The Case for 24/7 Threat Monitoring

You wake up, wipe the sleep away from your eyes, among the first things you do is to reach over and grab your phone. Your work day hasn’t officially begun, but you’re already looking through your emails. The night before? A similar process, but in reverse. According to a Good Technology survey, 68 percent of professionals check their work email before 8 am and another 50 percent check it while in bed. It doesn’t end there though, as 38 percent commonly break from the dinner table to look through their work emails, too.

The idea of a 9-5 work schedule is a thing of the past, and the further up your career ladder you go, work only consumes more of your seconds and minutes each day. A full 44 percent of professionals stated in an American Psychological Associate survey that they even check work emails while on vacation, with 1-in-10 checking hourly.

We may have buried the lede here, but all of this ties directly back into the security of both your organization and employees: email threats don’t stop just because people leave the office. In fact, we have the data to prove it:

24 7

Based on anonymized data from clients, we were able to get a general scope for the volume of reported suspicious emails across a 24-hour window of time. From there, our team classified the types of threats that were identified thanks to our Phishing Threat Monitoring service. As you can see, there are certainly a couple of hours of downtime, but throughout the rest of the day emails are still being received, opened, potentially engaged with, or reported. But what about weekends?

24 7 part 2

Based on a typical seven day work week we see that weekends are certainly low points in reported emails, but the spike on Monday and Tuesday correlates with emails received on Saturday and Sunday.

So what happens when someone within your company reports an email at 8 pm? You could ignore it, another employee clicks on the link, and now they’ve handed over their credentials to a threat actor. Oops.

According to our past informal polls, it’s evident that some internal security teams don’t have the capacity to review and analyze suspicious emails during regular working hours, let alone while they are enjoying a meal with the family. It’s, of course, important to have a life outside of work, but delays between the initial report and analysis only increases the potential window of risk. Risk mitigation is key.

Building out a 24/7 monitoring program is no easy feat, but the return on investment for that level of protection is more than a couple of fewer headaches, but possibly even a few extra meals with the people you care about.



This is a Security Bloggers Network syndicated blog post authored by Elliot Volkman. Read the original post at: The PhishLabs Blog