Pub15-2020-2021-Issue5

NEBRASKA BANKERS ASSOCIATION 17 or click on something in a phishing email. Phishing emails are still the #1 delivery vehicle for malware, and training your people to handle phishing emails properly may be one of the most important things you can do to mitigate your risk. It is a great idea to not only train and educate employees, but to test them, too. 5. Email Controls Email sandboxing along with Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain- based Message Authentication, Reporting and Conformance (DMARC) are impactful controls that can be put in place to protect your network against a ransomware attack. Email sandboxing, which automatically tests links and attachments in an email in a secure environment before your users receive the email, adds a layer of security and lessens the chances of an employee clicking on a malicious link. The Advanced Persistent Threat subscription to Office 365, which implements the Safe Links and Safe Attachments sandbox controls, is an excellent example of how email sand- boxing can protect your organization from email threats. SPF, DKIM, and DMARC all help authenticate send- ers using an organization's specific domain. SPF prevents hackers from sending emails on behalf of an organization's domain. In addition to SPF, DKIM checks if an email was truly sent by the owner of that domain. DMARC uses both SPF and DKIM to determine the authenticity of the content of an email message. SPF, DKIM, and DMARC are typically free additions to your email system that can make a signifi - cant impact on the amount of junk or phishing email your organization receives. 6. Egress Firewall Whitelisting with Geolocation IP Blocking Egress firewall whitelisting examines all outbound traffic from your network to the internet (at the firewall level) and only allows information to leave the network if your organization's IT administrator's requirements are met. Egress firewall whitelisting works best with geolocation IP blocking, which blocks activity to IP addresses associated with geographical locations in which your organization does not do business or wants to block intentionally (like certain foreign countries known for cybercrime). Blocking traffic to certain regions and countries while examining the traffic that leaves the network in the first place is an important control that would notify the organization if a ransomware scenario is unfolding.  For more information, contact Reece Simpson at 605-270-3916 or reece.simpson@sbscyber.com . SBS delivers unique, turnkey cybersecurity solutions tailored to each client’s needs, including risk management, consulting, on-site and virtual auditing, network security and education. Learn more at www.sbscyber.com . Bridgepoint provides confidential institutional investment banking services delivered by local professionals. • Distressed and bridge financing (equity and non-bank finance) • Capital raising for growth or liquidity • Sell-side M&A advisory services for banks and operating companies • Leveraged finance solutions for community banks • Generous fee-sharing program for bankers CREATIVE SOLUTIONS THAT LEAD TO OPTIMAL RESULTS OFFICES: Omaha • Lincoln • Des Moines • Denver • Chicago NEBRASKA PRINCIPALS: Matt Plooster • Gary Grote Wm. Lee Merritt • Mike Anderson Call Bridgepoint Investment Banking Today 402-817-7900 www.bridgepointib.com [ Securities offered through an unaffiliated entity, M&A Securities Group, Inc., member FINRA/SIPC “Bridgepoint is a true resource and partner for commercial bankers as we all work through one of the most trying years in history. We’re here for you when your clients need creative financial solutions.” – Gary Grote Managing Director