Email security is a fast-moving market. Threats are always adapting and evolving; there are new entrants in the market trying to secure it. Despite that, there are five truths that can help make sense of this market.
91% of breaches start with email. Cyberattacks have increased by 50% year over year; the average phishing attack costs $4.91 million. This has led to a whopping 71% of the SOC being burnt out.
That means that action has to be taken.
That's not us saying that--that's what Forrester says:
"Forrester’s 2021 Wave evaluation of the email security market revealed that secure email gateways (SEGs) are slowly becoming dinosaurs as customers turn to the native security capabilities of cloud email infrastructure providers like Google and Microsoft."
Why are they dinosaurs? By 2023, according to Gartner, “at least 40% of all organizations will use built-in protection capabilities from cloud email providers rather than a secure email gateway (SEG), up from 27% in 2020.”
And organizations are changing because the technology is outdated. SEGs were built for on-prem email. As email has moved to the cloud, the gateway architecture hasn't adapted. SEGs can only scan incoming email and are blind to internal threats; in order to install a SEG, you must disable default filters, so if the SEG misses an email, it goes straight into the inbox. MX records have to be changed, so your security is public knowledge.
In 2004, Blockbuster had 9,094 stores in the US. Now? It's just one. MySpace used to have 100 million users. Now it's just eight million. Entrusting your security to dwindling enterprises isn't the best idea.
By 2025, also according to Gartner, “20% of anti-phishing solutions will be delivered via API integration with the email platform, up from less than 5% today.” It's why Avanan has been named the fastest-growing email security company for two years running. There are now probably a dozen of next-gen, API-based email security vendors in the market, with more on the way.
It's going to happen. With so many entrants into the market, and so many companies displeased with SEGs and default security, the change is going to happen. The question is: How do you separate the wheat from the chaff?
Avanan redefined email security in 2015 with an API-based approach. Only Avanan can block malicious emails before they reach the user's inbox. The other API-based vendors only offer what we call "Detect and Remediate." In other words, all malicious emails enter the inbox and only afterward can it be removed. These inbox incursions are constant, staying in the user's inbox for an average of 183 seconds. That means it's more like email response than email security.
Beyond that, only Avanan's AI is powered by ThreatCloud, the world's most extensive cyber threat intelligence database and extends well beyond email threat data to include threat data from millions of devices including mobile, network, endpoint, and cloud.
Compare the difference in threat intelligence datasets below:
To put the magnitude of Check Point's ThreatCloud intelligence into perspective:
Simply put: as the market continues its shift to next-gen solutions, you want the one that not only created the market, but has the richest and most robust feature set.