms of ransomware that deny access to desktops, serversand cloud services.  Attackers are also focusing on data mining and will use the data they gather in more advanced attacks to gather important data to be either sold on the Dark Web, or used in future attacks. Impersonation Attacks will continue to cost organizations millions in financial losses and macro malware is still in the Game where attackers exploit weaponize attachment files in common Microsoft Office formats. According to Mimecast research, 50% of firms have seen email attacks that use macros in attachments increase over the last year.

6. How are your security solutions a game changer?

Knowing 100 percent protection against today’s cyber threats is not realistic – cyber resilience becomes the name of the game.  Building a cyber resilience strategy that layers state-of-the-art preventative systems, point-in-time recovery measures, and a means to maintain continuity during an attack can make a significant difference in fending off the myriad of sophisticated threats.

Some of the benefits of Mimecast’s products and solutions include:

• Mimecast offers a single integrated solution which can deliver email security, continuity, and archiving. This combination can be particularly useful when dealing with potentially destructive attacks, such as ransomware.
• Mimecast solutions are fully cloud-based, providing automatic scalability, elasticity, and reliability while completely removing the customer’s need to manage software and hardware.
• Mimecast’s security solution combines antispam, antivirus, attachment sandboxing and immediate safe file conversion, URL-protection/rewriting, DLP, secure messaging, large file send, and impersonation protection.
• Mimecast’s solution integrates with the customer’s Active Directory (AD) environment such that log-in is accomplished with the user’s credentials and attributes about the user are used to determine access and security policy execution. Also AD information is used to accept/deny received emails compared with known good email addresses.
• Mimecast offers DLP capabilities based on Mimecast’s own technology (available in its “D1 DLP and Content Security” package) which provide security and compliance for outbound emails. Mimecast added a fuzzy hashing capability which scores attachments based on content and enables administrators to apply rules which leverage scores to make block/allow/encrypt decisions on outbound emails.