Email security faces increasingly complex challenges as threat actors continue to enhance their level of sophistication and push the bounds of the threat landscape, targeting new communication channels like Microsoft Teams, Slack and more. The 2023 Gartner Market Guide for Email Security Report summarizes data Gartner has gathered over the past year from more than 1,500 customers, while also examining how modern technology solutions can be leveraged to tackle today’s email security pain points.

Main Challenges Security Teams Face in 2023

An in-depth look of the latest report shows that despite the abundance of email security solutions on the market today, security teams are still struggling with significant challenges, namely:

• Email continues to be a primary vector for cyber attacks. Whether they are malware-driven or social-engineering threats, an estimated 19% of total data breaches are attributed to compromised or stolen credentials. Moreover, 40% of ransomware incidents begin with email. 
• Vendor impersonation and account takeover through Business Email Compromise (BEC) continue to rise, resulting in direct financial losses. This is largely due to end-users having an overreliance on the credibility of email, which are naturally susceptible to social engineering techniques
• With the increasing adoption of cloud email by organizations and the shift to remote and hybrid work, communication channels have expanded beyond email to various collaboration platforms (Slack, Microsoft 365 apps, Salesforce, etc.). This has introduced new threats that are not adequately safeguarded by the conventional email security tools.

To address these pain points, Gartner recommends that security decision makers augment their cloud email services’ native defenses with third-party Integrated Cloud Email Security (ICES) solutions. The report highlights ML and AI-based detection technologies for anti-phishing and BEC protection as well as URL analysis leveraging computer vision for preventing log-in page impersonation.  

Takeaway 1: Imitate vs Innovate: Modern ICES solutions beat SEG solutions in preventing advanced threats  

Similarly to the 2021 Market Guide, this year Gartner’s analysts focused on the three main types of email security solutions; vendors were divided into the following categories: Secure Email Gateway (SEG), Integrated Cloud Email Security (ICES) and Email Data Protection (EDP) solutions.

As legacy security tools positioned in the MX record, SEGs have traditionally served as the primary line of defense against inbound and outbound email threats. 

ICES solutions that leverage APIs on the other hand, continue to gain momentum augmenting or completely replacing an existing SEG infrastructure or the built-in protection of cloud email services (Google Workspace, Microsoft 365, etc.). Although “Microsoft and Google continue to dominate the market and the capabilities they provide are decent but insufficient for some sophisticated attacks.”

Utilizing ”advanced detection techniques, including NLU, NLP, social graph analysis and image recognition” cloud-native vendors like Perception Point (a representative ICES provider recognized by Gartner 4 times in a row) offer significantly better protection against the ever-evolving threat landscape. In addition to threat detection, leading ICES solutions provide account takeover remediation by analyzing user behaviors and contextual data like logins, locations, etc.

Gartner notes that although “SEG vendors like Proofpoint and Mimecast have also started to provide ICES solutions and claim to provide enhanced artificial intelligence (AI)/ML capabilities… there is no additional capability that these vendors provide in comparison to other core ICES vendors.” The report highlights a significant growth rate for ICES, which will gain even more prominent market share:“By 2025, 20% of anti-phishing solutions will be delivered via API integration with the email platform, up from less than 5% today.”

Learn more about the key differences between ICES and SEG solutions here

Takeaway 2: Integrated MSOAR Simplifies Remediation While Enhancing SOC Productivity 

In the report, Gartner emphasizes the importance of email security orchestration automation and response (MSOAR) capabilities which are “Offered to rapidly triage user-reported phishing messages as a managed service, either directly from the vendor or through a managed security service provider (MSSP).” 

In addition, ICES solutions may include conditional banners that inform users to help them make decisions. This reinforces security awareness among employees and simplifies the reporting and remediation processes.

Perception Point’s all-included managed Incident Response service is in line with Gartner’s findings. Offering a fully managed incident response service that is natively integrated with the ICES solution and provided at no extra cost. The service serves as a force multiplier for SOC teams by reducing management overhead, enhancing the user experience, optimizing detection and providing ongoing insights.

Learn more about the managed Incident Response service here

Takeaway 3: It’s More Than Email – Collaboration Tools Pose a Serious Security Threat 

Collaboration tools is a common term used to describe cloud channels and SaaS platforms that are designed for communicating along with sharing data and files within the organization and with external parties. Messaging and team collaboration tools (e.g. Slack, Microsoft Teams), cloud storage solutions (e.g. Dropbox, Google Drive), shared virtual spaces, CRM applications (e.g. Salesforce, Zendesk) and in-house applications and APIs are some examples of modern collaboration channels.

In the 2023 Market Guide for Email Security, Gartner notes: 

“With the shift to remote and hybrid working, communication is moving beyond just email to include collaboration tools such as LinkedIn, Microsoft Teams, Slack etc., with users outside the organization. Attackers can potentially use these for phishing and malware distribution. Although email is still the most common attack vector, many attackers use emails to begin the communication and then move it to Slack, Teams or any other collaboration platforms.”

Attacks coming through these channels share a lot of similarities with the “usual” email-borne threats. Attack campaigns targeting collaboration tools may involve impersonation, mass spreading of malicious malware/URLs, and many result in ransomware. 

Many organizations are failing to identify the vulnerability of communication channels other than email, which are often overlooked despite being highly targeted by attackers. This blindspot has been acknowledged by Gartner, which recommends the implementation of ICES solutions with API integrations like Perception Point to secure both internal and external cloud collaboration channels.

“Several vendors’ solutions can use their API integrations into collaboration platforms to filter malicious content or suspicious interactions. Many of these solutions use ML and NLU capabilities to analyze the communications across multiple channels and prevent attacks.”

Learn more about collaboration channels threats and security costs in the latest Osterman Research report

Recommendations for Security Decision Makers 

When defining the category, Gartner mentioned one common characteristic of ICES solutions: the API deployment. 

In the report, Gartner highlights essential capabilities for security and risk management leaders to look for when evaluating ICES vendors:

• AI and ML-based detection of BEC attacks and computer vision technology  preventing advanced phishing techniques
• Account takeover protection and analysis of user behaviors and contextual data such as login behavior, locations, and authentication methods to detect and remediate breached accounts
• API integrations for collaboration tools for detection and filtering out of malicious content coming into the organization
• The ability to scan internal email traffic for lateral-movement and insider threat

Why You Should Evaluate Perception Point Today for Preventing the Threats of 2023 and Beyond

Perception Point is a Prevention-as-a-Service company for the fastest and most accurate next-generation detection, investigation, and remediation of all threats across an organization’s main attack vectors – email, web browsers, and cloud collaboration apps. 

Perception Point’s solution streamlines the security environment for unmatched protection against spam, phishing, BEC, ATO, ransomware, malware, Zero-days, and N-days well before they reach end-users.

• Perception Point has been recognized 4th year in a row as a Gartner Representative Email Security Vendor in their Integrated Cloud Email Security (ICES) category of the Market Guide for Email Security.
• Perception Point has been rated #1 on the 2022 SE Labs independent detection testing for the best detection rates and lowest false positive rate. 

Multiple layers of next-gen static and dynamic engines together with patented anti-evasion technology and image recognition algorithms protect organizations against malicious files, URLs, and sophisticated social engineering techniques. All content is scanned in near real-time, ensuring no delays in receipt, regardless of scale and traffic volume. The solution’s natively integrated, free of charge, and fully managed incident response service acts as a force multiplier to the SOC team, reducing management overhead, accelerating remediation, improving user experience and delivering continuous insights. 

Deployed in minutes, with no change to the enterprise’s infrastructure, the patented, cloud-native and easy-to-use service replaces cumbersome legacy systems.

Fortune 500 enterprises and organizations across the globe are preventing attacks across their email, web browsers and cloud collaboration channels with Perception Point.

To learn more about Perception Point, visit our website, follow us on LinkedIn, Facebook, and Twitter, or contact us.