Why Are We Still Talking About Email Security?
CXOtoday.com, Friday, May 26,2023
The vast majority of CISOs do implement email security. However, there's an incipient problem, an elephant in the room, that needs to be addressed. CISOs are often blindsided by this problem - they just don't see it at all. The problem is that CISOs do not know whether or not their email security is actually working and if so, to what extent.
When asked about how they know that their current level of email security is providing the correct level of protection, many CISOs simply lack an answer. They've got nothing. In one recent conversation, a CISO said to me, 'I don't know if we have a problem with email or not.' They don't know about the number of dangerous links that have been clicked on. They don't know if the number of phishing emails coming in is increasing or decreasing. And they're not improving rules around quarantining or releasing emails. They're not even in the operational space. Despite around 90% of cyber attacks originating from an email, it is seen as a black box.