Email security faces increasingly complex challenges as threat actors continue to enhance their level of sophistication and push the bounds of the threat landscape, targeting new communication channels like Microsoft Teams, Slack and more.
The 2023 Gartner Market Guide for Email Security Report summarizes how technology solutions can be used to address modern email security challenges. It uses data Gartner has gathered over the past year from more than 1,500 customer interactions, and provides security and risk management leaders with recommendations on how to evaluate solutions that tackle today’s email security pain points.
According to Gartner’s 2023 Market Guide for Email Security, security buyers should supplement existing email providers with integrated cloud email security solutions (ICES) like Perception Point Advanced Email Security. Perception Point contains multiple scanning engines and threat intelligence protection against phishing, spam, commodity malware and business email compromise (BEC) attacks.
Some other email security solutions reviewed by Gartner include:
- FortiMail: Offers phishing defenses, threat detection, and spam email blocking.
- Mimecast Email Security: Offers cloud-based email security, compliance, archiving, and continuity.
- Proofpoint Email Security and Protection: Provides an email gateway that detects both known and unknown threats.
- Trend Micro Email Security: Protects against email threats like spam, phishing, malware, and business email compromise (BEC).
Main Challenges Security Teams Face in 2023
An in-depth look of the latest report shows that despite the abundance of email security solutions on the market today, security teams are still struggling with significant challenges, namely:
- Email continues to be a significant attack vector for both malware and credential theft through phishing. An estimated 19% of total data breaches are attributed to compromised or stolen credentials. Moreover, 40% of ransomware incidents begin with email.
- Impersonation and account takeover attacks via Business Email Compromise (BEC) are increasing and causing direct financial loss as users place too much trust in the identities associated with email, which is inherently vulnerable to deception and social engineering.
- As organizations continue to adopt cloud email systems, there is a shift in communication beyond email to other collaboration platforms introducing threats that may not be protected by incumbent email security tools.
Gartner writes that security decision makers augment their cloud email services’ native defenses with third-party Integrated Cloud Email Security (ICES) solutions. The report highlights ML and AI-based detection technologies for anti-phishing and BEC protection as well as URL analysis leveraging computer vision for preventing log-in page impersonation.
Perception Point’s Takeaway 1: Imitate vs Innovate: Modern ICES solutions beat SEG solutions in preventing advanced threats
Similarly to the 2021 Market Guide, we believe Gartner analysts focused on the three main types of email security solutions; vendors were divided into the following categories: Secure Email Gateway (SEG), Integrated Cloud Email Security (ICES) and Email Data Protection (EDP) solutions.
As traditional security tools positioned in the MX record, SEGs have served as the primary line of defense against inbound and outbound email threats.
“Increasingly the combination of the cloud email providers’ native capabilities and an ICES is replacing the traditional SEG.”
Utilizing ”advanced detection techniques, including NLU, NLP, social graph analysis and image recognition”, cloud-native vendors offer protection against the ever-evolving threat landscape.
In addition to threat detection, leading ICES solutions provide account takeover protection by analyzing user behaviors and contextual data like logins, locations, etc.
Gartner notes that although “SEG vendors…have also started to provide ICES solutions and claim to provide enhanced artificial intelligence (AI)/ML capabilities…there is no additional capability that these vendors provide in comparison to other core ICES vendors.” It is also noted that “by 2025, 20% of anti-phishing solutions will be delivered via API integration with the email platform, up from less than 5% today.”
Perception Point has been recognized by Gartner in the Market Guide as a Representative Vendor 4 times in a row.
Perception Point’s Takeaway 2: Integrated MSOAR Simplifies Remediation While Enhancing SOC Productivity
In the report, Gartner emphasizes the importance of email security orchestration automation and response (MSOAR) capabilities which are “Offered to rapidly triage user-reported phishing messages as a managed service, either directly from the vendor or through a managed security service provider (MSSP).”
In addition, most solutions now include conditional banners that inform users to help them make decisions. This reinforces security awareness among employees and simplifies the reporting and remediation processes.
At Perception Point we believe that our all-included managed Incident Response service is in line with Gartner findings. We offer a fully managed incident response service that is natively integrated with the ICES solution and provided at no extra cost.
The service serves as a force multiplier for SOC teams by reducing management overhead, enhancing the user experience, optimizing detection and providing ongoing insights.
Perception Point’s Takeaway 3: It’s More Than Email – Collaboration Tools Pose a Serious Security Threat
Collaboration tools is a common term used to describe cloud channels and SaaS platforms that are designed for communicating along with sharing data and files within the organization and with external parties. Messaging and team collaboration tools (e.g. Slack, Microsoft Teams), cloud storage solutions (e.g. Dropbox, Google Drive), shared virtual spaces, CRM applications (e.g. Salesforce, Zendesk) and in-house applications and APIs are some examples of modern collaboration channels.
Here’s some related content you may enjoy: Salesforce Security: Should it be a Concern for you?
In the 2023 Market Guide for Email Security, Gartner notes:
“With the shift to remote and hybrid working, communication is moving beyond just email to include collaboration tools such as LinkedIn, Microsoft Teams, Slack etc., with users outside the organization. Attackers can potentially use these for phishing and malware distribution. Although email is still the most common attack vector, many attackers use emails to begin the communication and then move it to Slack, Teams or any other collaboration platforms.”
Attacks coming through these channels share a lot of similarities with the “usual” email-borne threats. Attack campaigns targeting collaboration tools may involve impersonation, mass spreading of malicious malware/URLs, and many result in ransomware.
Many organizations are failing to identify the vulnerability of communication channels other than email, which are often overlooked despite being highly targeted by attackers. This blindspot has been acknowledged by Gartner, which recommends the implementation of ICES solutions with API integrations to secure both internal and external cloud collaboration channels.
“Several vendors’ solutions can use their API integrations into collaboration platforms to filter malicious content or suspicious interactions. Many of these solutions use ML and NLU capabilities to analyze the communications across multiple channels and prevent attacks.”
Recommendations for Security Decision Makers
When defining the category, Gartner mentioned one common characteristic of ICES solutions: the API deployment.
In the report, Gartner highlights essential capabilities for security and risk management leaders to look for when evaluating ICES vendors:
- Email security solutions that include anti-phishing technology for targeted BEC protection that use AI to detect communication patterns and conversation-style anomalies
- Account takeover protection which analyzes user behaviors and various other factors such as login behavior, locations, authentication methods, etc. They detect and alert which account has been compromised and take remediation actions if required.
- API integrations into collaboration platforms to filter malicious content or suspicious interactions.
- Additional visibility into internal traffic and other communication channels can reduce risk, as these solutions create communication graphs and baseline user activity to detect suspicious behavior.
Why You Should Evaluate Perception Point Today for Preventing the Threats of 2023 and Beyond
Perception Point is a Prevention-as-a-Service company for the fastest and most accurate next-generation detection, investigation, and remediation of all threats across an organization’s main attack vectors – email, web browsers, and cloud collaboration apps.
Perception Point’s solution streamlines the security environment for unmatched protection against spam, phishing, BEC, ATO, ransomware, malware, Zero-days, and N-days well before they reach end-users.
- Perception Point has been recognized 4th time in a row as a Representative Vendor in their 2023 Market Guide for Email Security (ICES category).
- Perception Point has been rated #1 on the 2022 SE Labs independent detection testing for the best detection rates and lowest false positive rate.
Multiple layers of next-gen static and dynamic engines together with patented anti-evasion technology and image recognition algorithms protect organizations against malicious files, URLs, and sophisticated social engineering techniques. All content is scanned in near real-time, ensuring no delays in receipt, regardless of scale and traffic volume. The solution’s natively integrated, free of charge, and fully managed incident response service acts as a force multiplier to the SOC team, reducing management overhead, accelerating remediation, improving user experience and delivering continuous insights.
Deployed in minutes, with no change to the enterprise’s infrastructure, the patented, cloud-native and easy-to-use service replaces cumbersome legacy systems.
Fortune 500 enterprises and organizations across the globe are preventing attacks across their email, web browsers and cloud collaboration channels with Perception Point.
Attribution: Gartner Market Guide for Email Security, Ravisha Chugh, Peter Firstbrook, Franz Hinner, 13 February 2023.
Disclaimer: GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.