Upload
others
View
5
Download
0
Embed Size (px)
Citation preview
Total Email ProtectionSecuring beyond the gateway
BR
AN
D -
Co
nte
nt
BR
AN
D -
Co
nte
nt
IT, we have a BEC
BR
AN
D -
Co
nte
nt
This decade brought sophisticated threatsR
isk
and
Co
mp
lexi
ty
2011 2019
Ransomware
Spear phishing/
social
engineering
Business email
compromise
Account
takeover
BR
AN
D -
Co
nte
nt
Email threats 1.0
Spam/malware
Gateway InboxInternet
Legitimate
Zero Day
BR
AN
D -
Co
nte
nt
Where gateway security fails
Corporate
InboxEmail High Reputation Sender Zero-Day Links No malicious Payload
Social Engineering
Reputation Filter | Content Filter | Advanced Threat Protection
✓ ✓ ✓
BR
AN
D -
Co
nte
nt
Email threats 2.0
Spam/malware
Gateway InboxInternet
Legitimate
Zero Day
Brand
ImpersonationBusiness
Compromise
(BEC)
Distracted
Emailing
Purchased
Credentials
Personal
Accounts
Conversation
Hijacking
Account
Takeover
(ATO)
BR
AN
D -
Co
nte
nt
Move prevention to point of risk
Prevention
• Email Gateway
• Archiving/BackupPoint of ingress/egress
BR
AN
D -
Co
nte
nt
Move prevention to point of risk
Point of ingress/egress
Point of risk
Prevention
• Email Gateway
• Archiving/Backup
• Inbox BEC Prevention
• Service Impersonation
Prevention
• User Training
• User Simulation
BR
AN
D -
Co
nte
nt
Invest in detection and response
Prevention
• Email Gateway
• Archiving/Backup
• Inbox BEC Prevention
• Service Impersonation
Prevention
• User Training
• User Simulation
Detection
• ATO Detection
• Conversation Hijacking
Detection
• Threat Hunting
• Brand Spoofing
Detection
Response
• Post Delivery Cleanup
• Password Reset
• User Reported Message
Triage
BR
AN
D -
Co
nte
nt
According to Gartner
Technical professionals must understand end user’s role in phishing detection and the human role of the incident responders during phishing response.
- Mario De Boer, Gartner
BR
AN
D -
Co
nte
nt
Gartner also says..
The email security market is starting to adopt a continuous adaptive risk and trust assessment (CARTA) mindset and acknowledge that perfect protection is not possible. As a result, vendors are evolving or emerging to support new detect and response capabilities by integrating directly with the email system via API.
BR
AN
D -
Inte
rtitle
How do we get there?
BR
AN
D -
Co
nte
nt
The next frontier – detection and response
O365 | Gsuite | Exchange
In/Outbound
Security
Encryption and
DLP
Archiving for
ComplianceGateway Defense
API Inbox Defense
Phishing Simulation and TrainingAwareness
Cloud BackupResiliency Email Continuity
AI for Social
Engineering
Brand Protection
DMARC Reporting
Account Takeover
Defense
Detection and
Remediation
BR
AN
D -
Co
nte
nt
The email gateway is the foundation of defense
Inbound & ATPProtect inbound mail from spam, malware, and advanced zero-day attacks
Use ATP and sandboxing to block malicious attachments
Outbound
Encryption &
DLP
Protect outbound email from distribution of spam and malicious email
Stop data leaks with secure messaging, data loss prevention, and encryption
Email Continuity Stay connected during downtime and continue to send and receive email
Ensure business continuity and keep your staff productive
BR
AN
D -
Co
nte
nt
Message Archiving for Efficiency and E-discovery
Archiving for
Compliance
Retain and preserve email with tamper-proof, policy-based email archiving
Stay compliant with requirement and address eDiscovery requests
BR
AN
D -
Co
nte
nt
Building resiliency to mitigate risk of downtime
Cloud BackupProtect your data from accidental or malicious deletion with cloud back up
Recover and restore data quickly and easily to minimize downtime
BR
AN
D -
Co
nte
nt
Barracuda Sentinel
Barracuda Forensics and Incident Response
BR
AN
D -
Co
nte
nt AI for real-time spear phishing prevention
• Trained on 2.5 million mailboxes
• <1:1,000,000 false positive rate
• Detects attacks gateways can’t see
Detect and remediate compromised accounts• Supports incident response workflows
• Internal threat protection
Brand fraud prevention with DMARC reporting• Instant visibility into brand use and misuse
Fraud prevention and inbox defense
BR
AN
D -
Co
nte
nt
BR
AN
D -
Co
nte
nt
Commonly impersonated web services
Enterprise Consumer
BR
AN
D -
Co
nte
nt
Incident response today
`
• Manual search for other recipients of malicious mail
• Unconnected systems lead to tedious manual checks
INVESTIGATE
• Manually remediation
• Quarantining malicious mail takes too long
RESPOND
• Users don’t always report attacks
• IT investigations take too long
IDENTIFY
> 30 min 2-4 hours 1-4 hours
BR
AN
D -
Co
nte
nt
Automate incident response
IDENTIFY INVESTIGATE RESPOND
Identify through Forensics
& Insights
Reported by
Employees
Search for other
recipients
Create an incident
Find users who clicked on
links
!
Block future attacks
Remove malicious email
from users’ inbox & send
alerts
2 – 10 min
BR
AN
D -
Inte
rtitle
Forensics and Incident Response
Standalone
BR
AN
D -
Co
nte
nt
Barracuda PhishLine
BR
AN
D -
Co
nte
nt
Not Just Email
Email USB Drive
SMS Voice
BR
AN
D -
Co
nte
nt
Why is Barracuda Email Protection Unique?
Spam/malware
Secure
Gateway
Mail Server Corporate
Inbox
ExecutivesInternet
Legitimate
Zero Day
BR
AN
D -
Co
nte
nt
The Forrester WaveEnterprise Email Security
Q2 2019
BR
AN
D -
Co
nte
nt
Resources and tools
Learn more from us• https://www.barracuda.com/totalemailprotection
Leverage Email Threat Scanner to find threats• https://scan.barracuda.com
14-day trial • https://www.barracuda.com/essentials
Thank You