Total Email ProtectionSecuring beyond the gateway

BR

AN

D -

Co

nte

nt

BR

AN

D -

Co

nte

nt

IT, we have a BEC

BR

AN

D -

Co

nte

nt

This decade brought sophisticated threatsR

isk

and

Co

mp

lexi

ty

2011 2019

Ransomware

Spear phishing/

social

engineering

Business email

compromise

Account

takeover

BR

AN

D -

Co

nte

nt

Email threats 1.0

Spam/malware

Email

Gateway InboxInternet

Legitimate

Mail

Zero Day

BR

AN

D -

Co

nte

nt

Where gateway security fails

Corporate

InboxEmail High Reputation Sender Zero-Day Links No malicious Payload

Social Engineering

Reputation Filter | Content Filter | Advanced Threat Protection

✓ ✓ ✓

BR

AN

D -

Co

nte

nt

Email threats 2.0

Spam/malware

Email

Gateway InboxInternet

Legitimate

Mail

Zero Day

Brand

ImpersonationBusiness

Email

Compromise

(BEC)

Distracted

Emailing

Purchased

Credentials

Personal

Accounts

Conversation

Hijacking

Account

Takeover

(ATO)

BR

AN

D -

Co

nte

nt

Move prevention to point of risk

Prevention

• Email Gateway

• Archiving/BackupPoint of ingress/egress

BR

AN

D -

Co

nte

nt

Move prevention to point of risk

Point of ingress/egress

Point of risk

Prevention

• Email Gateway

• Archiving/Backup

• Inbox BEC Prevention

• Service Impersonation

Prevention

• User Training

• User Simulation

BR

AN

D -

Co

nte

nt

Invest in detection and response

Prevention

• Email Gateway

• Archiving/Backup

• Inbox BEC Prevention

• Service Impersonation

Prevention

• User Training

• User Simulation

Detection

• ATO Detection

• Conversation Hijacking

Detection

• Threat Hunting

• Brand Spoofing

Detection

Response

• Post Delivery Cleanup

• Password Reset

• User Reported Message

Triage

BR

AN

D -

Co

nte

nt

According to Gartner

Technical professionals must understand end user’s role in phishing detection and the human role of the incident responders during phishing response.

- Mario De Boer, Gartner

BR

AN

D -

Co

nte

nt

Gartner also says..

The email security market is starting to adopt a continuous adaptive risk and trust assessment (CARTA) mindset and acknowledge that perfect protection is not possible. As a result, vendors are evolving or emerging to support new detect and response capabilities by integrating directly with the email system via API.

BR

AN

D -

Inte

rtitle

How do we get there?

BR

AN

D -

Co

nte

nt

The next frontier – detection and response

O365 | Gsuite | Exchange

In/Outbound

Security

Encryption and

DLP

Archiving for

ComplianceGateway Defense

API Inbox Defense

Phishing Simulation and TrainingAwareness

Cloud BackupResiliency Email Continuity

AI for Social

Engineering

Brand Protection

DMARC Reporting

Account Takeover

Defense

Detection and

Remediation

BR

AN

D -

Co

nte

nt

The email gateway is the foundation of defense

Inbound & ATPProtect inbound mail from spam, malware, and advanced zero-day attacks

Use ATP and sandboxing to block malicious attachments

Outbound

Encryption &

DLP

Protect outbound email from distribution of spam and malicious email

Stop data leaks with secure messaging, data loss prevention, and encryption

Email Continuity Stay connected during downtime and continue to send and receive email

Ensure business continuity and keep your staff productive

BR

AN

D -

Co

nte

nt

Message Archiving for Efficiency and E-discovery

Archiving for

Compliance

Retain and preserve email with tamper-proof, policy-based email archiving

Stay compliant with requirement and address eDiscovery requests

BR

AN

D -

Co

nte

nt

Building resiliency to mitigate risk of downtime

Cloud BackupProtect your data from accidental or malicious deletion with cloud back up

Recover and restore data quickly and easily to minimize downtime

BR

AN

D -

Co

nte

nt

Barracuda Sentinel

Barracuda Forensics and Incident Response

BR

AN

D -

Co

nte

nt AI for real-time spear phishing prevention

• Trained on 2.5 million mailboxes

• <1:1,000,000 false positive rate

• Detects attacks gateways can’t see

Detect and remediate compromised accounts• Supports incident response workflows

• Internal threat protection

Brand fraud prevention with DMARC reporting• Instant visibility into brand use and misuse

Fraud prevention and inbox defense

BR

AN

D -

Co

nte

nt

BR

AN

D -

Co

nte

nt

Commonly impersonated web services

Enterprise Consumer

BR

AN

D -

Co

nte

nt

Incident response today

`

• Manual search for other recipients of malicious mail

• Unconnected systems lead to tedious manual checks

INVESTIGATE

• Manually remediation

• Quarantining malicious mail takes too long

RESPOND

• Users don’t always report attacks

• IT investigations take too long

IDENTIFY

> 30 min 2-4 hours 1-4 hours

BR

AN

D -

Co

nte

nt

Automate incident response

IDENTIFY INVESTIGATE RESPOND

Identify through Forensics

& Insights

Reported by

Employees

Search for other

recipients

Create an incident

Find users who clicked on

links

!

Block future attacks

Remove malicious email

from users’ inbox & send

alerts

2 – 10 min

BR

AN

D -

Inte

rtitle

Forensics and Incident Response

Standalone

BR

AN

D -

Co

nte

nt

Barracuda PhishLine

BR

AN

D -

Co

nte

nt

Not Just Email

Email USB Drive

SMS Voice

BR

AN

D -

Co

nte

nt

Why is Barracuda Email Protection Unique?

Spam/malware

Secure

Email

Gateway

Mail Server Corporate

Inbox

ExecutivesInternet

Legitimate

Mail

Zero Day

BR

AN

D -

Co

nte

nt

The Forrester WaveEnterprise Email Security

Q2 2019

BR

AN

D -

Co

nte

nt

Resources and tools

Learn more from us• https://www.barracuda.com/totalemailprotection

Leverage Email Threat Scanner to find threats• https://scan.barracuda.com

14-day trial • https://www.barracuda.com/essentials

Thank You