Will You Integrate Web and E-Mail Security?

E-mail users have become more careful, but hackers have become more sophisticated. In the past, email attacks were mounted en masse and indiscriminately. Recipients would open email attachments, infect their PCs, and then call the IT department for help. Today's email users have better "street smarts". Most won't open unknown links, and many know enough to just delete messages from suspicious senders. So how are corporate computer users and the IT departments that support them faring against a new generation of hackers and attackers?

Unfortunately, malware attacks are on the rise again. According to the Computer Security Institute (CSI), malware infections fell from 2005 to 2008, but then jumped nearly 15% between 2008 and 2009. In the U.K. alone, nearly two-thirds of all organizations were infected by adware, spyware, viruses, worms, Trojans, and root kits. Today's hackers aren't just more sophisticated, they're also more selective. Individuals and organizations are stalked and then attacked, sometimes with financial gain rather than mayhem as the motive. There are also state-sponsored (or at least state-affiliated) events, such as the 2010 cyberattack against Google in China.

In a recent white paper, Fran Howarth of Bloor Research argues that "organizations need to pay more attention to web-based attacks – not merely those coming via email." First-generation signature-based email protection is out-of-date. A modern defense consists of newer, cloud-based services that stop threats from ever reaching the corporate network in the first place. Driving these developments is the growing popularity of social media, which can lead even a savvy email user to click a YouTube video and acquire an infection.

Is your IT department ready to adopt a more integrated approach with Web and email security?

Source: ZDNet Download