The Lowest Cost & Most Effective Path to Better Cybersecurity | Data Driven Investor

Alex Panagides
5 min readSep 4, 2020

--

The best and most overlooked action for robust cybersecurity might be the least expensive

The new DarkSide ransomware is considered the “perfect product” by its creators. The increasing sophistication of attackers challenges even the best-defended organizations.

Among the many challenges organizations face in 2020, cybersecurity (or the lack thereof) has dominated the news cycle. Ultra-sophisticated criminals are penetrating every type and size of company. In a recent article from Forbes, yet another threat has emerged from what seems to be a highly experienced crew who claim their latest ransomware, “DarkSide,” is the “perfect product.” According to the article, the group has already netted $1M in just two weeks.

A confluence of increased digitization, criminal impunity, and a dramatic increase in remote work has conspired to create a perfect storm for cyber vulnerability.

Yes, the house is burning

If you’re getting the feeling organizations are under siege and losing, your feelings align with the data. Data reveals that the majority of organizations have suffered a breach. [1] No particular security product or even a collection of them is stemming the tide. [2] A confluence of increased digitization, criminal impunity, and a dramatic increase in remote work has conspired to create a perfect storm for cyber vulnerability. So stacked are the odds against the organization that the cybersecurity strategies du jour are assumed breach, data deception, and concealment. [3] In other words, the criminals are getting in, time to hide what they are looking for.

As the article points out, it’s back to security hygiene basics. “You have to lower the attack risk, diminish the attack surface, make security a real business priority,” states the author, adding “Reduce your insecurity footprint and make things harder, not easier, for the cybercriminals.”

The use of email attachments generates a stunning 55,000 file duplicates on average per user per year.

The Best and Most Overlooked Action for Robust Cybersecurity

There is one often overlooked action that almost any organization can do very inexpensively to radically reduce data exposure and “make things harder” for the cybercriminals. In fact, not taking this action makes all other security efforts potentially futile. [4] The action is to stop using email for file sharing. More specifically, stop using email attachments. No other technology replicates your sensitive data more. The use of email attachments generates a stunning 55,000 file duplicates on average per user per year. [5] No other technology provides so little protection. Email attachments are entirely unprotected. A message sent to the wrong recipient or a breached email account offers unrestricted access to every file it carries without any visibility or control by the file’s owner.

Instead of email attachments, share with cloud storage file links

Of course, email is the lifeblood of most organizations. Stopping file sharing through email is akin to throwing the “baby out with the bathwater.” It’s impractical. Fortunately, the alternative is readily available to nearly every organization, namely, cloud storage file links (e.g., Box, OneDrive, Egnyte). In stark contrast to email attachments, cloud storage file links don’t replicate data and provide powerful access controls, revocation, and encryption. Consistently sending files as secure file links will reduce an organization’s data exposure by around 90% when compared to standard email attachments. [5]

File distribution by Email Attachments vs. Share Links. Attachments are copied every time email is stored & attachments are accessed. File links only copy when files are accessed. The scenario does not account for external systems copied (e.g., CRM) or copies created by forwarding to an external recipient’s email system.

Game-changing cybersecurity that costs you next to nothing

For most organizations, using cloud storage links in email doesn’t require any additional expense. Either the organization already has a business-class cloud storage subscription, like Box or Egnyte, or storage is already included in its productivity suite — OneDrive (Microsoft) or Google Drive (GSuite). Realizing the immense benefits of switching from email attachments to cloud storage links becomes “simply” a matter of consistent user adoption.

Solving the User Problem

Of course, most cybersecurity efforts fail due to a lack of user adoption. [6] Fortunately, the major email providers (Microsoft, Google) are making it easier to send files as secure file links. Other low-cost tools, like mxHero, help organizations to ensure that attachments are converted to secure Box, Egnyte, Google Drive, or One Drive links without user intervention while working uniformly across all devices.

Technologies, like mxHero’s Mail2Cloud, provide server-side solutions that automatically convert attachments into cloud storage links without requiring end-user action.

It takes a crisis

Often it takes a crisis to force us to undertake the steps needed to resolve long-standing problems. In times of crises, organizations that adapt to better practices, not only survive but exit the crisis even stronger. As unprecedented challenges grip the world, today’s problems present an opportunity for organizations of all sizes to end their dependency on the antiquated and dangerous email attachment-based file-sharing model. Email attachments met the nascent demands of the early Internet decades ago, but it is terribly insecure and indefensible in today’s digital world. Now is a perfect time to kick the age-old habit and emerge stronger than ever before.

Sources

  1. Data breaches hitting more companies than ever
  2. Mandiant Security Effectiveness Report 2020
  3. 7 Tips for Effective Deception
  4. The Futility (And Hope) Of Cybersecurity In Today’s Organizations
  5. Our Dangerous Reliance On Email Attachments And What To Do About It
  6. Post-Pandemic Digitalization: Building a Human-Centric Cybersecurity Strategy

About the author

Alex Panagides is a well-known email technology pioneer and the founder and chief executive officer of mxHero, a Silicon Valley start-up providing cutting-edge solutions to support and enhance email for all, Alex launched mxHero in 2012 alongside a highly skilled team to improve email issues that companies face on a day-to-day basis, such as the increased volume and size of emails, virus and security threats, and global accessibility. The mxHero team is continually innovating to address email and data storage challenges for businesses and individuals. Alex had previously co-founded one of today’s leading email technology companies in Brazil, Inova International Inc. that grew to serve government agencies, telecom providers, and multi-nationals among other organizations in the region. In addition to his work as an IT specialist with a mind for solving real-world problems related to email pain points, Alex has also served as a consultant to the World Bank in Washington D.C. and Brazil. In all, Alex brings more than 25 years of technical, operational, and managerial leadership and vision to mxHero establishing partnerships with today’s leading companies including Google, Box, Dropbox, Microsoft, and Citrix.

Originally published at https://www.datadriveninvestor.com on September 4, 2020.

--

--

No responses yet