SOC teams struggling to detect malicious emails, research shows

SOC teams struggling to detect malicious emails, research shows

A study of IT and security professionals has found that 55% cite the time to detect phishing messages as the greatest challenge facing the SOC/security team in relation to addressing emerging email threats

A study of IT and security professionals has found that 55% cite the time to detect phishing messages as the greatest challenge facing the SOC/security team in relation to addressing emerging email threats.

Performing email forensics on messages received also ranked high with 24% identifying this as the greatest threat they faced while 18% felt it was removing malicious messages from mailboxes where the danger lay.

Conducted among visitors at this year’s Infosecurity Europe by IRONSCALES – an automated phishing prevention, detection and response platform – of the 300 people spoken with nearly everyone agreed (95%) that humans and technology need to work side by side in order to better detect and respond to sophisticated email phishing attacks. Also, 94% felt that automating the SOC team’s manual processes from attack detection to response would greatly reduce the amount of damage that can be inflicted on the company.

Speaking about its findings, Eyal Benishti, CEO and Founder of IRONSCALES, said: “The threat of email-borne attacks continues to pose a great risk to organisations and, as our study found, detecting these malignant messages as they arrive remains challenging for many.

“Ignorance is not always bliss as 55% of those we spoke with confirmed they recognise that not knowing that a threat has arrived within their perimeter leaves them oblivious to the impending danger. Every day these messages are getting past traditional email gateway defences and without the ability to determine what poses a risk and then neutralise it across the entire infrastructure, we will continue to see organisations fall victim to attacks – whether its credential stealing, data breaches or fraudulent transactions.”

When looking at what will help thwart the threat from email borne attacks, the general consensus was that no one tool was sufficient with 38% of organisations looking for a combination of automated email forensics and automated remediation.

They also wanted in-mail banner alerts that would warn users a message may be fraudulent, human verified phishing intelligence that they could act on, and help from artificial intelligence (AI) solutions that could help predict unknown or unverified phishing emails.

Of those who picked just one, 27% said automated email forensics and automated remediation would be the most valuable.

Eyal said: “As confirmed last week, we’ve heard that 54% of organisations continue to be plagued by phishing emails, and with the difference between a malignant email arriving and someone interacting with it just seconds, there isn’t a lot of time for the security teams to discover the attack has started and prevent damage occurring. Organisations need a combination of technical controls capable of making split second decisions and end-user controls for end-users to alert security teams that everything is not as it seems.”

For more information on IRONSCALES, and how it can help prevent, detect and respond to advanced email borne threats, visit ironscales.com

Browse our latest issue

Intelligent CISO

View Magazine Archive