The number of cyber-attacks and their costs to companies and the public continues to grow rapidly year over year, and 2020, the year of COVID19, has accelerated this trend. Not only do malicious actors use new technologies and more sophisticated techniques but the move to cloud-based communication and collaboration channels to support remote work environments over the last 16 months, has increased the number of security blindspots for hackers to leverage. This past year, global losses from cybercrime reached over $1 trillion, a more than 50 percent increase from 2018.
There is a huge gap between the level of investment in cyber and the actual results that have been reported by organizations. Enterprises have large security teams and are increasing their allocated budgets to protect themselves. According to Insight (Cybersecurity at a crossroad: The Insight 2021 Report) 96% increased their cybersecurity budgets in 2020, and 91% plan to do so in 2021. What is interesting to note is that by doing that, they are not actually increasing their level of confidence. In that same report, Insight reports that 78% expressed a lack of confidence in their company’s IT security posture and saw room for improvement.
And what happens with the smaller companies who lack cyber competence and budget and cannot invest in prevention? Unfortunately, cybercriminals do not discriminate by the size of a company, and an attack can cause tremendous damage and havoc from SMBs. Another interesting angle to take concerning the targeting of smaller businesses, is their connection with large enterprises that they may partner with. Hackers will leverage the vulnerabilities of the smaller companies in order to infiltrate the enterprise.
How is this done?
These attacks are referred to as ATO (Account Takeover) and are related to email accounts that are overtaken by hackers. Those accounts are consequently used to attack others, unbeknownst to the actual account owner. An excellent example was cited by FinCEN advisory where they noted that:
“Criminals often use spoofed or compromised email accounts to communicate urgent, last-minute payment changes. In the COVID-19 environment, criminals insert themselves into communications by impersonating a critical player in a business relationship or transaction, typically posing as providers of healthcare supplies, to intercept or fraudulently induce a payment for critically needed supplies”.
Protecting your organization is becoming more important than ever no matter the size.
Next-generation email security is easier to deploy with SaaS-based models and is integrated with email systems in minutes. There is no longer a need for long manuals, dedicated security teams, or a special workforce to help get the organization the best protection available.
The native integration of Acronis Cyber Protect Cloud with Advanced Email Security means MSPs can use one solution to extend their cyber protection services to protect their clients’ Microsoft 365, Google Workspace, Open-Xchange mailboxes, or any on-premise mail server.
Advanced Email Security intercepts all email-based threats, including spam, phishing and spoofing, business email compromises (BECs), advanced persistent threats (APTs), and even the zero-day malware attacks that are behind 80% of breaches.
“Email is both business-critical and the top threat vector for organizations today. For service providers, preventing email threats from reaching their clients is vital,” said Jan-Jaap “JJ” Jager, Board Advisor & Chief Revenue Officer at Acronis. “The new Advanced Emails Security pack marries the best-in-class technology from Perception Point with the unified cybersecurity, data protection, and endpoint protection of Acronis Cyber Protect Cloud. As a result, MSPs have everything needed to keep clients secure and their business efficient and profitable.”
For all businesses, developing a strong 360-degree cybersecurity strategy should be at the top of their agenda. Fortunately, Acronis powered by Perception Point has extended their capabilities and can now protect companies to approach security more holistically.
See the full press release here