Email is the lifeline of modern business, but it also poses one of the biggest cybersecurity risks. Over 90% of cyberattacks start with a phishing email designed to trick users into handing over sensitive information. The impacts of such attacks can be devastating – from costly outages and data breaches to lasting reputation damage.
This comprehensive guide will explore the expanding landscape of email security solutions available today to help you secure your business:
The Rising Threat Landscape for Email
While email remains essential for communication and collaboration, it has also become the preferred vector for cybercriminals to infiltrate networks. Here are some key email-borne threats:
Phishing – Fraudulent emails posing as trusted sources to steal passwords, financial information and spread malware. Phishing tactics are becoming extremely sophisticated with minimal spelling errors and convincing branding.
Business Email Compromise (BEC) – Advanced social engineering scam typically targeting finance and HR teams to initiate unauthorized wire transfers to criminal accounts. The FBI states that BEC scams have caused over $26 billion in losses between 2016-2019.
Ransomware – Malicious software that locks computer systems until a ransom is paid. Ransomware is often delivered through weaponized email attachments and links.
Data Exfiltration – Sensitive corporate data like customer records, trade secrets, IP can be stolen over email and sold on the dark web.
Malware – Viruses, trojans, spyware and other threats transmitted via infected attachments and links leading to everything from nuisance adware to debilitating system shutdowns.
Spoofing – Imposter emails mimicking a trusted contact or brand to appear legitimate. Spoofing tricks users into handing over credentials or sensitive data to criminal accounts.
The impacts of an email-based attack can hence go far beyond temporary Mailbox unavailability to long-term business disruption.
Key Impacts of Email Threats
Reputational harm – Data breaches and email security lapses exposed through media coverage can severely damage brand image and trust.
Loss of customers – Following an incident, customers lose confidence in the company‘s ability to safeguard their data. Churn is accelerated.
Regulatory Non-compliance – Failure to prevent phishing, spoofing and other email fraud can lead to heavy PCI, HIPAA and GDPR fines if sensitive data gets compromised.
IP and Data Theft – Key corporate data like customer lists, trade secrets, source code exposed over email can demolished competitive advantage when leaked publicly or sold to rivals.
Remediation costs – Expert forensics, legal fees, customer notifications, credit protection services in the aftermath of an email attack can run into millions.
Lost Productivity – Malware leading to system shutdowns, users locked out of inboxes impacts staff output and customer response times.
Diversion of Resources – IT teams overwhelmed by phishing response and containment efforts on top of daily responsibilities.
With so much at stake, specialized email security solutions are now a must-have for companies of all sizes.
Types of Email Security Solutions
Broadly speaking, email security solutions fit into one of three categories:
Secure Email Gateways
These operate at the network perimeter, positioned between your email infrastructure (O365, G Suite, On-premise Exchange/Groupwise etc) and the Internet. All inbound and outbound email traffic is routed through the gateway for scanning and policy enforcement.
Examples – Mimecast, Barracuda, Proofpoint, Cisco Email Security.
Cloud Email Security Platforms
Instead of appliances, these are 100% cloud-based solutions that integrate with email platforms via APIs and journaling features. This light-weight approach minimizes latency while still offering multiple layers of threat prevention.
Examples – Inky Phish Fence, GreatHorn, Abnormal Security.
Anti-Spam / Anti-Phishing Filters
Affordable cloud services focused specifically on blocking unwanted spam and phishing threats before they clog up employee inboxes. But protection is limited compared to full-fledged Secure Email Gateways.
Examples – Spamtitan, MailChannels, SpamBully.
Leading Secure Email Gateway Solutions
For most mid-size and enterprise organizations, a full-featured Secure Email Gateway is recommended as a first line of defense given the multifaceted email threats faced today. Here are some top solutions with in-depth capabilities:
Mimecast Email Security with Targeted Threat Protection
Mimecast’s security stack is amongst the most comprehensive in the industry with multiple threat detection engines including:
- Anti-malware – Blocks malware, viruses, trojans using static and dynamic techniques
- Sandboxing – Suspicious attachments detonated in isolated environment to expose malicious behavior
- Impersonation Protection – Blocks spoofed/fake domains posing as trusted brands
- Denial of Service Protection – Detects and blocks flooding attacks aimed at overwhelming mail infrastructure
- Spam and Graymail Control – Applies a number of tests on content, source, authenticity to catch unwanted mail
- Auto Remediation – Outbound quarantine capabilities to instantly remove dangerous emails recipients may have already opened/clicked within mailboxes.
Mimecast also offers awareness training, secure messaging, archiving and business continuity capabilities. Pricing starts at $30 per user/month with volume discounts available.
Cisco Email Security
Cisco Email Security (formerly IronPort) provides four layers of interlocked defence anchored by the industry‘s fastest threat detection capabilities:
- Outbreak Filters – Aggressive detection of emerging campaigns and delivery of updated filters in under a minute to all customers simultaneously.
- Anti-Spam and Anti-Virus – Over 85% catch rates against known threats using reputation algorithms, behavioral analysis and machine learning techniques.
- Advanced Malware Protection (AMP) – Sandboxes suspect files, rewrites harmless attachments to neutralize threats, detects malware call-back communications patterns.
- Data Loss Prevention – Scans outbound emails for sensitive data like credit card numbers, custom regex patterns with flexible remediation options including encrypt/quarantine/delete.
Cisco Email Security can be deployed on-premise or through Meraki cloud. Licensing starts at $9 per user/month for basic protection.
Barracuda Essentials
Barracuda Email Security Service brings advanced threat detection capabilities without the typical complexity:
-
Multi-Layer Anti-Virus – Messages scanned using commercial and open-source virus definitions, heuristic rules and sandbox simulation to block emerging malware.
-
Link and URL Protection – Malicious links exposed at time-of-click by checking context, referrer, content at destination.
-
AI-Based Remediation – Machine learning model revokes dangerous messages post-delivery by alerting recipients in affected inboxes before damage is done.
-
Managed Detection and Response – Suspicious patterns identified by Barracuda security researchers trigger queries applied across customer base to uncover related attacks. Mutating threats contained rapidly via automated responses.
As an cloud-native platform, Barracuda Email Essentials costs just $15 per user/month including 24/7 technical support.
Evaluating Secure Email Gateways
Here are key considerations when investing in a Secure Email Gateway solution:
Breadth of Protection – Anti-spam, anti-phishing and anti-malware capabilities are table-stakes. Prioritize vendors who go deeper with sandboxing, impersonation defense and real-time threat intelligence.
Latency Impact – Solutions relying solely on cloud architectures tend to have less impact but on-premise appliances support larger mail volumes and avoid privacy concerns.
Email Continuity – To survive outages, features like cloud-based emergency inboxes allow continued access to messages until primary infrastructure comes back online.
Support Experience – Check response times, channels available (phone, chat, email, forums, online resources) and processes for managing tickets/cases end-to-end.
Total Cost of Ownership – Factor multi-year licensing, equipment, manpower for maintenance and updates to accurately compare solutions.
API-Based Cloud Email Security
While network security gateways reliably protect the email perimeter, threats can still sneak through employee inboxes via legitimate channels like Office 365. Here API-based security adds a second layer of inspection within the email platform using journaling:
By tapping into events and metadata, comprehensive scanning is conducted after messages have been received but before users see them. This catches threats that evade the first round of filters.
Let‘s discuss the advantages and sample solutions in this emerging category:
Why API-Based Cloud Email Security?
-
Lightweight – No MX record changes or hardware required. Integration via APIs eliminates latency.
-
Detects missed threats – Inspects inside delivery pipeline to catch spear-phishing, targeted attacks that bypass secure gateways.
-
Mailbox-level visibility – Reports which users are high-risk, most targeted, actually engaging with phishing content.
-
Instant user feedback – Suspicious emails tagged with visual indicators (banners, highlighting) frontline users understand and can report threats on.
Inky Phish Fence
Inky leverages computer vision and machine learning to analyze message components – logos, colors, buttons – mimicking trusted brands coupled with structural anomalies around URLs, links and images that signify phishing attempts.
It then dynamically inserts visual tags like Dangerous!, Suspicious! and Unusual! directly within the message body so users can make split-second safe clicking decisions without depending on offline threat reports.
Inky costs just $9 per user/month with discounts for annual contracts.
Abnormal Security
Abnormal succeeds as an add-on control by taking a data-driven approach to threat detection.
It first models each organization‘s communication patterns – who emails who, typical sentiment, frequency etc drawing from cloud adoption. It then flags even slight deviations from baseline behavior profiles as high risk preventing attacks before affected users realize.
For example, an urgent wire transfer request from your CFO (actually a deep fake spear-phishing attack) would be detected immediately by Abnormal‘s engines and stopped given your CFO rarely sends emails after hours.
Their self-learning system ensures protection gets smarter over time as new scenarios (mergers, promotions etc) play out across the business. Abnormal is available on demand with customized pricing.
Evaluating Cloud Email Security
Keep the following aspects in mind with API-based offerings:
Ease of Enablement – Most integrate seamlessly with email platforms via app marketplaces in a few clicks. Limited config changes needed.
Use of ML Models – Threat detection should combine algorithms evaluating technical signals like URLs/attachments with behavioral profiles tuned to organization‘s communication DNA.
End User Transparency – Augmenting dangerous messages with frontline visual tags, hover-over previews educates employees to recognize similar threats.
Scalability – Solutions should throttle based on tenant size and spikes in email volumes driven by seasonal campaigns, outages etc.
Specialist Anti-Spam / Phishing Tools
For small businesses and lean teams with limited budgets, standalone anti-spam and anti-phishing services can still offer adequate protection.
They focus specifically on keeping inboxes clean – getting rid of annoying sales pitches, newsletters and fraudulent offers requesting personal information. This prevents distractions and potential social engineering tricks that introduce risk.
Here are top solutions doing just one thing right – blocking junk to improve productivity:
SpamTitan
SpamTitan is among the best buys for email security with plans starting at $2.49 per user/month covering:
-
Predictive analysis incorporating sender reputation, content inspection, machine learning and sandbox environments to classify threats.
-
Link following at time-of-click to assess redirect chains hiding malicious final destinations.
-
Impostor email alerts for suspicious display name and domain mismatches.
-
Dual anti-virus engines from Bitdefender and ClamAV for comprehensive coverage of known malware and viruses.
SpamTitan natively supports all popular email platforms and is routinely updated as new spamming tactics emerge.
MailChannels Inbound Filtering
If all you need is a spam and malware filter before messages hit your inbox, MailChannels Inbound Filtering hits the spot with plans from $1 per user/month.
It blocks 99.5% of junk thanks to continuous tuning of its multi-layered threat models reflecting new spammer tricks. Suspicious emails can be quarantined for review or auto-purged entirely.
Round the clock support ensures any classification errors are quickly fixed and filters optimized so legitimate mail is untouched.
Evaluating Anti-Spam & Phishing Tools
Key aspects to review with email filtering services:
Accuracy – Balancing false positives i.e flagged good emails vs false negatives i.e missed junk and threats.
List Management – Easy opt-in, opt-out and whitelisting of trusted domains sending newsletters, promotions etc.
Quarantine Review – Before outright deletion, manual oversight of flagged messages to retry delivery.
Scalability – Solutions supporting dedicated IP allowances, high email volumes and multi-domain branding.
Bonus: Quick-Win Email Security Tactics
Beyond specialized security solutions, adopting these email best practices greatly reduces risk:
Multi-factor authentication on employee inboxes prevents unauthorized access when passwords get compromised.
Sender authentication via DMARC, DKIM and SPF verify legitimate emails originating from your domain protecting the brand.
Warnings for external senders make staff more cautious with attachments and links from unfamiliar parties.
Disable email auto-forwarding since compromised accounts can secretly exfiltrate data this way.
Prompt removal of ex-employees from email distribution lists when they leave the company.
Script-detection for identifying JavaScript threats lurking in HTML formatted messages.
Attachment isolated handling via sandboxes and virtual environments limit malware/ransomware triggers.
Business continuity provisions ensure temporary imap access to messages until primary email services are restored following an outage.
Cybersecurity user training combined with simulated phishing attacks keeps threats top of mind among employees as tactics grow more deceptive.
Key Takeaways
This guide summarizes the complete range of email security solutions available today to protect your attack surface:
-
Secure Email Gateways remain the first line of defense with protection spanning anti-spam, anti-phishing, sandboxing and advanced threat prevention.
-
API-based Cloud Email Security serves as a secondary filter flagging threats already inside inboxes before users can be duped.
-
Anti-Spam & Phishing Tools take a lightweight yet targeted approach keeping inboxes tidy and productivity high.
Of course, no solution offers 100% protection. Combining layers with end user education, email best practices and recovery provisions gives your business the best chance to avoid disruptive attacks.
Check out our blog for more cybersecurity articles!
