We’re seeing several strong reasons for organizations shifting their email workloads to the cloud. First, users have already embraced these solutions for personal email accounts, so less training and support is required. And, perhaps more importantly, cloud provides significant savings for government agencies, which is why the White House advocates for accelerated adoption of cloud email and collaboration tools.
However, moving email to the cloud presents challenges for government departments and agencies. Cyber attacks have rapidly evolved over the past decade, making them difficult to counter. Some examples include attachments with sophisticated multistage attacks, deceptive URLs, and impersonation tactics where executives’ names are used to deceive employees and encourage them to act on instructions within the email. Additionally, the dramatic uptick in mobile device usage, in which email apps often simplify email headers, compounds these challenges.
Unfortunately, the attacks are escalating with cloud use. In our M-Trends 2019 study, we found that as more organizations move to software-as-a-service and cloud offerings, attackers are following that data. In fact, FireEye has discovered that cloud users are being targeted more than the cloud infrastructure itself. The attackers use phishing, client-side exploits, or victim missteps – and sometimes all three – to acquire valid credentials and authenticate to the cloud.
In addition to implementing security technologies, the key to countering these attacks is having the ability to continually adapt by leveraging victim- and adversary-derived intelligence. This is where FireEye can help.
A Holistic Email Security Solution
First, it’s worth noting that FireEye Email Security Cloud Edition for Government is the only service that facilitates cloud email adoption with a FedRAMP-authorized service, while also supporting Continuous Diagnostics and Mitigation (CDM), Trusted Internet Connection (TIC) initiatives and the Department of Homeland Security’s Binding Operational Directive 18-01. Specifically, FireEye Government Email Threat Prevention integrates with legacy TIC gateways, the GSA Managed Trusted Internet Protocol Service, and evolving TIC version 3 guidance.