Can IT nip this in the bud by implementing antispam tools with an overly aggressive rule set? Theoretically, yes--but a policy of "better to bounce than be spammed" is too draconian. Users don't like finding their e-mails in quarantine (see page 42 for our analysis and reviews of spam filters).
There's nothing wrong with configuring your spam- and malicious content-prevention tools to drop blacklisted IP addresses, require PTR records, bounce executables, sanitize URLs and do some Bayesian scanning. But beware: Vulnerabilities are discovered every day, and miscreants are endlessly inventive.
A belt-and-suspenders approach to security will minimize damage from all attacks. "Least privilege" configurations for inbound and outbound traffic--"permit what is allowed, but deny all else"--can stop many Trojan attacks. Ultimately, this type of network hardening will make your system safer from all attacks, not just mal-spam.
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
