We know cybersecurity is important in theory, but here’s a real-life example to help illustrate the point. An email was received from a known, trusted vendor that included a link to view a recent invoice. The vendor’s employee who sent the email typically doesn’t send invoices, but the link to view the invoice was not malicious, and linked to a Sharepoint site, so it was assumed to be safe. However, the Sharepoint site had a spoofed Sharepoint/OneDrive document with malicious links which, when clicked on, download something malicious or ask for login information. Thankfully, the links were not followed, but had they been, this story would have a much different ending.

Let’s take a look at email security and the layers that apply. Social engineering is one of the top attack vectors used today by bad actors, and email is the primary way these bad actors execute their attacks. The primary mitigant to put in place is an email filtering tool that reduces the number of malicious emails that make it to a user’s inbox. This should be enough, right? Since this email went to the recipients inbox, the email filter failed to filter a malicious email. This will probably happen again because the link in the email was not malicious, the sender header information matched, there weren’t malicious attachments, etc.

This is where the other layers are key. A DNS or web filtering tool most likely would have prevented the user from going to the second malicious website. If the DNS or web filter failed, a malware protection filter may have prevented the download of something malicious. If the malicious website was asking for login information then it’s up to the user to know not to enter their information.

In addition to technology, security awareness training prevented this malicious email from becoming a cybersecurity compromise. The user recognized, through email phishing campaigns, live training sessions, and leadership reminders, that something was off when the email was received. In addition, if the malicious website was asking for login or sensitive information, security awareness training may have thrown up the mental flags for the user and stopped the attack.

So take a look at your current cybersecurity approach and your layers of protection. Your defense should include technology, but user training is also crucial to the overall effectiveness of any cybersecurity program. Different solutions cover areas that may not be protected by the other solutions. Properly selected, configured, implemented and managed, these solutions will greatly reduce the risk of a cyber attack.