Issue link: https://insights.oneneck.com/i/1206066
© 2017 Cisco and/or its affiliates. All rights reserved. 09/17 Buyer's Criteria for Email Security Cisco security research 5 shows your organization needs an email solution that delivers on five critical requirements to ensure the deeply layered protection your business needs today and in the future. 1. Effective intelligence, analysis, and response across your security posture 2. Rapid retrospective remediation 3. Protection against BEC 4. Protection against data leakage and risk from outbound email 5. Encrypt sensitive business information Requirement 1: Effective Intelligence, Analysis, and Response Across Your Security Posture As cyber attacks have become more sophisticated, so has the security deployed against them. Cybercriminals now deploy a wide range of threats that challenge traditional security methods. To be effective, your email security solution needs to go beyond the basic perimeter tools that inspect email at a single point in time. In addition to covering the basics, it must also integrate multiple layers of security in a more holistic approach that continuously analyzes threats and monitors traffic trends. With this approach, your solution can react rapidly to threat indicators based on the very best intelligence. This gives your security team the level of deep visibility and control it needs to reduce the time to detection (TTD) 6 of an attack, scope the event, and contain malware before it causes damage. How Cisco Provides Effective Security Across Multiple Vectors Cisco deploys a number of methods to create the multiple layers of security needed to defend against multiple attack types. • Geolocation-based filtering safeguards against sophisticated spear phishing by quickly controlling email content based on the location of the sender. • The Cisco® Context Adaptive Scanning Engine (CASE) provides spam capture rates greater than 99 percent and an industry-low false positive rate of less than one in one million. • Automated threat data drawn from Cisco Talos™ identifies threats with increasing speed, reducing TTD and exposing even the newest zero-day attacks. • Advanced Malware Protection (AMP) delivers global visibility and continuous analytics across all components of the AMP architecture for endpoints and mobile devices and in the cloud and network to identify malware based on what it does, not what it looks like. • AMP also provides persistent protection against URL-based threats via real-time analysis of potentially malicious links. Faster Detection Reduces Potential Harm Cisco has lowered the median TTD from just over 39 hours in November 2015, when the company first started tracking, to approximately 3.5 hours for the period of November 2016 to May 2017. Source: Cisco 2017 Midyear Cybersecurity Report. Cisco (July, 2017). Threat Intelligence Talos is Cisco's team of more than 250 full- time threat researchers, who track new and emerging threats. Intelligence is gathered from a wide range of sources, including other Cisco security products, which is then shared with Cisco Email Security customers for more effective protection. By seeing a threat once and blocking it everywhere, Talos provides best-in-class protection and safeguards against blended attacks as they are emerging and blocks them. 5 Cisco 2017 Midyear Cybersecurity Report. Cisco (July, 2017). https://www.cisco.com/c/m/en_au/products/security/offers/cybersecurity-reports.html 6 Cisco defines time-to-detection (TTD) as the time between a compromise and the detection of the threat.