Organizations are constantly under attack

Organizations are constantly under attack. Nearly every week comes a news headline
of another breach affecting millions of people. Organizations that experience
“small” breaches spend hundreds of thousands of dollars on forensic examinations,
infrastructure upgrades and identity monitoring. Those that get hit by a large breach
spend millions.
The majority of those threats still arrive by email in the form of weaponized file
attachments, malicious links, wire-transfer fraud and credential phishing. In most cases,
attackers deploy email-borne attacks that target specific individuals and fool them into
believing they are from someone they do business with or someone in authority who
knows them. Often, attackers gather the information they need to pull off these sorts
of phishing attacks over social media, where employees share significant amounts of
personal and contextual information. Just as often, employees leak information over
mobile applications that make it easier for criminals to target their attacks.

While most antivirus, anti-malware and email security systems are good at catching
traditional mass email phishing attacks with known malicious attachments, links
and content, they are not catching the most sophisticated targeted attacks on email
recipients. These types of attacks, called spear phishing, gather information on high value
targets who have direct access to company financial or customer information.1
Using social media, mobile apps and other sources of information (such as a company
website), criminals can make connections between business associates and third
parties in order to craft emails that look like they come from someone the targets work
with—and neither network-based nor email-based security tools are catching them
consistently. The emails are so well crafted that even well-trained, sophisticated users are
likely to click their malicious URLs or weaponized attachments (malicious attack files).

These new attack surfaces and more sophisticated threats require updated functionality
and processes to protect organizations against advanced spear phishing, including the
ability to:hacker trans

• Block mass email attacks in order to detect specific, targeted attacks as indicators
of more serious compromise by a knowledgeable enemy
• Identify high-value human targets based on their role and the applications and
data they have access to
• Identify targets who click things they shouldn’t
• Intelligently respond to specific targeted attacks, including the ability to:
– Scan the actual URLs, to determine whether the website is hosting malicious
content, before a user is granted access
– Sandbox suspect URLs and attachments to test their payloads before users are
allowed to execute them
– Identify employees who fall victim to the lures for education
• Improve through self-learning (for example, the ability to automatically update
email security and malware detection systems to include new signatures)
• Continuously improve the collection of threat intelligence and data analysis