As the great cloud migration continues, perimeter-based defenses have become obsolete. The vast majority of threats aren’t entering protected environments from breached firewalls. Instead, along with businesses, attackers have shifted to the cloud. And as employees work from anywhere and on any device, cyber criminals are blending both email and cloud vectors for financial gain.
In this changing landscape, security leaders must ensure that existing solutions keep pace with ever-evolving threats. It’s clear that the defend-the-perimeter model of security hasn’t worked for years, and it’s time to make a change. And today, that means starting protection with people.
We’ve seen a significant and accelerated shift to remote work during the pandemic, and it has continued to fuel the adoption of cloud office systems. In fact:
- 71% of companies use cloud or hybrid cloud email
- 73% of the time, cloud breaches involve an email or web application server
- 77% of those breaches also involve stolen credentials
Now we’re at a critical tipping point as threats evade detection by common email security technologies that rely on standard antivirus and reputation. It’s the people factor that ransomware, phishing, and BEC attacks all have in common. Adversaries know that when businesses shift to secure cloud infrastructures, the one thing that doesn’t change is our human nature.
With people often the most vulnerable targets, cyber criminals use attacks that rely on employees opening a weaponized document, clicking a malicious link, entering their credentials or even carrying out demands like wiring money. In this environment, a layered security approach is no longer optional if you want to be protected.
To learn more about the current threat landscape and how to protect against it, download our e-book: Reimagining Email Security, Protecting with People-Centric Email Security in the Cloud Era.
Subscribe to the Proofpoint Blog