Cyber Security Blog

Experts Speak: What’s the importance of email resiliency

Written by Aditi Uberoi | 3 February 2020

How important is email resiliency? India’s top CISOs answer that question!

It is evident that email resiliency is of vital importance in the world that we inhabit today, where almost all communications take place via our inboxes. Yet, many organisations fail to recognize the importance of this aspect in their cyber resilience strategy and don’t end up taking appropriate measures to ramp up their security infrastructure in terms of email. 

At Cyber Management Alliance’s recent Wisdom of Crowds event in Mumbai, we got the chance to speak with 9 experts from India’s cybersecurity and IT landscape where they delved deeper into this subject. Here are their thoughts on what makes email resilience of paramount importance today!

Listen to the full interviews below:

 

Anoop Das, Enterprise Manager, Middle East & India, Mimecast“91% of threats come through email. If you are able to secure email, that is the number one factor to consider. Number two is when you ask about resiliency in the email; so security is the key, continuity is the key because email is the largest communication tool for any organisation of today. And in case email stops it disrupts the business”.   

Amol Desai, CISO, Reliance Nippon Life Insurance“Email is one infrastructure which has to be very real-time, and downtime of an email infrastructure has a lot of repercussions. So resiliency or continuity should go hand in hand with the business continuity plan. It plays a very vital role. Downtime of email is as good as a major intermission for business.”

Mandar Kulkarni, CISO, Grasim Industries“Many business leaders do mention to me as well as to the other IT experts that as per the IT(information technology) practice is concerned; the SAP and Emails are their top two priorities to run their business uninterruptedly. They want these systems to be always available. The business continuity and availability of these systems are of paramount importance for our businesses. If any disruption in email and URP takes place, all of the business processes will get impacted. So, I think email resiliency is of paramount importance. But again, it is easier to say than to implement resiliency as I believe, we still need to do more on improving email resiliency.”

Avinash Prasad, Vice President & Business Head, Tata Communication“As the Internet users, we know that half of the websites consider your email address as the login Id. So, email is pretty much an important part of every individual as well as every user’s attributes in the digital world today. So, if the email system is so intrinsic and it is commonly used in a variety of attacks & to do compromises with users; I would say email resiliency should be there to secure your systems. Every dollar that is spent on email resiliency pays back its full value. The critical aspects of email resiliency are the practices of users across personal and official emails because the information crossover could happen between these two facets. Therefore, investing in email resiliency is highly valuable.”

Shreyas Vyas, Head of IT, Compuage Infocom Ltd“Email resiliency is one of the biggest exposures today because of the number of people who are involved in it and we see that whatever threat protection you take, there will be unknown threats that will be still coming in. And whatever number of information you give and the training you give to your staff, it is still inefficient. So, email resiliency is very important.”

Naresh Kumar, Assistant Vice President, Cybersecurity, DBS Bank“Email is the essential part of any business communication in today’s World. So, if any organisation goes out of business due to an email breach, then that company cannot survive in the market and it may go out of the business and competition will take up their stake. Therefore, it is very important for any organisation to maintain the resiliency in email and to have in place the required solutions, high availability services. The tools should be in high availability mode, an adequate backup will be taken and available whenever required for the immediate restoration.”

Aman Malhotra. Sr. Manager, Cybersecurity & Data Protection, TUV, SUD“I remember an incident that I had witnessed in my career; the hackers actually tracked the schedule of a CEO. They knew he was taking a flight to the UK. As he was flying at 6 O’clock, they emailed the CFO at 6:30. The CFO tried calling the CEO but his phone was off. The CFO had to respond to the email and did the transaction. So, to prevent these types of incidents, your email security should be very high. A lot of people nowadays say that they receive emails from themselves, so that is also one thing. Therefore, email resiliency is one of the most important things.”

 

Sudhir Kanvinde, Executive Director, IT, IPA, Ministry of Shipping, GOI“We hear about various security breach incidents occur in the IT world. And on the Internet, there are some sites, where you can create your email Id, free of cost. By using those email Ids, anybody can send emails to anyone at any destination, by any means to get access to his inbox. At the same time, it’s very important to educate our resources, our staff to handle such situations.”

Mayank Mehta, Head-Information Security, Axis Financial Limited – “When it comes to email resiliency, we must take care of all the private emails that we are receiving regularly. Here, we need to ensure the integrity of the email and we, as individuals and employees should also ensure that we are receiving genuine emails, not from any unauthorised sender.”

Subscribe to the Cyber Management Alliance YouTube channel for more insights and interviews from leading cybersecurity executives across the world: https://www.youtube.com/channel/UCm-r7aanAKPc8bu-FqaTVyw