Did you know that 90% of modern data breaches now involve a phishing attack?
These attacks usually consist of fake emails designed to look like they’re coming from a brand or institution that you trust.
Their goal is to entice you to click a link or download an attachment, which, in turn, puts malicious files on your computer. This can enable hackers to steal your identity, breach your systems, and more.
Unfortunately, there’s no single silver bullet to avoid these attacks– we need to implement a range of strategies to stop phishing from occurring. Here’s a list of 5 strategies in cost-effectiveness order:
#1 Office 365 Advanced Email Threat Protection
New malware campaigns are being launched every day, and Office 365 has a solution to help protect your email, files, and online storage against them. Office 365 Advanced Threat Protection (ATP) can help protect your mailboxes, files, online storage, and applications against new, sophisticated attacks in real time. It offers holistic protection in Microsoft Teams, Word, Excel, PowerPoint, Visio, SharePoint Online, and OneDrive for Business. By protecting against unsafe attachments and expanding protection against malicious links, it complements the security features of Exchange Online Protection to provide better zero-day protection.
NetCare recommends as an absolute minimum that all our clients using Office 365 add ATP to their monthly subscription for a cost of $2.86 per user per month. Initiating and configurating ATP will require services from a member of our professional services team to customize the settings for your Office 365 environment.
When it comes to preventing phishing attacks, end users are your first line of defence. Unfortunately, they are also often your weakest link. Today’s cybercriminals target managers and employees to infiltrate, counting on their ability to exploit human curiosity, error, and even greed. Many employees are totally unprepared to identify suspicious or malicious web content, putting themselves and the companies they represent at risk. Plus, for higher-value hacks, criminals put in greater effort to socially engineer the employee and abuse their trust. Senior executives with higher-level corporate permissions and access are often targeted in these types of campaigns – in fact these are now known as “whaling attacks”.
NetCare recommends Security Awareness Training (SAT) to provide effective cybersecurity education that is both timely and relevant to the employee. Through a continuous training approach, our courses are designed to modify risky user behaviours that can put the network in jeopardy. NetCare SAT (powered by Webroot) is available now via monthly subscription, with a minimum 6-month commitment.
An action we recommend you take right now is to download our infographic entitled “5 Quick Ways to Spot a Hoax” and share it immediately with your staff.
#3 Office 365 Secure Score
Using Microsoft Secure Score helps increase your organization’s security by encouraging you to use the newly added built-in security features in Office 365. Secure Score analyses your Office 365 organization’s security based on your regular activities and security settings and assigns a score. Think of it as a credit score for security.
NetCare recommends a review by one of our Professional Services team on a regular basis to ensure your Secure Score remains high.
#4 Identity and access management in the cloud
NetCare recommends integrating your on-premise servers and users with Azure Active Directory to provide a wide range of security enhancements including conditional access based on device and location, as well as multi-factor authentication.
We use the Microsoft Azure Premium P1 plan ourselves and there’s also the higher priced Premium P2 plan for clients that require the highest level of identity and access management across their cloud-based applications.
#5 Industry Leading Cyber Reliance for Email
Email is the number one business application that organisations depend on for communication, and it’s also the number one attack vector for cyber criminals. Organisations that send and receive emails containing sensitive personal information (for example, medical practises and financial services) need to have a cyber resilience for email strategy that is easy to manage, lowers costs and is highly effective in preventing attacks before, minimizing disruptions during, and quickly recovering email and data after.
NetCare recommends the Mimecast cyber resilience for email solution for clients that require a premium cyber resilience strategy.
NetCare is Ready to Assist in Avoiding Phishing Attacks
Unfortunately, phishing and whaling attacks are on the increase and collectively we need to take more precautions than was previously required. Our professional services team are ready to assist with a review of your cyber security requirements and also to implement the strategies that you decide are appropriate for your business requirements.
To fast-track your review, feel free to call NetCare on (02) 9114 9920 during business hours and ask to speak with either Oliver or Dhaval.