It's become beyond clear: Default security is not enough.
Gartner has long suggested that, for its customers, EOP doesn't hack it.
And now, in a new report, they've noted that many clients have expressed dissatisfaction in Microsoft ATP (now re-named as Microsoft Defender for Office 365, or MSDO) because it is simply missing emails.
It starts with business email compromise scams. It's become the hackers' new go-to attack. The stats are troubling.
The average BEC payment nearly doubled between the first and second quarter of 2020. It's now at $80,183, on average. And the FBI has noted that, between 2014-2019, they saw claims of over $2.1 billion in losses from BECs. Gartner found that BECs increased by nearly 100% in 2019 and through 2023, predicts that BEC attacks will continue to double each year, at a cost of over $5 billion to its victims.
Why are they so effective? They are incredibly hard to stop. As Gartner has noted:
...due to the rise in business email compromises, account takeovers, and other sophisticated attacks, many times some malicious emails are actually missed by MSDO, and in fact by any other email gateway solutions. Therefore, organizations should strongly consider integrating third-party solutions to strengthen their email security capabilities.
BECs are hard to stop because you need internal context to know that one is occurring. Companies like Mimecast and Proofpoint, which utilize Secure Email Gateway technology, are designed only to monitor inbound email—therefore they have no way of scanning an internal email or understanding the context or conversational relationships within an organization. When an SEG sees an email from the 'CEO' to the 'CFO', it will be the very first time it has seen such a conversation.
Both Microsoft and Google have the internal access required to prevent BEC attacks and many of their anti-spoofing tools do a good job at blocking basic attacks. But the issue is that their infrastructure cannot perform the per-customer contextual analysis required for most BEC attacks.
They work with far too many companies and customers to properly monitor all internal accounts and understand an organization's relationship and reputation patterns.
Avanan, though, provides all the protections crucial to stopping BEC attacks:
- Machine learning algorithms combine with role-based, contextual analysis of previous conversations to identify threats that Google, Microsoft, and external mail gateways miss,
- Deployment-day analysis of one-year's email conversations to build trusted reputation network,
- Scanning and quarantine of internal email and files in real-time, protecting against east-west attacks and insider threats,
- AI and machine learning techniques to rapidly adapt to new threats and behaviors,
- Account takeover protection beyond email: login events, configuration changes, and end-user activities throughout the suite.
BEC attacks are too dangerous and commonplace to leave to default security.
Avanan has the highest-rated email security solution and is the only vendor with the internal context needed.
It's why more and more companies are coming aboard.