Every business that takes cybersecurity seriously has a multi-layered approach to defending its uptime and data against the ocean of current threats. In 2021, those menaces range from ransomware to software supply chain attacks to breaches of cloud data repositories. To fight them, we deploy a variety of technologies in front of and inside our applications, networks and endpoints. We hire tech staffers skilled at threat hunting and vulnerability management. We drill our employees on good password hygiene and security awareness. And where do attackers still defeat our carefully, expensively constructed array of cybersecurity countermeasures? Email.
That’s right: Dull, ubiquitous, ancient-but-still-essential email provides the means for delivering a whopping 94% of successful malware-based cyberattacks, per Verizon’s 2021 Data Breach Investigations Report. These inevitably involve phishing: Emails that use social engineering techniques to lure unwitting users into trusting the purported sender enough to click on a link or open an attachment, catalyzing a ransomware attack or worse.