What are the forms of human activated cyber risk?
Accidentally clicking a phishing email
Autocomplete sending sensitive data to the wrong recipient
Autocomplete sending sensitive data to the wrong recipient
Not sending something that should be, encrypted
Recipients in the 'cc' field instead of the 'bcc'
Responding to a Business Email Compromise attack
Malicious insider and data exfiltration
Inbound Email Protection
Outsource your security operations to a team of global cybersecurity experts that monitor your environment 24/7. If a threat is detected, action is taken immediately and you are notified. Our experts can eliminate the threat, identify the root cause, and provide guidance on stopping similar threats in the future.
Incoming emails from outside of your organisation will have a coloured banner inserted. These banners will help alert and provide education to your user at the point of risk.
All banners applied by Egress Defend can be clicked on. This allows the user to learn why that specific email has been marked as dangerous and user's can also then report the email as a phish with the click of a button.
Egress use machine learning technology to deliver real-time teachable moments through their Intelligent Email Security platform.
The dynamic alerts change based on the current level of risk and offer clear explanations, meaning people remain engaged and responsive over time.
When a threat occurs, these real-time teachable moments nudge people into Type 2 thinking, enabling them to respond rationally and logically.
Egress Defend delivers anti-phishing banners directly within Microsoft 365, with heat-based warnings that change depending on the level of risk detected. This stops users from becoming decensitized to generic 'external email' warnings and nudges them back to Type 2 thinking with simple guidance at the point of risk, when they genuinely need it.
Egress Defend combines zero-trust models with intelligent linguistic and contextual analysis to detect the sophisticated cyberattacks that bypass your traditional email security solutions. The real-time alerts and feedback provide teachable moments that clearly explain risk to users
Spear Shield has helped enable us to put the ownership of emails back on to the user. Because ultimately, we're just one team, regardless of size, you can't see everything, and you have to trust your people not to click. Defend's banners and the rewriting of the links are invaluable. There's just that extra layer of protection.
J. Carter. I.T. Systems and Development Manager at Hopkins Homes
Outbound Email Protection
Integrate your entire security environment with over 50+ supported integrations.
Egress Prevent combines your custom policies with machine learning and the power of their DLP engine to provide intelligent, bespoke data loss prevention and breach mitigation for every one of your user's.
Supervised ML. Technology alone isn’t always perfect, so training the algorithms with your custom policies allows it to understand exactly what you need and reduces false positives.
- Contextual ML. To understand your users’ behaviour, Prevent monitors who they communicate with, where they’re located, the time they’re usually communicating, and the content typically shared/discussed. This is used to dynamically detect abnormal behavior.
- Always learning. Bayesian inference models continuously update Prevent’s risk assessments as more information about user roles and behavior become available, ensuring the most up-to-date risk assessments with each outbound email.
- Relationship mapping. Prevent uses a relationship map to identify user relationships and interrogate their strength in order to detect unexpected recipients and stop misdirected emails.
- Adaptive protection. With Egress' Human Risk Scoring feature, you can have each of your users’ security controls automatically dialed up or down based on their risk score.
Content inspection and analysis for all attachments. DLP policies supervise machine learning algorithms to coach right vs. wrong. By measuring the subject line and message body against the given aliases, Prevent can detect anomalous content specific to the intended recipients and domains.
If Egress Prevent detects sensitive content or information within an attachment that should be sent encrypted, it can provide an intelligent prompt to a user to remind them to send encrypted. Or, if combined with Egress Protect (Secure Email) solution, this action can be automated for the user.
Interactive and customisable feedback. Egress Prevent provides instantaneous feedback as the user composes their message, without negatively impacting their workflow.
We already had the default, out-of-the-box Exchange Online Protection (EOP) controls deployed in Microsoft 365, but we were aware that advancing attacks are engineered to get through. At the same time, we wanted to make sure that we could stop incidents occurring in outbound communications that were caused by human error.
By working with Spear Shield to deploy the full Egress Intelligent Security Platform, we simultaneously enhanced both our inbound and outbound defences, it's fantastic to work with a single provider that can do both. Spear Shield and Egress made the process incredibly easy and collaborative.
J. Burl. Associate Director for I.T. at Concertus Design and Property Consultants
Securing with Spear Shield and Egress
Spear Shield are an Egress Platinum Partner with over 10+ years combined experience working with Egress.
Here are a few reasons why customers choose to secure with Spear Shield and Egress.
Spear Shield has the flexibility to offer our customers the best commercials available on Sophos' term based licensing agreements or, can offer our customers an MSP, pay as you go model backed up by Spear Shield's in-house team of Security Engineers.
Need assistance building an internal business case? Speak with the team at Spear Shield about our combined email security assessment.
Over a 2 week period with no agents required, we can give you insight into:
- Insight into how many dangerous emails are slipping through the net
- How susceptible your users' are to phishing attacks
- The effectiveness of real-time teachable moments for users' at the point of risk
Spear Shield are an Egress Integration Partner and has the ability to feed phishing simulation results into Egress' Human Risk Management dashboard to help our mutual customers' dynamically change their users' security controls based on their Security Awareness Training risk scores.
Help raise user adoption of your Egress investments with Spear Shield's tailored and custom, Egress Defend tutorial training courses. Included as part of Spear Shield's Cyber Academy offering, speak with a member of the team for details.
How can I enhance user awareness and mitigate risk?
Managed Phishing Simulation Service
Campaign Frequency Options:
Monthly
Bi-Monthly
Quarterly
Pricing based on number of users
Cyber Academy User Training
Tailored 12-month End-User Awareness Training Programme
Delivered as a fully managed service.
Pricing based on number of users
Real-Time End-User Awareness Training
Help change users' security behaviours by combing security awareness and training with real-time teachable moments and 'nudges' at the point of risk.
Pricing based on number of users
Phishing Threat Intelligence
60%
Root cause of ransomware attacks is human-activated risk
CFO
Top targeted member of the board with phishing in 2023
600%+
QR Phishing Attacks up 600% in Q4 2023
59%
of organisations had login credentials stolen.
Achieving Security Outcomes Together
Hopkins Homes
Click the image above to read the full story
Castons
Click the image above to read the full story
Concertus
Click the image above to read the full story
Contact
The team at Spear Shield have several year's experience working within both the private and public sector, have a very consultative approach and would welcome the opportunity to learn more about your organisation.
Why customers Secure with Spear Shield
Over 20+ Year's Experience
Working within the private sector, public sector and large enterprise to help organisations solve complex and advanced cybersecurity challenges.
Strategic Portfolio
The team at Spear Shield have done the hard work evaluating the market, understanding the pro's, con's of each solution and what's going to provide the best security outcomes and value for investment so you don't have to.
In-House Technical Expertise
Our customer's benefit from Spear Shield's in-house technical expertise for both pre and post-sales support
In-House Technical Expertise
Cyber criminals collaborate... so why shouldn't the good guys too? Spear Shield customers benefit from our regularly hosted Security Social.exe free to attend cybersecurity social and networking events.
Let's crush the bad guys together!
Spear Shield has an award winning portfolio of cybersecurity solutions and services that can help keep your network, people and data secure.
Access to the best Commercials
Spear Shield's relationships and technical investment with our partners enables us to provide our customer's with the most competitive commercials available.
FAQ's
Everything you need to know about Spear Shield.
No you don't! Whilst we'd of course hope that one day you might be... Our Security Social events are to provide people with a platform to network. We've built a community of local based IT professionals in East Anglia and Edinburgh so far where people can come together to share cybersecurity challenges and advice for best practice with one another.
Here at Spear Shield, we can offer both! Consider us a hybrid MSP and VAR (Value added reseller). We are set-up with our vendors to offer our customers all options to ensure we can align our cybersecurity solutions and services with your preferred budget type. Please speak with the team for details.
Yes! Spear Shield has routes to market including G-Cloud to be able to supply our public sector customers with our cybersecurity solutions and services. Please speak with the team for details.
Yes! and we do. Our Team has many, many combined years experience working with some of the largest private sector enterprises across the country to help tackle and solve cyber risk. All of Spear Shield's cybersecurity solutions and services are scalable and enterprise-grade.
Yes, the Spear Shield Team will always ensure any eligible not-for-profit and public sector discounts are applied to any quotes for our cybersecurity solutions and services.
Here are some of the top cybersecurity threats organisations are facing in 2023.
Social Engineering
Any network is hackable if an employee can be duped into sharing access.
Third-Party Exposure
Vendors, clients, and app integrations with poor security can provide access to an otherwise well-protected network.
Configuration Mistakes
Your cybersecurity investments are only as strong as they are configured correctly.
Human Activated Risk
User education and visibility for IT is essential to ensure those with network access and those handling sensitive data are maintaining cyber best practices.
Ransomware
Hackers are targeting back-ups and using extortion more and more to push receiving the ransom payment from their victims.
Mobile Devices
Every mobile device is a gateway to your network and sensitive business data.
Lack of resource and expertise
Human-led cyber attacks require human-led threat hunting. Unfortunately, skilled threat hunters are few and far between.
Internet of Things (IoT)
Smart technology users may not realise that any IoT device can be hacked to obtain network access. Securing your network starts with understanding what's on it.
No there isn't! The team will just use that as an opportunity for us to work together on a project and prove the value we can provide you as a future strategic partner.
This is an area where the cybersecurity experts at Spear Shield thrive! We've worked with organisations to help reduce employee click rates from 70+% to 0% without the need for any end-user awareness training.
Online training content doesn't work.
Classroom based training gets forgotten.
Static email banners get ignored.
Speak with the team about real-time end-user awareness training to help mitigate the risk of a phishing attack in your organisation.
The team at Spear Shield are an Award Winning Sophos Partner and have a combined 20+ years experience working with Sophos. Our relationship and technical investment, enables Spear Shield to offer our customers the most competitive commercials available. Sophos is one of the largest providers of MDR across the globe with over 17,000 + organisations using the MDR service and is what powers the Spear Shield 24/7 Managed Detection Response Service.
Spear Shield's Managed Phishing Simulation Service provides our customers with managed phishing simulations and security awareness training for their users delivered as a fully managed services. Customers benefit from the tailored spear phishing examples that the Spear Shield team can tailor to your organisation and also base our templates on real-world phish that we see that are able to evade detection from 3rd party secure email gateways and Microsoft 365. After each campaign, customers benefit from receiving an executive ready report with all of the information and data required to be able to confidently articulate risk back to the business.
The cybersecurity experts at Spear Shield will provide you with executive ready reporting with all of the intelligence you require to provide cyber-assurance to your organisation.
Includes:
- Engagement Overview
- % Click Rate
- No. of Credentials Harvested
- Individual Campaign Performance
- Device Breakdown
- Caught-User Breakdown
- User Behaviours Insights
- Industry Benchmarking
- Consultative Recommendations