According to IBM’s Cost of a Data Breach 2024 Report, compromised or stolen credentials and phishing were the two most prevalent initial attack vendors, accounting for between 15 and 16% of data breaches recorded, costing businesses around $4.81 million per breach.¹
RELATED: Kaspersky reveals phishing emails that employees find most confusing
With this in mind, the experts at cybersecurity and compliance company Kiteworks have shared their advice on how organizations can prevent workplace emails from being hacked and what to do if your workplace email is compromised.
1. Use secure email to send and receive sensitive content
Organizations can ensure the security of their employees’ emails by using a secure email service to send and receive content. Using a secure email service typically involves encrypting the email, including the email body and any attachments, in its journey from sender to recipient. Encryption lets you keep your email communications private and confidential and helps organizations comply with data privacy regulations like HIPAA and GDPR. In addition, an email protection gateway (EPG)ensures both the sender and recipient use the same encryption standard, obviating the potential of exposed content prior to receipt.
2. Regularly change your password
Keeping email communications private ensures that PII, PHI, and IP does not fall into the wrong hands. Require employees to use strong, unique passwords for each workplace-related account and change them regularly. Consider using a password manager to help manage complex passwords.
Choosing strong passwords and utilizing other forms of data access controls like multi-factor authentication (MFA) are also vital for safeguarding accounts and their sensitive content from cyber criminals. A six-character lowercase password can be cracked within minutes. Ensure password strength by creating long and complex passwords, with at least eight characters and special symbols.
3. Avoid clicking links in emails
Cyber criminals regularly use email as a way of tricking employees into sharing sensitive data like credentials to access email and bank accounts. This is known as “phishing.” An effective way to safeguard your organization from phishing is to provide training to employees to identify what a typical phishing attack can look like. In addition, ensure that your employees are trained to report any suspicious emails or potential threats to the IT department or designated security team immediately.
For example, educate employees to exercise extreme caution when clicking on links in emails, even if they appear to come from trusted sources. Sometimes, these messages can appear to come from people within your organization. Encourage employees to pay attention to the spelling and grammar used in emails and to hover over links to verify their destination before clicking.
Always verify the sender’s email address or social media profile to ensure it appears correctly. Be wary of subtle misspellings or variations that might indicate a fraudulent sender. If an employee questions the veracity of the sender’s identity, she or he should directly contact the sender through a known and trusted communication method to verify the legitimacy of the link.
4. Avoid using public Wi-Fi
Employees working during their commute or remotely from a public area will generally use a public Wi-Fi connection. Using a public network for sensitive communications opens employees, their organizations, and their sensitive data to risks. Examples include MITM attacks, where hackers intercept your email traffic, and malware injection, which installs malicious software to access your email accounts, steal data, or damage your system. These and similar attacks can have severe consequences such as identity theft, financial loss, reputation damage, and legal liability if any confidential data is exposed.
As an alternative to using public Wi-Fi, offer employees access to a Virtual Private Network (VPN) which establishes a secure, encrypted connection between their device and a remote server. Additionally, implement secure email protocols like SSL/TLS or STARTTLS to encrypt all messages and attachments.
5. Use antivirus software and encryption services
Antivirus software plays a crucial role in defending against email-based attacks by scanning incoming emails and attachments for viruses, and by providing real-time protection through a firewall that monitors network traffic. For more advanced forms of malware like advanced persistent threats (APTs), consider investing in advanced threat protection (ATP) solutions.
Ensure that your organization has robust antivirus solutions in place and that they are regularly updated to incorporate the latest security patches and threat definitions. Regularly updating your antivirus software is essential for maintaining optimal protection against evolving threats.
6. Develop an incident response plan
To quickly address any security breaches like the ones we’ve discussed, organizations should develop and regularly update an incident response plan. An incident response plan is a predefined strategy that outlines the necessary steps to take when an organization detects a security breach.
It involves technical responses, communication guidelines, and a step-by-step recovery guide to eradicate the threat, communicate progress to stakeholders, and restore operations. Additionally, consider collaborating with national or regional fraud and cybersecurity services to report significant threats, which can aid in preventing potential cyberattacks and enhancing overall organizational security.
Patrick Spencer, spokesperson at Kiteworks, has shared their thoughts on what to do if workplace emails are compromised:
“With approximately 3.4 billion malicious emails circulating daily, it is crucial for organizations to implement strong safeguards to protect against phishing and business email compromise (BEC) attacks. If workplace emails are compromised, an organization should immediately initiate its incident response plan, which includes isolating affected systems, conducting a thorough investigation to determine the extent of the breach, and notifying relevant stakeholders.
To effectively combat phishing and BEC attacks, organizations should focus on comprehensive employee training to recognize common attack methods and cybersecurity risks. Adopting email authentication protocols and verifying the legitimacy of email senders are also essential steps. Additionally, employing email encryption, enforcing rigorous financial controls such as two-step verification, and conducting regular security audits will help detect and respond to unusual activities promptly.
Protecting personally identifiable information (PII), protected health information (PHI), and intellectual property (IP) is equally important to avoid potential regulatory fines. Organizations should ensure that all sensitive information is identified, classified, and protected with strong encryption methods like AES-256. Employees should be trained on the proper handling of confidential content, covering identification, protection, and incident response. Regular monitoring and auditing of security practices will help maintain compliance with evolving regulations and emerging threats.”
Credit: https://www.kiteworks.com/platform/simple/secure-email/.