On October 7 2021, Gartner published their latest ‘Market Guide for Email Security’, a research document derived from more than 1,400 Gartner client interactions between June 2020 and June 2021 that covers the ongoing evolution of the email security market .
The Market Guide defines email security market challenges, outlines categories and Representative Vendors, and provides recommendations for security leaders responsible for email security.
This blog will cover our thoughts on the recommendations and key findings of the 2021 Market Guide for Email Security.
BEC and Ransomware Challenges
The threat of Business Email Compromise (BEC) looms larger every year. The FBI reported $1.86 billion in losses related to BEC and Email Account Compromise (EAC) attacks in 2020. While these attacks started out as relatively straightforward email spoofs of CEOs or CFOs asking for gift cards, they have grown to encompass attacks such as payroll diversion fraud, vendor email compromise, as well as industry-focused scams targeting sectors like higher education and healthcare.
“Use email security solutions that include anti-phishing technology for business email compromise (BEC) protection that use AI to detect communication patterns and conversation-style anomalies, as well as computer vision for inspecting suspect URLs.”
This resonates with what Armorblox is observing across our 58,000+ customers. BEC and similar attacks target humans and workflows more than they do any security system. These attacks impersonate entities of trust, hijack free online software, and replicate common email workflows to effect compromise.
Just analyzing email headers, metadata, and other binary data points is not sufficient. Stopping targeted email attacks requires detection that understands the content and context of email communication.
On the connection between ransomware and email, Gartner says, “Many ransomware-as-a-service gangs use email as the initial entry point.” Gartner also says, “An estimated 40% of ransomware attacks start through email.” With recent high-profile cases of ransomware being delivered through phishing emails, we believe email security controls will play a vital role in every organization’s ransomware prevention strategy.
Enterprise adoption of cloud office systems such as Office 365 and Google Workspace is on a clear upward trajectory, with 70% of companies now using cloud email solutions according to the Market Guide. Significant shifts to remote work have continued to fuel this adoption.
Organizations are increasingly moving away from Secure Email Gateway (SEG) solutions and are instead relying on built-in protection capabilities from cloud email providers.
In the Market Guide, Gartner makes the following strategic planning assumption:
“By 2023, at least 40% of all organizations will use built-in protection capabilities from cloud email providers rather than a secure email gateway (SEG), up from 27% in 2020.”
Native email security has made great strides over the past few years - while we believe it can be the foundation of the email security stack, it can’t be the entire building. Research from Feb 2020 validates the need to augment native email security, with more than 53% of respondents finding native email security capabilities to be insufficient.
Gartner makes another strategic planning assumption in the Market Guide:
“By 2025, 20% of anti-phishing solutions will be delivered via API integration with the email platform, up from less than 5% today.”
This aligns with experiences we’ve heard from customers. Whether they are looking to simplify their email security stack, adopt an API-based email security approach, or improve protection against BEC, organizations are moving away from SEGs and instead choosing a combination of native email security and an Integrated Cloud Email Security (ICES) solution.
Which brings us nicely to the next section.
Cool as ICES
Gartner introduces the nomenclature of ICES for the first time in this Market Guide. On ICES solutions, Gartner says:
“Advanced email security capabilities are increasingly being deployed as integrated cloud email security solutions rather than as a gateway. These solutions use API access to the cloud email provider to analyze email content without the need to change the Mail Exchange (MX) record. Integrated solutions go beyond simply blocking known bad content and provide in-line prompts to users that can help reinforce security awareness training, as well as providing detection of compromised internal accounts.”
As a Gartner Cool Vendor in Cloud Office Security, the Armorblox platform aligns strongly with the traits laid out above in our view. Armorblox analyzes thousands of signals across identity, behavior, and language to stop BEC, account takeover, and other targeted email attacks that get past traditional security controls. The platform is built to augment (and not duplicate) native email security.
On where ICES fits in the email security stack, Gartner says:
“Initially, these [ICES] solutions are deployed as a supplement to existing gateway solutions, but increasingly the combination of the cloud email providers’ native capabilities and an ICES is replacing the traditional SEG.”
Gartner also says:
“Include API-based ICES solutions when evaluating email security solutions. The simplicity of evaluation and additional visibility into internal traffic and other communication channels can reduce risk.”
We think the Market Guide portrays email security in a state of transformation driven by cloud email adoption, growing BEC attacks, and improved native email security. Organizations should refer to the guide while evaluating today’s email security threats, auditing their native security capabilities, and selecting appropriate ICES solutions as augments.
To learn more about Armorblox Data Loss Prevention solution, take our DLP Product Tour.
 Gartner, Market Guide for Email Security, 7 October 2021, Mark Harris, Peter Firstbrook, Ravisha Chugh, Mario de Boer
Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Gartner and Hype Cycle are registered trademarks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.