Professional Documents
Culture Documents
Cloud Email Security Overview - 2024
Cloud Email Security Overview - 2024
(CES) Overview
CES OVERVIEW
Email is the…
#1 way organizations
communicate
70%
of organizations use cloud
#1 threat attack
email solutions today. (Gartner) vector
91%
of all cyber attacks begin with
a phishing email. (Deloitte)
2
CES OVERVIEW
Partner /Vendor
Account takeovers
Target
Organization External
°°° Internal
Account
°°°
takeovers
3
Why Cloudflare?
CES OVERVIEW
5
CES OVERVIEW
Email Security
Market
Multi-Channel Protection
Direction (Adaptive Link Isolation ) Targeted
phishing & BEC
Forrester and Gartner ML-Powered BEC Detection
have noted a shift away (Employee/Vendor Account Compromise) protection
from traditional SEG
models to leverage a Fast & Flexible Deployment
more complementary (Inline, API, Journaling, Multi-Mode)
pairing of native
capabilities from email
providers with email
security solutions
focused on protecting
against more targeted
and evasive phishing Email Hygiene
Email Provider
attacks. (Anti-Virus, Anti-Spam)
Data Management
(Archiving, Compliance, Data Controls)
6
CES OVERVIEW
Links 36%
Domain Age 30%
Identity Deception 14%
Credential Harvester 6%
Brand Impersonation 5%
Attachment 2%
Other 7%
IMPERSONATED SENDER
Using a legitimate supplier account that was compromised
CLOUDFLARE INNOVATIONS
Sentiment Analysis
User Impersonation
CES OVERVIEW
01 02 03 04 05 06
12
Malware/Attachments
CES OVERVIEW
$5.13M cost
of a ransomware attack in 2023
(an increase of 13% from 2022)1
24% share
of malicious attacks that rendered
systems inoperable1
Phishing
is still the most common delivery
method for ransomware
All industries
and company sizes are being
targeted with ransom attacks
Links 36%
Domain Age 30%
Identity Deception 14%
Credential Harvester 6%
Brand Impersonation 5%
Attachment 2%
Other 7%
Multi-channel phishing
ATTACK LIFECYCLE
Stages
The various phases of an attack that Research Initial Access Execution Privilege Escalation Continued…
an attacker may progress through to
reach their end goal
Vectors
The various entry points and Software Phishing Supply Chain Drive-By
Continued…
Exploitation (#1 threat vector) Compromise Compromise
vulnerabilities an attacker will attempt
to exploit to gain initial access
Channels
The various applications an attacker Email Web Text Social IM
can engage a user through to gain
access, steal info, or commit fraud
CES OVERVIEW
Detection technique
Cloudflare employs a multi-faceted approach
that includes deconstructing complex links,
crawling URLs to the end, and analyzing a
Malicious link hidden within QR code to direct
wealth of network telemetry to scrutinize users to a fake login page
domains, IPs, and usage patterns.
CES OVERVIEW
Benign
Allow and potentially expose the user to
malicious content 100%
ALLOW
20
CES OVERVIEW
File download/upload*
technology
Copy/paste and print*
interactions
controlled
● Low-latency, high
resolution user experience Zero Trust
draw commands Untrusted code
that feels like local browsing
Untrusted
Sensitive data
● Universal browser interactions
User browser Any website, link, or app
compatibility for greater
ease-of-use
Impersonated sender
no-reply@sharepointonline.com
Reply-To mismatch
help.desk.message.alert@mail.com
Impersonated Sender
TARGETED USER:
Vice President of Accounting and Treasurer at F500 Insurance Company
CES OVERVIEW
Benefits: No inbox dwell time, adaptive link Benefits: Faster deployment, post-delivery
isolation, pre/post-delivery protection retraction, easier setup for complex architectures
CES OVERVIEW
O365 users
Run a free phishing retro scan in minutes to identify
active threats that have already evaded existing
security controls over the past 14 days and are
currently sitting in your inbox.
Gmail users
Request a free phishing risk assessment to identify
the phishing threats that are evading your existing
security controls, as they’re being delivered.
29