Though spam has been around since almost the beginning of email, it started to evolve in the 2010s to something far more malicious. The days of the Nigerian Prince email scams were long behind us. Now, there is a whole network of shadowy online hackers that leverage phishing to break into cloud-email accounts and a dark-web ecosystem that allows them to monetize those scams. Everyone, from individuals to the largest companies, is experiencing the attacks and seeing the risk.
The anti-spam solutions built were not designed well to block phishing. They relied on some natural language processing, but mostly rely on mass-senders and static block-lists. This is no longer efficient for phishing that is much more targeted by nature and leverages sophisticated obfuscation techniques specifically designed to trick the user and bypass the security layers.
More than 90% of all enterprise breaches start with a phishing email, making it by far the predominant method hackers use to infiltrate companies, and it continues to grow to record numbers with another 15% increase in 2020. Despite this, the way that many companies secure their email hasn't changed. Even though most companies have moved to cloud-based email (Microsoft 365 or G-Suite), they still rely on legacy email gateways to secure their email. Despite the failure of this architecture to secure their cloud email and despite the increasing financial cost associated with phishing attacks, many companies are still protecting their email the same way they did when the email was hosted on-premise.
For on-premise email, the email server sat in a data center, protected by a security stack designed specifically for on-premise email. The main security apparatus was a Secure Email Gateway, now commonly referred to as Legacy Email Gateways (LEGs). For on-premise email, LEGs worked well. It utilizes a message transfer agent (MTA) to filter emails and work essentially as an email firewall for inbound email.
Fast forward to 2021; now, an estimated 70% of companies use cloud email services. This shift to the cloud has caused LEGs to be much less effective in protecting email because LEGs don't leverage default, cloud security and cannot stop internal attacks or learn the relationships between users at an organization. It’s a square peg into a round hole.
Because LEGs are no longer an effective way to protect email, it led to the development of a new approach. This new approach utilizes Application Programming Interfaces (API) to implement security. It has significant advantages over LEGs, including understanding the internal context needed, driven by innovative machine learning algorithms, to stop the most sophisticated attacks like Business Email Compromise attacks; visibility into account compromises; post-attack forensics and remediation, and, for some vendors, the ability to scan inline—after default email security from Microsoft or Google, but before the email reaches the inbox.
And because it connects via API, these solutions can also provide protection for the entirety of the business cloud suite, including applications like OneDrive, SharePoint, Teams, Google Drive and beyond the primary suite, to apps like Slack, Dropbox and more.
This new category is expanding rapidly, in large part because LEGs are unable to stop today's threat. This new category is still being defined, but it is currently being referred to as Cloud Email and Collaboration Security.
Now, with a single approval of an API, every line of cloud business communication can be secured.