And why are some businesses overconfident that they are secure?
A true story: There was a team manager, a head of IT and a chief financial officer. I asked each if they considered their network to be secure, hacked or in some other state.
The ex-military team manager was supremely confident that the secure network was, as its optimistic name suggested, secure. The IT manager said, “I don’t know,” and the CFO said, “I don’t know, and does it matter?”
Email Security Services test: Enterprise and Small Business test explained
This report examines the effectiveness of five email security solutions. Microsoft Defender for Office 365 and Google Workspace Enterprise are commercial email platforms. Trellix Email Security, WithSecure Email Security and Mailcow Open Source solution are third-party ‘add-on’ services designed to provide additional security. Of the ‘add-ons’, the services from Trellix and WithSecure are commercial, while Mailcow’s is open-source.
Why do organisations think they won’t be hacked?
There are a couple of common reasons why people don’t think their organisations will be hacked. One is that their security is the best. Another is that they don’t think they are a worthy target. But all businesses are targets because they are designed to make money. And if they cannot operate then they can’t perform their main function – making money.
Hackers know this and extort money from victims by stealing their data and threatening to release it to the public, exposing victims to large regulatory fines and litigation. And, of course, there’s the embarrassment factor of looking amateur. Hackers can also encrypt data on business systems, paralysing companies until they pay up (or restore from backups).
Do hackers discriminate?
Hackers discriminate, so not everyone faces the same level of risk. But, as we can see from the groups of attackers that we emulate in this test, they search widely for targets.
APT32 has attacked a wide range of companies, although it focuses on Asian targets. Exotic Lily likes to target IT companies with ransomware. APT38 goes straight for the money, picking on banks and other financial institutions (including cryptocurrency exchanges), while APT41 engages in espionage against healthcare organisations in specific territories.