the security executive’s guide to a secure …...1 the security executive’s guide to a secure...
TRANSCRIPT
THE SECURITY EXECUTIVE’S GUIDE TO A SECURE INBOX How to create a thriving business through email trust
FORWARD
“Today the role of the CISO is evolving rapidly. Gone are the days of the CISO as primarily a technologist and reactive fire fighter. In the current threat environment CISOs need to build relationships with other C-suite executives, positioning security as a business & financial risk area worthy of continuous board level attention, and advocating proactive investments to mitigate security risks before the bad news hits. Agari’s solution is a great example of this type of proactive investment. A quick security win which mitigates brand risk, protects customers from harm by email cyber-criminals, and positively impacts the top line.”
—Steve Katz
World’s first Chief Information Security Officer
Former CISO at Citigroup and JP Morgan
Owner, Security Risk Solutions
INTRODUCTION—THIS GUIDE IS FOR YOU
NEW CHALLENGES FOR THE
SECURITY EXECUTIVE
AGARI—YOUR STRATEGIC PARTNER
CONCLUSION
TABLE OF CONTENTS
1
3
5
8
Email delivers revenue to your business. It brings customers,
improves loyalty, and reduces customer acquisition costs.
Protecting company email is a critical security initiative.
Hundreds of companies are victimized by cyber criminals
every month through email scams, fraud, and phishing.The
cost to these companies reaches into the billions of dollars
and has a powerful effect on their brand reputation.
Agari understands the pressures you face as security
becomes even more important in your company. We also
know how important your specific technical and leadership
skills are to assessing and managing your changing business
environment. However, increasing importance placed on
information management, risk management, brand protection,
partner-relationship management, and other business
functions will move you further away from your technical
role and into the wider business spotlight.
“CISOs can play a significant role in transforming security from a set of technologies designed to protect business operations (which is inherently an internally focused approach) to cybersecurity as an important part of the organization’s overall value chain” 1
1 THE SECURITY EXECUTIVE’S GUIDE TO A SECURE INBOX
1 Forrester Research. “Twelve Recommendations for your Security Program in 2015.”
March 12, 2015.
MAKE BRAND PROTECTION
A CORE MISSION OF THE
SECURITY TEAM.
— Forrester Research 1
INTRODUCTION
THIS GUIDE IS FOR YOU1
The security executive function is evolving to include
business objectives related to privacy, centralized global
compliance responsibility, and mastering data analytics, data
retention, and even knowledge management—all revolving
around information risk management practices. Your position
will have newfound visibility and responsibility. You will be
asked to make security decisions to protect your company
and deliver positive ROI, profitability, and sustainability. You
and your company will both benefit as the focus of your role
moves from technology to exercising the business skills and
relationships necessary to truly add value to your company
and its customers.
The security executive position is evolving into that of a
business manager specializing in change management with
refined information security skills. These skills are necessary
to maintain efficient, reliable security processes for your
company, as a security breach can mean a loss of revenue and
may give your competition an advantage. A major security
breach is now considered to be one of the highest business
risks facing companies today.
Agari created this guide for you—the security champion.
We recognize that a critical part of the security executive’s
business acumen is having a secure, trusted email channel
as a core component of a company’s risk management strategy.
2 THE SECURITY EXECUTIVE’S GUIDE TO A SECURE INBOX
1 INTRODUCTION
THIS GUIDE IS FOR YOU
1
NEW CHALLENGES FOR THE SECURITY EXECUTIVE
With a strong, secure risk management system in place,
you’re able to deliver maximum value to stakeholders. But
tenacious cyber criminals still stand in your way, looking to
harness your brand recognition for their own personal gain.
Cyber criminals continue to abuse legitimate companies
through a combination of tactics ranging from forged and
spoofed emails, look-alike domains and phishing sites to
social media hacks, and brand jacking through fraudulent
and malicious mobile applications. Various technologies have
been developed to alleviate the widespread problem of email
phishing, but only a few solutions have warranted the time,
money, and effort to actually justify their implementation.
Cybercrime continues to escalate, frustrating businesses
and impacting their reputations, brands, and ultimately,
customers’ trust.
» Phishing increased 700% from 2008-2012—67% of those
attacks targeted financial and payment service companies.
(DMARC)
» Bad customer experiences cause decreases in both user trust
and activity. Over 42% are less likely to interact with a brand
after being phished or spoofed. (CloudMark)
» The Online Trust Alliance found that as much as 90% of
some companies’ emails are spoofed, yet only 26% of these
companies use any form of email authentication.
3 THE SECURITY EXECUTIVE’S GUIDE TO A SECURE INBOX
2
BAD CUSTOMER EXPERIENCES CAUSE DECREASES
IN BOTH USER TRUST AND ACTIVITY. OVER 42% ARE
LESS LIKELY TO INTERACT WITH A BRAND AFTER
BEING PHISHED OR SPOOFED. (CloudMark)
42%
» A successful attack on 500 customers can cost
a company up to $1.4 million (Cisco Systems)
» Email attacks are becoming increasingly sophisticated
making it more difficult to detect and prevent. In fact,
97% of people globally cannot identify a phishing email.
(Intel Security)
These threats aren’t just security concerns—they’re business
concerns. In fact, the number of business emails sent and
received per day will grow 13% annually over the next four
years to reach more than 143 billion by the end of 2016
(Radicati Group). You have the opportunity to convey these
threats to your company’s senior management and align
yourself with other leading security executives who are
solving these problems.
4 THE SECURITY EXECUTIVE’S GUIDE TO A SECURE INBOX
2
YOU HAVE THE OPPORTUNITY TO
CONVEY THESE THREATS TO YOUR
COMPANY’S SENIOR MANAGEMENT.
NEW CHALLENGES FOR THE SECURITY EXECUTIVE
As a security executive, you’ll benefit from having a strategic
partner like Agari that can add value from day one, and can
assist you in becoming the security expert your company
needs in this changing business environment.
Agari is the only enterprise-ready solution with a proven
record in the cyber-security industry for companies looking
to establish a trusted email channel. Agari will always prioritize
reducing risk within your email ecosystem. This facilitates
protecting your company’s brand and reputation, while
positively impacting revenue. Agari exclusively focuses on
solving the email security problem—and we nail it, which
makes us your perfect security partner.
A partnership with Agari can positively impact the relationships
the security executive has with the rest of the executive team–
supporting them in their areas of responsibility. Together with
Agari, you can help:
» CEOs concentrate on returning shareholder value by
driving business growth. By partnering with Agari, you can
create a trusted email channel that assists in developing more
meaningful, lasting customer relationships. Keeping your
company’s data, network and customers secure from attacks
will allow your CEO to stay focused on growing the business.
.
5 THE SECURITY EXECUTIVE’S GUIDE TO A SECURE INBOX
3 AGARI
YOUR STRATEGIC PARTNER
» CIOs conserve security resources. By working in tandem
with your CIO, you can ensure staff member time is leveraged
in the most efficient manner possible, by letting Agari manage
the security of your outbound email channel. That way, you
can redeploy resources to other important projects while
Agari works with you to provide accurate and actionable
intelligence to make your security team more effective.
» CMOs develop and implement successful marketing
campaigns to increase brand growth and brand equity.
Agari ensures that your marketing team is in charge of your
brand’s first impression to customers, not cyber criminals.
Understanding and communicating the benefits of a trusted
email channel with your CMO will empower them with the
knowledge that their marketing dollars are well spent. With
Agari Customer Protect, you will retain customers, increase
existing customers’ share of wallet, and be able to acquire
new customers at lower costs.
6 THE SECURITY EXECUTIVE’S GUIDE TO A SECURE INBOX
3 AGARI
YOUR STRATEGIC PARTNER
FOCUSING ON BRAND
PROTECTION WILL ALLOW
S&R PROFESSIONALS TO
GAIN THE SUPPORT OF THEIR
CHIEF MARKETING OFFICERS
(CMOS), RAISE THE PROFILE
OF THE SECURITY TEAM,
AND INCREASE THE FIRM’S
ATTENTION ON SECURITY
MEASURES THAT HELP AVOID
BRAND-DAMAGING EVENTS
SUCH AS DATA BREACHES,
SOCIAL MEDIA HACKS, AND
CYBER ESPIONAGE.— Forrester Research 2
2 Forrester Research. “Twelve Recommendations for your Security Program in 2015.”
March 12, 2015.
» CLOs minimize lawsuits and keep legal expenses down.
A strong understanding of compliance and government
regulations surrounding your industry will help you work
closely with your CLO to meet shared objectives. Agari
Customer Protect allows you to do more to proactively
protect your customers while minimizing potential risk
from lawsuits, in the wake of targeted cyber attacks
and data breaches.
» CFOs maintain a secure, consistent business environment,
which facilitates budget preservation. Agari can minimize
some of the unexpected costs that result from a targeted
attack or campaign that has damaged a company’s brand.
Some of these potential unexpected costs include: increase
in customer service spend, security triage, and public relations
fallout post-breach. Deployment of solutions such as Agari
can also reduce a company’s cyber insurance premiums.
7 THE SECURITY EXECUTIVE’S GUIDE TO A SECURE INBOX
3 AGARI
YOUR STRATEGIC PARTNER
Internally focused cyber defense is not enough...The standard security model needs to change from one of compliance—meeting basic standards for data protection—to one that engenders trust among the customer base. Protecting customers, their data, and their experience should be the security function’s No. 1 priority.3
Your career path and job requirements are evolving and will
look very different in the near future. Opportunities abound
for the security executive who is willing to be a business leader.
You have the skills and expertise to take advantage of them by
adding unprecedented value for your company.
Learn more about how Agari Customer Protect has partnered
with other security executives at Fortune 500 companies here.
8 THE SECURITY EXECUTIVE’S GUIDE TO A SECURE INBOX
CONCLUSION4
3 Forrester Research. “CISOs Need To Add Customer Obsession To Their Job Description.”
September 4, 2015.
LEARN MORE
North America +1 (650) 627 7667
Europe +44 (0)20 8973 2600
www.agari.com • [email protected]