Enterprise email architecture is evolving, which is good news for cybercriminals. Legacy secure email gateways (SEGs) simply don’t provide full protection from today’s evolving and costly attacks, and cloud-based email requires a new security approach. In contrast, the next generation of email security—the AI-powered Secure Email Cloud—gives organizations more comprehensive security and better control over the email channel to protect against financial losses, brand damage, and data breaches.
Enterprise email architecture hasn’t changed much for more than a decade, when a typical organization had mailboxes on Microsoft Exchange, with a security perimeter in front. Early on, the main perimeter element was a SEG with antispam and antivirus tools to scan for malicious content. Next came the advanced threat protection layer, which was added on to address new types of identity deception and brand impersonation attacks.
This model works in theory, but when it comes to email security, cybercriminals are outsmarting the technology. The evidence of the legacy setup’s shortcomings makes headlines every week: scams that impersonate executives to request direct-deposit changes, account takeovers that now account for over 20% of all advanced email attacks, and spear-phishing attacks that use brand deception to defraud and extort victims.
Losses from business email compromise (BEC) scams rose by 136% between December 2016 and May 2018. BEC attacks have cost organizations more than $12.5 billion since 2013, and recent research from the IC3 shows that it cost $1.3 billion last year alone.
Despite the vulnerabilities of legacy email architecture and SEGs, many organizations have stayed with their setup. This is understandable—there is no denying that change is disruptive. But as technology firms drive the email transformation, security needs to adapt to the new architecture.
Microsoft is encouraging its enterprise clients to transition to cloud-based Office 365. From 2015 to 2018, the number of commercial-organization O365 subscribers rose from 60 million to 155 million—a move that is rendering users’ old email security architecture irrelevant. And while the controls built into Office 365 are great for blocking a number of attacks, they are not necessarily as effective for the next-generation of advanced email threats that use identity deception and other techniques to bypass existing controls.
Put simply, secure email gateways worked for the on-premise solutions they were built to protect, but they are unable to make the transition to the next generation of email architecture. Office 365 is built for the cloud and needs a level of protection that was designed for it—the next-generation Secure Email Cloud.
Osterman Research surveyed more than 100 organizations using Office 365 and found that many use third-party solutions to reinforce or replace their security tools. Uses for third-party solutions include faster email scanning, a consolidated view of security threats, security options for transitional hybrid email environments, and granular control of data loss prevention policies.
Perhaps most important for BEC prevention, third-party solutions are used to detect phishing attacks that use look-alike and sound-alike domains, because Office 365 only flags exact domain-name matches.
The Secure Email Cloud was created to build upon—not replace—viable technology. Rather than replicate the gateway and advanced threat protection features that email providers are building into their cloud-based email solutions, the Secure Email Cloud complements them, with more powerful tools that expand protection and give clients more control over their email security programs. This is why most of our customers are using Office 365 together with the Secure Email Cloud to provide in-depth defense for their email infrastructure.
For robust email security, organizations need malicious attachment and URL analysis, brand spoofing protection through the use of DMARC, and a way to protect against identity deception, along with visibility and reporting that is easy to access in a consolidated view. Policies should be customizable, with the organization in control of rules, priority, and execution order for data-loss prevention. If the built-in solution cannot be tailored to the organization, a third-party solution can and should provide that level of control. Agari provides all this and more with the Secure Email Cloud—the only solution on the market tailor-built for cloud-based email.
As more organizations migrate to the new email architecture and a stronger security posture, those who remain behind risk becoming bigger targets for the cybercriminals looking to maximize the return on their attack-vector investment. It’s time to get serious about moving away from the legacy Secure Email Gateway. It’s time to move to the next-generation Secure Email Cloud.
See how cybercriminals are bypassing existing defenses in our deep-dive into cybercriminal gang London Blue.