Katterine Nodarse

Data loss remains a pervasive issue for companies worldwide. According to Proofpoint’s Data Loss Landscape 2024 report, organizations in Spain have experienced an average of 15 data loss incidents per year, with human error being the primary cause in 72% of cases. The most frequent errors include sending emails to incorrect recipients, accessing phishing sites, installing unauthorized software, and forwarding sensitive data to personal accounts. One of the most critical issues is misdirected email, which poses an operational risk and can also lead to severe legal penalties under GDPR. A company with 5,000 employees can log up to 3,400 misdirected emails annually. This statistic underscores the need for strict Data Loss Prevention (DLP) policies across email, web browsing, and cloud synchronization. A company with 5,000 employees can log up to 3,400 misdirected emails annually. Solutions for Data Loss Prevention (DLP) To address these risks, Clean Email integrates the Adaptive Email DLP module, an AI- and machine learning–powered solution designed to detect and mitigate data loss before an incident occurs. Its analytical capabilities assess email content, recipients, and attachments prior to sending, identifying potential risks in real time. In addition, the Adaptive Email DLP provides intelligent alerts that notify users of potential mistakes, preventing accidental sensitive information transmission. The solution can also enforce automated security actions such as message encryption, email blocking, or administrative alerts, depending on the risk level detected. Implementing advanced solutions allows organizations to automate security, reduce exposure, and ensure regulatory compliance. Thanks to its adaptive approach, it can recognize unusual behavior patterns and dynamically adjust security policies to prevent accidental and intentional data leaks. Benefits and regulatory compliance Beyond mitigating human error, Adaptive Email DLP helps companies meet the requirements of frameworks like GDPR, HIPAA, CCPA, DORA, and NIS2, thereby minimizing legal exposure and protecting sensitive data. Its integration with other security tools enables centralized data protection management, streamlining audits and regulatory compliance. Adaptive Email DLP supports context-aware policy enforcement, ensuring a balance between security and productivity. In a digital environment where email remains a critical communication channel, misuse can have serious legal and operational consequences. Deploying advanced solutions like Adaptive Email DLP enables companies to automate security, reduce risks, and meet compliance standards—without compromising operational efficiency. Cyber Security How Clean Email and Security Edge protect your supply chain? October 10, 2024

All companies need to rely on others to build their business processes and to build the products and services they provide to their customers, with maximum quality and efficiency. These 'third parties' are their suppliers, partners, and collaborators, who supply them with materials, products or services. This is what we know as the supply chain. The supply chain is a highly attractive target for cybercriminals. Many of the partner companies that make up the supply chain can often have entities that are less able to protect themselves against cyber threats, making them the weakest link in the security posture of the company they serve. More and more attacks on companies are attributable to the exploitation of their suppliers' vulnerabilities. In these attacks, instead of launching a direct attack against the target company's systems, networks or employees, the attacker infiltrates an entity that is part of the supply chain to take advantage of the trust and access that entity enjoys in the target's systems. ⚠️ Not only direct suppliers or third parties should be of concern, but also fourth or nth parties. These are suppliers with whom we do not have a direct relationship, but who are linked to our direct suppliers, their suppliers or their suppliers' suppliers. This complexity increases the attack surface and makes it difficult to manage third-party risks, as the security of the supply chain can be compromised by any link, no matter how remote it may appear. The importance of protecting the supply chain According to a study by the World Economic Forum, almost 40% of organizations have suffered negative effects due to cybersecurity incidents in their supply chain. Proofpoint' s research has recently revealed that 54% of Spanish organizations acknowledge having suffered an attack in their supply chain in 2023. It is predicted that these problems will continue to rise in 2024, and that our reliance on external partners and suppliers will become one of the main channels of attack. Aware of this risk situation and its serious repercussions, the European Union has established regulatory frameworks such as NIS2 and DORA to strengthen cybersecurity measures and ensure supply chain security. Both regulatory compliances are forthcoming (NIS2 in October this year and DORA in January 2025), and emphasize suppliers: NIS2 provides that audits may be conducted on critical suppliers. DORA that all of them will need to comply with the regulations, under penalty of sanctions and impossibility of contracting. ✅ These and other measures are moving from mere recommendations to mandatory compliance. The companies concerned must comply with them, but so must their supply chain. Failure to do so will subject them to penalties and heavy fines. How an email protection solution and Security Edge can help companies secure their supply chain Supply chain attacks are becoming more frequent and sophisticated. To defend against them, organizations must ensure that their cybersecurity strategy includes people, processes and technology (both internally and from their partners). The first step in establishing the supply chain cyber security strategy is to identify the communication channels between partners and our company. On the one hand, we have users of these suppliers directly accessing corporate information systems. On the other hand, it is still a fact that email is the most used channel for exchanging information between organizations. Given this situation, it is clear that supply chain security must be addressed from both perspectives at the same time. This is where technology can help. Implementing a specific solution for advanced email protection together with the capabilities of a Security Edge solution for access to corporate applications and the Internet will allow us to truly cover supply chain security. Integrating Security Edge with solutions such as Clean Email enables you to strengthen access policies and protect your enterprise infrastructure against threats and security compromises. The union of both technologies combined in a service offers the opportunity to take security to a higher level, based on the principles of the Zero Trust model linked to the user's identity, to manage and protect access to business applications and data. While it is essential to implement technological security measures that cover all communications channels used in the supply chain, it is equally important that these technologies are managed in a uniform and coordinated manner to be effective. ✅ It is particularly important to have a highly qualified team of experts, capable of implementing a robust security posture, always up to date, as well as detecting and responding to any incident as quickly and efficiently as possible, limiting the impact on the organization as much as possible. Clean Email and Security Edge Clean Email Clean Email protects the company against BEC (Business Email Compromise) attacks, data leakage, phishing, ransomware and other malware, phishing and spam. In addition, it identifies which users are most likely to become victims, detecting which are most frequently targeted by impostor or spoofing threats. The service not only protects, but also focuses on early detection of potential compromises at providers, identifying suspicious emails from these accounts, which could indicate that they are at risk. In addition, it provides valuable information on the level of reliability and trustworthiness of suppliers, facilitating action against potential compromises. Clean Email provides complete visibility into BEC threats, allowing you to identify vendor billing fraud and payroll diversion, for example. Clean Email provides dashboards that allow you to visualize who your suppliers are and their level of risk in real time, whether its malicious messages being sent to your own company or to any other company in the world. With this valuable information, we can trigger, for example, workflows with additional security when exchanging confidential information. Clean Email also ensures the confidentiality of communications with your suppliers by encrypting the confidential information and the communication itself, protecting it from prying eyes and establishing a secure channel of information exchange. Security Edge Security Edge provides a complete view and granular control of your employees' access to company assets through its Zero Trust access capabilities. It also incorporates relevant security indicators from the Clean Email solution (such as malicious IP addresses, suspicious domains or unusual behavior patterns), thus enforcing user access policies for both corporate applications and the Internet. Security Edge acts proactively, blocking suspicious communications and ensuring that there is no unauthorized access. Email is one of the main means of communication with suppliers and third parties in the supply chain. A service such as Clean Email can detect if supplier accounts have been compromised and by sharing this information with SSE, the access policy can be tightened or even block access from any compromised supplier account. Advanced Cyber Security Management Solutions Telefónica Tech has a team of certified and highly qualified experts who manage advanced solutions such as Clean Email and Security Edge in a centralized and coordinated manner, acting as a single point of contact for the customer. This not only ensures early detection and a fast and accurate response, but also brings added value to the customer, maximizing efficiency and effectiveness in risk mitigation and protection of critical assets against cyberattacks. Clean Email Detects and measures supplier compromise risk and prioritizes actions. Expedites investigations related to compromised third-party/supplier accounts. Provides global visibility into supplier risk, enabling proactive protection in anticipation of potential cyber-attacks. Supports regulatory compliance. E nables secure and encrypted communications to be established quickly and easily. Security Edge Restrict access to systems and/or information by a supplier marked as high risk or with compromised accounts. Implements advanced data leakage controls (DLP) on vendor communications (Internet, SaaS, internal applications). Provides complete visibility of vendor access and powerful analytical tools ✅ Learn more about Clean Email and Security Edge ◾ Clean Email Business to protect SMEs from cyberattacks via email. ◾ Clean Email Enterprise for large companies. ◾ Security Edge end-to-end security from the cloud. AUTHORS DAVID MARTIN LINDSTRÖM Global Head of Network Security KATTERINE NODARSE Email Security Product Manager JOSÉ ANTONIO VELASCO Product Manager ____ Cyber Security The way we access data has changed. We must also change the way we protect it January 23, 2024

Cybercriminals are constantly innovating to infiltrate organizations' systems and steal valuable data. They achieve this by, among other things, using a complex multi-stage method, commonly known as an "attack chain". Every day we encounter new threats and many of these are not necessarily malicious at the time of email delivery. A clean website can become malicious after delivery of an email with the URL/link to that website. How does an email attack chain develop? An attack chain is a sequence of actions performed by cybercriminals to infiltrate their victims' systems. Email is one of the most common means of initiating an attack chain, as it allows malicious messages to be sent on a large scale and users to be tricked into clicking on infected links or files. Let's look at an example: A cybercriminal sends an email to an employee of the organization containing a legitimate URL. The email passes the analysis of the email protection tool. As the URL is legitimate, the email arrives in the employee's mailbox. A while later, the cybercriminal modifies the content of the web page to which the URL points by inserting malware into it. Since the employee already has the revised email in his mailbox if there is no email. A proactive and forward-thinking email security solution such as Clean Email, which can detect, analyze, and remediate email threats even after they have been delivered, is needed to protect companies from these types of attacks. Automatic removal of malicious messages with Clean Email Clean Email provides an automated response and remediation model that enables the removal of malicious messages that have already been delivered to a user's inbox. This reduces risk and workload for security operations center (SOC) teams by shortening the time they need to investigate incidents. It also helps them prioritize their recovery efforts. This solution also increases the visibility of phishing campaigns and automatically processes malicious messages reported by employees in a matter of minutes. Automation reduces the time between notification and correction for time-poor operations teams, providing the following benefits: Notification by users of possibly fraudulent emails (suspicious item reporting). Prioritization of e-mail messages by automatic classification, avoiding the need for manual writing and rewriting of rules. Resolution of active phishing attacks using context analysis to facilitate informed decision making (deleting messages, sending to quarantine, etc...). Cybercriminals are constantly changing their tactics and techniques. Applying a multi-layered approach to defense is the best way to deal with today's increasingly sophisticated and rapidly evolving threats. Clean Email offers two types of protection to suit the size and needs of companies: ○ Clean Email Business, for SMEs. ○ Clean Email Enterprise, for large companies. Cyber Security Google and Yahoo! set a deadline to meet the upcoming email authentication requirements. Are you prepared? November 21, 2023 Image: rawpixel.com / Freepik.

Email is the most widely used communication channel by organizations, and cybercriminals, aware of this, continue to take advantage of it to carry out all kinds of scams through phishing, phishing, BEC (Business Email Compromise) attacks, email impostors, etc. Domain spoofing is one of the most common tactics used by cybercriminals. It consists of simulating the domain of a well-known and trusted company in order to impersonate it (or one of its employees), imitating or impersonating the name of the server or domain from which the message is sent. This increases the "credibility" and effectiveness of the scam by recognizing the brand and assuming the message is legitimate. According to Proofpoint, 47% of respondents believe that an email message is safe when it contains a known brand name and 71% that an email address is always linked to the website it corresponds to. Organizations should implement the Domain-based Message Authentication, Reporting and Conformance (DMARC) protocol to strengthen protection against the risk of phishing. ✅ DMARC is an email validation protocol designed to protect domain names from misuse by cybercriminals. DMARC does this by verifying the identity of the sender before allowing the message to reach its intended recipient. The "Reject" mode is the strictest and most recommended level of DMARC protection. It is a configuration and policy that prevents fraudulent emails from reaching their recipient. Proofpoint's DMARC analysis of the domains of organizations on the Forbes Global 2000 list yielded the following conclusions: 27% do not take measures to prevent brand spoofing. Less than one third have implemented the most restrictive DMARC level. 15% have an intermediate DMARC level. Technical controls such as the DMARC protocol are extremely important to protect an organization against email-based fraud and cyberattacks, including the risk of phishing. The new email requirements from Google, Apple and Yahoo are a great opportunity for organizations to take stringent security measures to ensure maximum protection of their email domains, drawing on experts and resources at their disposal to ensure they implement best practices and address domain spoofing threats, comprehensively. Clean Email is Telefónica Tech's managed service that, among other capabilities, facilitates the implementation of DMARC and provides support along the journey to achieve the highest level of compliance. Our experts are responsible for analyzing traffic, tidying up data and taking action to ensure that DMARC compliance levels are appropriate at all times. The service also provides detailed reports that give you continuous visibility into the level of security of your domains and your brand. ✅ In order to adapt to the size and needs of companies, Clean Email offers two modalities: ◾ Clean Email Business to protect SMEs from cyberattacks via email. ◾ Clean Email Enterprise for large companies. Cyber Security The way we access data has changed. We must also change the way we protect it January 23, 2024 Image by Rawpixel.com at Freepik.

All companies, with no exception, manage sensitive data and information for which availability, integrity, and confidentiality must be ensured. In addition, such information is often subject to specific regulatory compliance for companies in terms of privacy, security, and legality. Information can be at rest, in transit, or in use, and can be intercepted, accessed, leaked, or stolen by a malicious actor or intentionally by a user at any time, resulting in data exfiltration or leakage. Data loss is a growing challenge worldwide, and also in Spain. A study by Proofpoint reveals that 58% of Spanish security managers have had to deal with a material loss of sensitive data in the last 12 months. According to Proofpoint, nearly half (49%) of CISOs surveyed do not believe their organization's data is adequately protected. New data loss protection solutions In many cases, traditional data loss protection (DLP) solutions have focused on corporate tools and perimeters designed to keep sensitive information in and malicious actors out. But this approach focuses on data in use, in motion and at rest within the organization, without much context outside of this. Today's reality is quite different: most employees work outside the office, using corporate and even personal devices. This has meant that the way they work, connect, communicate, collaborate, access, and interact with data has changed as well. New ways of working require people-centric solutions to protect sensitive information and data inside and outside the organization. This new way of working requires a paradigm shift in information protection. A new way of protecting sensitive data that applies both outside and inside the organization and is more people centric. Advanced protection against data exfiltration through email Email is one of the most widely used channels for sending and receiving information and, according to Verizon's Data Breach Investigation Report 2023. It is also the number one vector for distributing threats, phishing, malware, and data theft. Clean Email detects sensitive data and confidential information, protecting the organization from leaking information via email. The service accurately classifies confidential information, detects data exfiltration transmissions through email, and prevents the loss of critical data. Clean Email protects confidential information and detects and prevents exfiltration of critical data via email. Regarding the protection of information that transits through internal and external, inbound and outbound email in a company, Clean Email is the appropriate managed service to mitigate data exfiltration through email, preventing the information from falling into the hands of unauthorized persons, internal or external, safeguarding its marked level of confidentiality, integrity, and availability. ✅ Clean Email offers two variants to suit the needs of companies and organizations: ○ Clean Email Business designed to protect SMEs of cyber-attacks via email. ○ Clean Email Enterprise for large companies and organizations. Both variants offer advanced email management and protection solutions, allowing companies to maintain the security and privacy of their communications. We at Telefónica Tech provide both, ensuring that companies of any size and sector have an effective and customized solution to meet their specific needs for data and email protection. Cyber Security Google and Yahoo! set a deadline to meet the upcoming email authentication requirements. Are you prepared? November 21, 2023

Google and Yahoo! have recently announced that starting February 2024, they will require email authentication to send messages to their platforms. This indicates that they are taking significant steps to prevent email spam and scams. These security requirements will apply to accounts that send large volumes of emails per day. These accounts will need to implement the DMARC authentication protocol, among other measures. Failure to meet the new requirements will significantly impact the delivery capability of legitimate messages to clients with Gmail and Yahoo accounts. More measures to reduce malicious email, spam, and graymail Specifically, Google has announced that starting in February 2024, Gmail will require email authentication when sending messages to Gmail accounts. If your company sends more than 5,000 email messages per day to Gmail accounts as a bulk receiver, you will have to meet even more requirements. Additionally, you will need a DMARC policy, ensure SPF and DKIM alignment, and provide recipients with a one-click unsubscribe option. Yahoo! is implementing similar requirements. The company recently announced that it will require strong email authentication implementation starting from early 2024. This measure aims to curb malicious messages and reduce unhelpful emails (spam and graymail) that clog users' inboxes. Activate the upcoming email requirements with Telefónica Tech For organizations, these requirements are just the beginning. When February arrives, companies that have not adopted email authentication will not have the assurance that their emails reach clients' and recipients' inboxes. Until now, few companies required individuals and organizations to authenticate their emails when communicating with them. However, this practice will become more common and necessary in the immediate future. At Telefónica Tech, we can assist you with our Clean Email Enterprise service. This is a managed service that provides advanced email protection against identity spoofing and facilitates the implementation of Google and Yahoo! requirements, including activating of: DMARC: Domain-based Message Authentication, Reporting, and Conformance helps protect against phishing and spoofing. It allows senders to specify authentication policies and receive reports on message delivery. SPF: Sender Policy Framework allows senders to specify which servers are authorized to send emails on behalf of their domain. It prevents unwanted email and phishing by verifying sender authenticity. DKIM: DomainKeys Identified Mail allows senders to digitally sign email messages. It ensures that messages have not been altered during transit and verifies sender authenticity. 🔵 You can find more information about our Clean Email Enterprise service here.

Email is one of the main entry points for malicious or malicious software (malware) for SMBs to steal assets or interfere with business operations and activity. According to Verizon's Data Breach Investigations report, 43 per cent of security breaches affecting SMBs and almost all malware detected is introduced via email. In fact, three out of four email attacks target SMEs, organisations that often lack the knowledge and budget to implement the necessary protections against ransomware, according to Covewareu. In SMEs, email is the most commonly used communication method, so advanced email security is the only way to avoid cyber attacks via email. According to the ESET SMB Digital Security Sentiment Report, 74% of SMEs believe that companies of their size are more vulnerable to cyber-attacks than larger companies. The causes include a lack of staff training and awareness, limited budget and investment in Cyber Security, and the challenge of keeping up with cyber threats. This increased risk faced by SMEs makes it imperative for them to implement advanced email protection services as a measure to block the entry of malicious software (malware) and prevent email attacks. In general, because of the lower cyber resilience of SMEs, a security incident can put their operations and financial results at risk, as well as their reputation, compliance and even business continuity. 60% of SMEs that suffer a cyber-attack disappear within six months In order to protect SMEs from the risks associated with the use of email, Telefónica Tech offers Clean Email Business. This is an advanced managed email security service. Clean Email Business is specifically designed to protect SMEs against both known and unknown threats. It also protects them against information leaks, ensuring business continuity and regulatory compliance. The risks of cyber-attacks via email Cyber-attacks via email are among the most commonly used by cybercriminals to gain access to SMEs' IT systems, including: Phishing, which involves sending fraudulent emails designed to look like they come from a trusted source, such as a large company or bank. Its purpose is to trick recipients into revealing sensitive information such as login credentials or financial data. BEC (Business Email Compromise), spear-phishing or 'CEO fraud', a variant of phishing that consists of a specific and targeted attack, against a very specific recipient, to persuade and convince them to perform actions, such as making payments or transferring money; or to reveal information, such as access credentials to the company's corporate network or bank. Cybercriminals in a BEC attack impersonate company executives to order payments or access confidential data. Malware, malicious software that usually arrives as an email attachment 'disguised' as an image, PDF, Office document or as a compressed .zip file. When the recipient opens the attachment, a programme designed to steal information, hijack data for ransom (ransomware) or gain access to other computer systems on the network is executed and inserted into the computer. SMEs' challenges in protecting themselves from cyber-attacks via email SMEs are an attractive target for cybercriminals, as they are often more vulnerable than large enterprises. At the same time, they are also more sensitive to the economic impact of a cyber-attack, such as ransomware or phishing, so good security management poses significant challenges, including but not limited to: Limited resources often translate into small budgets for cyber security. SMEs need to carefully prioritise their security investments to address this challenge, focusing on cost-effective but robust solutions, such as professionally managed cyber security services that allow them to benefit from security expertise without the need for a specialised team. Lack of training and awareness of cyber threats and best practices in cyber security increases the risk of staff falling victim to malicious emails that put the company's security at risk. Training and awareness, as well as proven and recognised protection tools, are essential to reduce the risk of cyber-attack. Hiring or retaining specialised Cyber Security talent is often difficult and costly, making it difficult to build internal security teams. One solution is to outsource some or all of your cyber security needs by leveraging managed security services to access specialised expertise with less financial impact. SMEs need comprehensive, integrated, and secure solutions to face these and other challenges, allowing them to safely navigate their digital transformation process, always accompanied and advised, in order to deal with cyber threats. Ransomware (data hijacking) and phishing (information theft) are among the top ways attackers gain access to an organisation. How Clean Email Business works Clean Email Business is an advanced solution designed to protect SME email from known and zero-day threats, based on Proofpoint Essentials technology. It is a service that constantly examines, in real time, all email entering and leaving an organisation and blocks detected threats. When it detects a malicious email, it quarantines it before it reaches the recipient's inbox, or redirects it to a sandbox to scan for malicious attachments and URLs, as well as threats based on known or unknown malware. In this way, Clean Email Business protects SMBs against email-borne threats, including credential phishing, phishing email attacks (BEC attacks), malware and ransomware in malicious files and URLs, data leakage and spam. In addition, Clean Email Business benefits from the capabilities of Telefónica Tech's global network of 11 Security Operations Centres (SOCs), which protects businesses and users who make use of email applications. This assures Clean Email Business customers that they have a robust and reliable platform managed by expert Cyber Security professionals, which is adapted to their needs. 📫 Integration with Microsoft 365 email and Social Networks Clean Email Business integrates easily and seamlessly with Microsoft 365 email, adding management tools and additional security features. In addition, Clean Email Business' emergency inbox ensures continuity of email service in the event of an outage on the customer's email server. Clean Email Business also monitors and protects social network accounts, such as Facebook, LinkedIn, Twitter, and others, to prevent cybercriminals from posting spam and malicious content. Overall, Clean Email Business provides SMEs with: Anti-spam and anti-virus protection. Advanced protection against malicious attachments and URLs using a dynamic sandbox. Protection of sensitive data leaving the company. Intelligent content filtering. Automatic email encryption. 24/7 emergency inbox. Email archiving in the cloud. Data Leak Prevention (DLP) and email encryption built into Clean Email Business detects and protects sensitive information sent in outgoing emails. Clean Email Business also uses machine learning techniques to perform content, context and behavioural analysis to detect and quarantine malicious emails. In addition, Proofpoint's platform analyses billions of emails every day, so Clean Email Business benefits from its global knowledge of new threats. How to protect yourself from cyber-attacks via email Email is the primary form of communication for SMEs. The key to preventing email cyber-attacks is to implement advanced security solutions that are affordable, easy to use and within their reach. In addition, 74% of security breaches involve the human factor, so attackers are increasingly targeting the weakest link in a company's workforce to achieve their goal. Whether it's stolen credentials, phishing, misuse, or simply a mistake, awareness with training plays a key role in preventing cyber security incidents (Verizon DBIR 2023). 📌 Our client RTVE needed to protect their organization against cyber-attacks and illegitimate uses of the Corporation's name or image. Thanks to the Clean Email Enterprise service, our solution for big companies, RTVE has become more efficient in the detection and protection of email. Discover the success case → This reveals the importance of cyber security training and expert support for company staff, who are increasingly exposed to cyber-attacks that use email as an entry point. Telefónica Tech's Clean Email Business offers SMEs state-of-the-art email security, based on the advanced technology of our partner Proofpoint. We also offer small and medium-sized companies the security capabilities and specialisation of our 11 SOCs (security operations centres), where certified professionals monitor and manage the email security service to protect SMEs 24 hours a day, 365 days a year. AUTHORS KATTERINE NODARSE MORALES Email Security Product Manager DAVID MARTIN LINDSTRÖM Global Head of Network Security * * * Reports: Verizon Data Breach Investigations Report ESET SMB Digital Security Sentiment Report Coveware: Q2Ransom Payment Amounts Decline as Ransomware becomes a National Security Priority Cyber Security The way we access data has changed. We must also change the way we protect it January 23, 2024 Photo (cc) Chuttersnap / Freepik.