RSS feed Get our RSS feed

News by Topic

BizReport : Ecommerce archives : November 04, 2016

Expert: How to protect brand identity in the cloud

Technology advancements have provided enormous opportunities for brands to protect consumers from phishing attacks, but tech has also opened businesses to other types of security risks. One expert explains.

by Kristina Knight

Kristina: You suggest that cloud-based email services are creating new security risks - what are these risks?

Vidur Apparao, CTO, Agari: Today, the only way to secure a brands' email identity is to have complete visibility and control over the email channel. However, understanding the full scope of email senders that represent the trusted online identity of an organization has never been more complex. For many businesses, cloud-based email services such as Salesforce, Marketo or Epsilon represent the majority of email sent to their customers and partners today. From looking at our own customers' outbound email, we found this to be the case with nearly two thirds (64%) of their email, representing more than 5 billion emails per month.

While these cloud-based email services allow businesses to cut costs and streamline operations, the rapid adoption of these services is opening up the email channel to more security challenges as phishing attacks against consumers continue to rise. In Verizon's 2015 Data Breach Investigations Report, it was found that 1 in 10 consumers fall for phishing attempts. This is because brands are ultimately losing the ability to adequately monitor, control and respond to email threats against their customers, and are not taking the necessary steps to extend their security initiatives to third party vendors in order to mitigate these risks.

It's important to note that the implications for not stopping these phishing attacks can be huge for brands. A recent study we conducted showed that email-based attacks against consumers can lead to significant financial loss and reputational damage.

Kristina: What can brands do to alleviate these risks?

Vidur: Traditionally, if an unknown server was discovered to be distributing malicious emails, companies would simply just block the server. But this is no longer an option, as they may be blocking an entire company that is conducting legitimate work. In order to minimize the risks to consumers, it's critical for companies today to re-assess their outbound email security and bring third party vendors into the fold. They need to ensure that they have full visibility and control over all legitimate servers sending out communications on their behalf, so that they can focus on identifying and stopping the bad.

Kristina: Some research suggests 1 in 10 consumers fall for phishing attempts - why are these fraudsters still successful?

Vidur: Cybercriminals looking to exploit brand identities to defraud victims remains one of the biggest security threats today - and the problem isn't going away. Fraudsters are constantly evolving their techniques to escape detection so they can continue to trick people into 'clicking'. They are using more sophisticated social engineering techniques to exploit human curiosity and trust. For example, fraudulent emails are becoming more convincing in their fake branding, language and nature of the requests or exploit.

Tags: Agari, cloud business tips, cloud safety, cybersecurity, ecommerce

Subscribe to BizReport

  • one can also opt for an cIAM platform, as they too are secure and maintain all the security protocols for safeguarding data and authentication processes.



Copyright © 1999- BizReport. All rights reserved.
Republication or redistribution of BizReport content is expressly prohibited without the prior written consent.
BizReport shall not be liable for any errors in the content, or for any actions taken in reliance thereon.