Less email filtering?

Cyber security is often thought of as a defensive exercise.   It is often thought in terms of preventing threats gaining access however in considering malicious emails I wonder whether there might be a slightly different way to think about it.

My concern is this;  If in our cyber defence we do a really good job and prevent malicious emails, such as the all too common phishing email getting through, then we could potentially create a work force who are unfamiliar with phishing emails.   Our defences may create a situation such than when a phishing email eventually does get through, and this is pretty much guaranteed, the recipients are ill prepared to identify it as malicious and respond to it accordingly.   Our defences create a more vulnerable user base. I also would suggest that an expectation of 100% successful filtering if naïve; Our filtering solutions are simply not that good combined with the fact cyber criminals are constantly adjusting their approach to bypass common filtering solutions and approaches.

Now to be clear, I am not proposing no defence against malicious emails.   What I am suggesting is that having filtering which is at least slightly porous, allowing some malicious emails through may be preferable in developing users who are more aware.

I suspect some may argue that awareness is developed by training and awareness campaigns, etc, however I would suggest that these are all proxies for exposure to the real thing, and for learning to deal with the real thing. Again, I am not saying that we shouldnt have any awareness training, in fact I am a firm believe in the critical importance of awareness training, I am simply suggesting that training is not as effective as real life events.

The challenge with the above is the level of porosity.   As I suggest, not porous enough and the user base may be ill prepared however equally defences which are overly porous will simply expose users to a great volume of risk through a greater volume of malicious emails.   Once again the challenge relates to achieving balance and to managing risk.

Author: Gary Henderson

Gary Henderson is currently the Director of IT in an Independent school in the UK.Prior to this he worked as the Head of Learning Technologies working with public and private schools across the Middle East.This includes leading the planning and development of IT within a number of new schools opening in the UAE.As a trained teacher with over 15 years working in education his experience includes UK state secondary schools, further education and higher education, as well as experience of various international schools teaching various curricula. This has led him to present at a number of educational conferences in the UK and Middle East.

Leave a comment