Fighting Ransomware and Phishing Attacks with Cisco Secure Email
Although people today use dozens of messaging apps and social networks to communicate, people and businesses still overwhelmingly rely on email. But as email has become more capable, it’s also become more vulnerable. It is now a primary vector for cyberattacks, with nine out of 10 malware attacks occurring when unsuspecting users open fraudulent messages.
These emails use phishing, a technique that tricks recipients into revealing sensitive information like login credentials that allow hackers to bypass security measures. To protect themselves from such intrusions, companies have to secure their email infrastructure, which is far more complex than it appears
Moving Email Servers to the Cloud
I manage the IT Technical Support Team at the Van Leeuwen Group, a family-run trading company in the Netherlands that specializes in steel pipes and pipe and tube applications. Our distribution network comprises nearly 300 branches worldwide and caters to the automotive, construction, power, and pipeline industries, among others. We communicate mainly through email, so our email infrastructure must be robust, secure, and available 24/7.
Our email infrastructure has evolved over the years. In the past, we ran on-prem email servers using Cisco Email Gateways to route and secure messages. We recently adopted Microsoft 365 as our cloud-based productivity suite, so we upgraded to Cisco Cloud Email Security , the company’s solution for managing and securing cloud-based email infrastructure.
It was a paradigm shift for the Van Leeuwen Group. Moving our productivity suite and email servers to the cloud required us to rethink our approach. We examined our internal resources and realized we lacked the expertise and the people to architect a secure cloud-based email environment. That’s when we called in the professionals at Software Connection, a Dutch Cisco Partner systems integrator that focuses solely on email solutions.
The Evolution of a Secure Email Solution
Having Software Connection on our side is like having an enterprise-wide in-house IT team that guarantees a perfect email experience for all our end users. Their team took charge of the transition from Cisco Secure Email Gateway (on-prem) to Cisco Secure Email Cloud Gateway (cloud hosted by Cisco).
We chose to stay with Cisco when we shifted to Microsoft 365 because Cisco has made tremendous progress in filtering unwanted emails. Their anti-spam solution was rock-solid. As cyber threats continuously evolve, Cisco SenderBase Reputation Server provides the first layer of a much-needed reputation filter. By shifting the focus from the content of an email to its sender, Cisco filtered out more messages and prevented more bad actors from repeatedly accessing our email servers.
SenderBase evolved into Cisco Talos threat intelligence, which is built seamlessly into Cisco Secure Mail. It constitutes the first line of defense.
Migrating and Securing Our Email Servers
Software Connection quickly migrated our email servers and security to the cloud. The installation took less than a day, but Software Connection spent the next month applying patches, configuring email and DNS servers, refining filters, and ensuring everything worked properly. But that’s only part of the equation.
The initial setup was about configuring our internal email domains and protecting our network from internal threats. The next step was implementing the tools and technologies to configure our anti-phishing policies and actively monitor the internet for emerging threats.
Software Connection deployed Domain-based Message Authentication, Reporting & Conformance (DMARC), which uses Sender Policy Framework (SPF) and DomainKeys-identified Mail (DKIM) to authenticate messages. These protocols detect malicious activities like domain spoofing to root out potential phishing emails and prevent them from reaching their destination.
We have the best tools and technologies in place. Still, we let Software Connection manage and configure our email infrastructure instead of learning the ins and outs of every protocol and setting. It’s the best way to make the most of our time and resources while continuing to protect the Van Leeuwen Group from cybercrime, security breaches, and other online threats.
A Tremendous Step Forward
As an international trading company, we rely heavily on email, and the amount of malicious emails is staggering. In a recent month, Cisco Secure Email flagged 58% of incoming emails as suspicious. It also blocked 750,000 emails because they were not DMARC-compliant. With so much malicious content trying to penetrate our defenses, routing legitimate emails to their intended recipients is essential.
Software Connection and Cisco Email Security have given the Van Leeuwen Group the tools to achieve this goal. These tools keep malicious emails at bay, and our IT department receives fewer service calls from people who want to know the whereabouts of their expected messages. We no longer have to monitor quarantined emails either. Instead, our end users get the emails they need and nothing else.
As they spend less time on the phone with IT and more time acting on the business information from their emails, they are more productive. It is a tremendous step forward.
The High Price of Lax Security
In some ways, enhanced security is a no-win situation for my IT team. If cybersecurity criminals don’t penetrate our defenses, management might wrongly assume we’re spending too much time, money, and effort on security and ask, “Why do we need all this?” If a bad actor succeeds in an attack, they’ll want to know what we’re getting for our money: “Why did we allocate all these funds and still get attacked?” But these are the wrong questions. IT professionals must change the narrative and ask their leaders, “What are the consequences if we are not secure?” A single email can lead to untold financial and reputational damage. There’s no point in pinching pennies when a breach can wipe out so much of what you’ve worked to achieve as a company.
But these are the wrong questions. IT professionals must change the narrative and ask their leaders, “What are the consequences if we are not secure?” A single email can lead to untold financial and reputational damage. There’s no point in pinching pennies when a breach can wipe out so much of what you’ve worked to achieve as a company.
Nothing Is Foolproof, but Cisco Comes Close
It’s unreasonable to think your IT infrastructure is 100% secure. Nevertheless, you must take every precaution to improve your security posture and continually evaluate and evolve your strategy based on the current environment.
Cisco Secure Email is a reliable email gateway with excellent protection against all kinds of cybersecurity threats. It’s the right solution for an international trading company like the Van Leeuwen Group, and Software Connection is the perfect partner to manage and configure it. Doing business via email has never been safer.