A.

What is Email Security:

Email security is the practice of using technology to inspect incoming emails for malicious threats and encrypt—or
secure—outbound email traffic to protect mailboxes, data, users, and organizations from cyber security attacks and
schemes.
Cloud email security is important as more companies migrate to a cloud or hybrid email platform. Layered
defences can provide comprehensive protection that incorporates email security best practices.
B. How can email messages be compromised:
While many cyber security professionals are aware of common email security threats like phishing, ransomware,
business email compromise, and other inbound threats, it's important to also consider data protection and securing
outbound traffic. In short, implement measures to prevent users from sending sensitive data through email to
external parties. There are four main components of an email message that can be compromised or manipulated:
 The body of the email
 The attachments of the email
 URLs contained within the email
 The sender's email address
C. What are email security best practices:
Email security best practices include the use of a robust email security posture that contains layers of
security measures, including effective security intelligence across your entire architecture, retrospective
remediation, and encryption to prevent data leakage among other features.
D. Types of email threats:
Spam:
Spam email is any unsolicited and unwanted junk email and is often sent for commercial purposes. When
spam is sent out in massive volume by botnets to an indiscriminate recipient list, the goal is most likely to
spread malware by infecting computer networks, for business email compromise, and for phishing.
Phishing:
Phishing is sending fraudulent communications that appear to be from reputable sources, usually through
email or texting. The end goal is to steal money or sensitive data like login information or to install
malware or ransomware on the victim's machine. Phishing is a very common cyberattack.
Malware:
Malware refers to any intrusive software developed by cybercriminals to steal data and destroy
computers and network resources. One of the most common forms of malware is ransomware. Recent
malware attacks have ex-filtrated data in mass amounts. Malware comes in many forms and is often
referred to as viruses, worms, Trojan viruses, spyware, adware, or bots.
Business email compromise (BEC):
BEC is a carefully planned and researched spoofing attack that strategically selects and impersonates a
company, executive, vendor, or supplier. Adversaries create targeted messages and add unique details
about either the person they are posing as, and/or the person they are attacking, to add legitimacy to the
request. The end goal is often to trick someone into sending money over the wire or granting network
access.
E. Types of email security best practices:
1. Run regular phishing exercises:
Your employees are your greatest defence against phishing. Employees who can learn to recognize a
phishing attempt can stop the endpoint compromise.
2. Use multifactor authentication:
In the event that a corporate email account's credentials are successfully stolen, multifactor authentication
can prevent an attacker from gaining access to the account and wreaking havoc.
3. Consider DMARC:
DMARC, “Domain-based Message Authentication, Reporting & Conformance”, is an email
authentication, policy, and reporting protocol. Use of DMARC domain protection protects a company's
brand by preventing attackers from using a legitimate corporate domain in phishing campaigns.
4. Implement safeguards to quarantine and remediate threats:
Message quarantine functionality is useful to hold a message while a file attachment is analysed prior to
releasing the message to the recipient. If the security of the email is violated then it removes the malicious
attachment, or removes the message completely.
5. Harness threat intelligence:
External email threat feeds in Structured Threat Information Expression (STIX) are now commonly used
by email security products, which is helpful should an organization want to use a vertical-focused threat
feed beyond the native threat intelligence in the product.
6. Consider an integrated cyber security solution:
Integration of email security with broader cyber security portfolios is also becoming common to
determine if advanced malware or messages in an environment may have been delivered to particular
users or inboxes.