The news that the FBI have issued an alert warning about phishing emails targeting those with access to healthcare portals, websites and payment information demonstrates that cyber criminals will ruthlessly target any organisations, targeting different business processes, in their quest to make money. No doubt, threat actors here intended to exploit the good intentions of understaffed healthcare employees, who will be less likely to spot a phishing attempt as they grapple with their workload.
On the business side of things, current email security is overly focused on prevention when it comes to phishing attacks. Instead, organisations are far better off implementing a robust, layered security strategy in retaliation. This layered strategy should include real-time detection of zero-day and unique threats. By adding a real-time detection and automated remediation capability to identify and eliminate threats rapidly, we can minimise the impact of when a malicious email makes it through our defences.