Dramatic increases in the volume and success of phishing attacks and migration to cloud email require a reevaluation of email security controls and processes. Security and risk management leaders must ensure that their existing solution remains appropriate for the changing landscape.
The adoption of cloud office systems from Microsoft and Google continues to grow, forcing security and risk management leaders to evaluate the native capabilities offered by products.
Impersonation and account takeover attacks are increasing and causing direct financial loss, as users place too much trust in the identities associated with incoming email and are inherently vulnerable to deception and social engineering.
There is no single technology solution to business email compromise (BEC) attacks. Solutions need to be a combination of technology and user education.
Compliance and regulation requirements and concerns are putting greater emphasis on email data security.
Vendors are evolving to support new detect and response capabilities by integrating directly with the email system via API rather than replace the MTA role. This enables faster deployment and multiple complementary solutions to improve detection accuracy.