How a Layered Security Approach Can Minimize Email Threats

How a Layered Security Approach Can Minimize Email Threats
Userlevel 2

Attackers frequently adapted their email-based techniques throughout 2022, cycling through new and old tactics in the hopes of evading human and cybersecurity measures. Data from the 2022 OpenText Cybersecurity Threat Report showed a 1,122% increase in phishing in the first quarter of 2022 compared to 2021. Not surprising, there is no sign of a slowdown as email continues to be a primary attack vector in 2023.

An email attack has many ramifications, including reputational damage, compliance violations, fines and downtime - all of which can result in loss of revenue, customers and even business closure. According to IBM, the average cost of a data breach in the United States is $9.44 million -$4.35 million globally. When you consider that the average small and medium business makes $2.1 million per year, you see that most SMBs are unable to sustain a breach.

As if the evolving threat landscape wasn’t enough, staffing issues, due in part to a complex economic environment, mean organizations are left to do more with less. With limited security resources and time, simple but effective security must be a priority.


Understanding Email Risks

While phishing, ransomware, business email compromise and spam are often the primary focus when discussing email threats, risks are not limited to inbound emails. Outbound emails also pose a significant risk. This is especially true when sharing confidential data and personally identifiable information. If not secured, a bad actor can intercept an email. And even if an email is encrypted, it doesn’t mean it is safe. If the sender is infected, they will infect others. Or, in the case of a nefarious employee, if the employee has unauthorized access to sensitive information, they can easily leak information through encrypted email unless policies are defined to control and prevent it.

Threat actors are refining their techniques while doubling down on long-standing phishing tactics and ransomware. They are using deep fakes, artificial intelligence and social engineering to evade defenses. Despite the discouraging numbers, all is not bleak. Data from the 2023 OpenText Cybersecurity Threat Report confirms that building a multilayered approach to defense is core to cybersecurity and cyber resilience.


Implementing a Layered Defense

A layered security approach should include detecting, blocking and filtering out malicious emails and attachments. Email filters can pick up on and quarantine suspicious messages. Artificial intelligence and machine learning can distinguish phishing emails from genuine emails and prevent any malicious content from reaching an employee’s inbox.

Encryption should be used by all companies, regardless of size. Often, smaller businesses forego encryption technology because it is perceived as being too cumbersome or simply not necessary. Encryption technology exists that is built specifically for SMBs and managed service providers; it is easy to use and implement. Look for software vendors that provide the public key infrastructure - PKI - rather than requiring a company to build their own. This greatly simplifies the encryption process as the vendor takes care of the encryption and decryption on behalf of the sender and the recipient. Because the encryption is handled behind the scenes, it is transparent to users.

Another option is a secure portal for use by third parties, partners, customers and others outside of network to initiate the email encryption that can be accessed anytime, anywhere from any device.

Visibility into encrypted email is essential for data loss prevention. To eliminate the threat of unauthorized users leaking sensitive information, implement data loss prevention policies to flag outbound encrypted emails that contain specific phrases, terms in the email header, content, and/or attachments to terms all that can be preset through policies

The ability to customize policies as well as import standard policy templates for compliance mandates such as GDPR and HIPAA can greatly streamline the process. Be sure to check with solution providers about upcharges for policy configurations - they should be included at no additional charge.

Combating email attacks requires cybersecurity and human awareness. Security awareness training teaches people not to automatically trust any email they receive. For even greater protection, add endpoint protection and DNS protection. After all, the more layers, the less likely it is that a threat actor will be successful. And if all else fails, backup and recovery solutions are essential to getting businesses up and running quickly, with minimal disruption.


Want to learn more about Webroot email security? Visit

9 replies

Userlevel 7

Thank you @skumarsamy54 for the post. Good information.

Userlevel 7
Badge +63

Thanks @skumarsamy54 😉



Userlevel 7
Badge +54

Thank you @skumarsamy54 

Userlevel 7
Badge +5

Great article. I’ll be forwarding this on to my team today as it has some great explanations. Thanks 

Userlevel 6
Badge +1

Cheers Connor

Userlevel 6
Badge +1

Thank You @skumarsamy54

Userlevel 7
Badge +4

@skumarsamy54  excellent article thank you Sir. Very good read

A layered security approach can be effective in minimizing email threats. Here are several key components of such an approach:

  1. Email Filtering: Implement robust email filtering solutions that can identify and block known malicious email sources, attachments, and links. These filters can help prevent most spam, phishing attempts, and malware-laden emails from reaching users' inboxes.

  2. Antivirus/Anti-Malware Software: Deploy reliable antivirus and anti-malware software on email servers, endpoints, and network gateways. This software should regularly scan incoming and outgoing emails for any potential threats, including attachments and embedded links.

  3. User Education and Awareness: Educate users about email security best practices, such as recognizing phishing attempts, avoiding suspicious links and attachments, and practicing good password hygiene. Regularly remind them about the importance of being vigilant and cautious when interacting with email messages.

  4. Multi-Factor Authentication (MFA): Enable MFA for email accounts to add an extra layer of security. This way, even if an attacker gains access to a user's email credentials, they would still require a second form of authentication (such as a code sent to their phone) to access the account.

  5. Email Encryption: Implement email encryption protocols, such as Transport Layer Security (TLS), to protect sensitive information during transit. Encryption helps ensure that the content of emails cannot be intercepted or accessed by unauthorized parties.

  6. Incident Response and Monitoring: Establish a robust incident response plan to quickly detect and mitigate any email threats that manage to bypass the security measures. Implement continuous monitoring and logging to identify suspicious activities and potential email security breaches.

  7. Regular Updates and Patches: Keep all email-related software, applications, and systems up to date with the latest security patches and updates. This helps address known vulnerabilities that cybercriminals could exploit.

By combining these layers of security measures, organizations can significantly reduce the risk of email-related threats, enhance their overall security posture, and protect sensitive data from falling into the wrong hands.

Userlevel 6
Badge +6

Great summation, well done.