Securing Small Business: Layering Cisco Email Security and Office 365

This post was authored by Sham Miah 

I’ve been working in the cybersecurity industry for many years now and because of the way cybercriminals evolve their threats, there has always been one constant; email is still the number one threat vector.

According to Gartner “by 2021, Gartner expects 70% of public and private companies to be using cloud email services”. And, that transition to cloud email security often increases an organization’s level of risk.

That’s exactly what Strenge GmbH & Co. KG found; difficult controls, increased threats such as Business Email Compromise (BEC) or Email Account Compromise (EAC), and a lack of support from their cloud email platform vendor.

Strenge, an industrial supply company, quickly realized they needed an email security solution that would work with their O365 migration, but that would also provide the level of protection necessary to keep their organization safe. Having a layered approach that combined Cisco Email Security with Cisco Advanced Phishing Protection, Strenge was able to dramatically reduce the risk of data breaches, ransomware attacks, wire fraud, and other email threats that were costing the company money and time.

That helped solve their inbound email threats, but what about outbound email? The coronavirus pandemic is shining a spotlight on the importance of Domain-based Message Authentication, Reporting, and Conformance (DMARC). This prevents cybercriminals from hijacking an organization’s domains to launch phishing attacks that put the public at risk and damage the offending company’s reputation. In Strenge’s case, it was necessary to communicate with their customers, but it was vital that their customers knew that those communications were actually coming from Strenge.

So Strenge also implemented Cisco Domain Protection to ensure that they could easily analyze, update, and take action against those that may have been misusing their domain to send malicious emails. This ensured that their customers were protected and that the Strenge brand reputation stayed intact.

Strenge also found additional value in the care they received from Cisco support. After not getting the attention they needed and deserved from their cloud email platform vendor, they were thrilled to work with Cisco to optimize their experience and achieve the best protection for their organization.


Sham is the Email Security Lead in EMEAR for Cisco Security and is responsible for the business development of the email security portfolio which includes on-premise/hosted/hybrid email security gateway, advanced phishing protection, domain protection, security awareness training and cloud mailbox defense.

Sham started his career at IronPort which got acquired by Cisco and has worked in Cyber Security for the entirety of his career in various other security vendors such as McAfee, Webroot and Symantec then returning back to Cisco in his current role.