Email security faces increasingly complex challenges as threat actors continue to enhance their level of sophistication and push the bounds of the threat landscape, targeting new communication channels like Microsoft Teams, Slack and more. The 2023 Gartner Market Guide for Email Security Report summarizes data Gartner has gathered over the past year from more than 1,500 customers, while also examining how modern technology solutions can be leveraged to tackle today’s email security pain points.
An in-depth look of the latest report shows that despite the abundance of email security solutions on the market today, security teams are still struggling with significant challenges, namely:
To address these pain points, Gartner recommends that security decision makers augment their cloud email services’ native defenses with third-party Integrated Cloud Email Security (ICES) solutions. The report highlights ML and AI-based detection technologies for anti-phishing and BEC protection as well as URL analysis leveraging computer vision for preventing log-in page impersonation.
Similarly to the 2021 Market Guide, this year Gartner’s analysts focused on the three main types of email security
solutions; vendors were divided into the following categories: Secure Email Gateway (SEG), Integrated Cloud Email Security (ICES) and Email Data Protection (EDP) solutions.
As legacy security tools positioned in the MX record, SEGs have traditionally served as the primary line of defense against inbound and outbound email threats.
ICES solutions that leverage APIs on the other hand, continue to gain momentum augmenting or completely replacing an existing SEG infrastructure or the built-in protection of cloud email services (Google Workspace, Microsoft 365, etc.). Although “Microsoft and Google continue to dominate the market and the capabilities they provide are decent but insufficient for some sophisticated attacks.”
Utilizing ”advanced detection techniques, including NLU, NLP, social graph analysis and image recognition” cloud-native vendors like Perception Point (a representative ICES provider recognized by Gartner 4 times in a row) offer significantly better protection against the ever-evolving threat landscape. In addition to threat detection, leading ICES solutions provide account takeover remediation by analyzing user behaviors and contextual data like logins, locations, etc.
Gartner notes that although “SEG vendors like Proofpoint and Mimecast have also started to provide ICES solutions and claim to provide enhanced artificial intelligence (AI)/ML capabilities… there is no additional capability that these vendors provide in comparison to other core ICES vendors.” The report highlights a significant growth rate for ICES, which will gain even more prominent market share: “By 2025, 20% of anti-phishing solutions will be delivered via API integration with the email platform, up from less than 5% today.”
Learn more about the key differences between ICES and SEG solutions here
In the report, Gartner emphasizes the importance of email security orchestration automation and response (MSOAR) capabilities which are “Offered to rapidly triage user-reported phishing messages as a managed service, either directly from the vendor or through a managed security service provider (MSSP).”
In addition, ICES solutions may include conditional banners that inform users to help them make decisions. This reinforces security awareness among employees and simplifies the reporting and remediation processes.
Perception Point’s all-included managed Incident Response service is in line with Gartner’s findings. Offering a fully managed incident response service that is natively integrated with the ICES solution and provided at no extra cost. The service serves as a force multiplier for SOC teams by reducing management overhead, enhancing the user experience, optimizing detection and providing ongoing insights.
Learn more about the managed Incident Response service here
Collaboration tools is a common term used to describe cloud channels and SaaS platforms that are designed for communicating along with sharing data and files within the organization and with external parties. Messaging and team collaboration tools (e.g. Slack, Microsoft Teams), cloud storage solutions (e.g. Dropbox, Google Drive), shared virtual spaces, CRM applications (e.g. Salesforce, Zendesk) and in-house applications and APIs are some examples of modern collaboration channels.
In the 2023 Market Guide for Email Security, Gartner notes:
“With the shift to remote and hybrid working, communication is moving beyond just email to include collaboration tools such as LinkedIn, Microsoft Teams, Slack etc., with users outside the organization. Attackers can potentially use these for phishing and malware distribution. Although email is still the most common attack vector, many attackers use emails to begin the communication and then move it to Slack, Teams or any other collaboration platforms.”
Attacks coming through these channels share a lot of similarities with the “usual” email-borne threats. Attack campaigns targeting collaboration tools may involve impersonation, mass spreading of malicious malware/URLs, and many result in ransomware.
Many organizations are failing to identify the vulnerability of communication channels other than email, which are often overlooked despite being highly targeted by attackers. This blindspot has been acknowledged by Gartner, which recommends the implementation of ICES solutions with API integrations like Perception Point to secure both internal and external cloud collaboration channels.
“Several vendors’ solutions can use their API integrations into collaboration platforms to filter malicious content or suspicious interactions. Many of these solutions use ML and NLU capabilities to analyze the communications across multiple channels and prevent attacks.”
Learn more about collaboration channels threats and security costs in the latest Osterman Research report
When defining the category, Gartner mentioned one common characteristic of ICES solutions: the API deployment.
In the report, Gartner highlights essential capabilities for security and risk management leaders to look for when evaluating ICES vendors:
Perception Point is a Prevention-as-a-Service company for the fastest and most accurate next-generation detection, investigation, and remediation of all threats across an organization’s main attack vectors – email, web browsers, and cloud collaboration apps.
Perception Point’s solution streamlines the security environment for unmatched protection against spam, phishing, BEC, ATO, ransomware, malware, Zero-days, and N-days well before they reach end-users.
Multiple layers of next-gen static and dynamic engines together with patented anti-evasion technology and image recognition algorithms protect organizations against malicious files, URLs, and sophisticated social engineering techniques. All content is scanned in near real-time, ensuring no delays in receipt, regardless of scale and traffic volume. The solution’s natively integrated, free of charge, and fully managed incident response service acts as a force multiplier to the SOC team, reducing management overhead, accelerating remediation, improving user experience and delivering continuous insights.
Deployed in minutes, with no change to the enterprise’s infrastructure, the patented, cloud-native and easy-to-use service replaces cumbersome legacy systems.
Fortune 500 enterprises and organizations across the globe are preventing attacks across their email, web browsers and cloud collaboration channels with Perception Point.
To learn more about Perception Point, visit our website, follow us on LinkedIn, Facebook, and Twitter, or contact us.