Hello,
I work as a Quality Executive at a Consumer Goods company.
At the moment, we're researching an email security solution. We have 1000+ users.
Among others, we've been looking at these products: Cisco Secure Email, Forcepoint Email Security and Barracuda Email Security Gateway.
Which of those solutions would you recommend? Please explain its advantages.
Would you recommend any different enterprise product? Why?
I appreciate the help.
Hi Kamal,
Firstly, you would have to recognize that there is/are no fast and hard rules to choosing a final preferred product, what works well for company A may not work extensively well for company B. Reason being that: the efficiency of the Security capabilities provided by one tool can be amplified by another tool, particularly for secure email gateway. Hence, if you have an XDR that you intend to leverage with your final product of choice, you will notice that you could experience a greater ROI than having a bare SEG tool.
However, I will advise based on a few realities of today's market in Q3 2022.
1. From my perspective, It will make sense if you take advantage of the built-in protection capabilities from your cloud email provider (I assume you are using O365 or Google mail) rather than investing in a secure email gateway (SEG).
2. Most forward-thinking organizations are shifting away from traditional SEG tools and moving towards ICES, in my opinion, you should ideally be looking for an email security solutions that use ML / AI-based anti-phishing technology for BEC protection to analyze conversation history to detect anomalies, as well as computer vision to analyze suspect links within emails.
3. Should you still choose to pursue SEG asides from an ICES, or you choose to go for an ICES, bear in mind that nothing beats doing a POC as it clearly should consider the security apparatus/investments you have already made in times past.
4. it will be best that you look for solutions that integrate directly into your cloud email via an API, rather than as a gateway, this will ease your evaluation and eventual deployment, besides it improving your detection accuracy, while still taking advantage of the integration of the bulk of phishing protection with the core platform
5. Without having an insight into your current email provider (cloud/on-prem) or other tools in your organization or budget, it will be difficult to give you a bit of precise advice.
Either way, all the best with your selection process, and wishing you a cyber-safe organization.
Tunde is absolutely right and is what I was trying to say in my first answer, Tunde did a better job though. AI based tools without a gateway can be installed in minutes, will pick up more malicious attachments, more content related bad stuff, provide better visibility and introduce controls for you staff to further improve the effectiveness. Typically these tools learn over time and therefore get better as you use them.
Don't forget to consider 3rd party risk by looking at DMARC, SPF & DKIM as well as domain impersonation
Have you considered Proofpoint Email Protection? It’s not one of the options you listed, but I recommend Proofpoint for advanced email security to everyone.
Proofpoint Email Protection defends organizations against advanced email-borne threats, including spear phishing and business email compromise (BEC) attacks. Proofpoint provides inbound and outbound email filtering with industry-leading accuracy to protect users from email-based malware, ransomware, and other sophisticated threats. Proofpoint also helps organizations defend against targeted attacks that use spear phishing emails to bypass traditional security defenses. Proofpoint's Email Protection solution is powered by the Proofpoint Global Intelligence Network (GIN), which processes billions of threat indicators every day to deliver real-time protection against the latest email threats. This combination of technology and intelligence makes Proofpoint Email Protection the most effective way to defend against advanced email-borne threats.
I highly recommend Proofpoint Email Security. My organization has had a great experience so far. The solution completely lives up to its price point.
Proofpoint is an industry-leading email gateway, which can be deployed as a cloud service or on-premises. Apart from providing essential encryption and spam filtering, Proofpoint Email Security solutions also have specific controls to stop BEC attacks. That’s what impressed me because Business Email Compromise attacks have devastating consequences for businesses. Proofpoint has an in-built Advanced BEC Defense engine that’s powered by AI and machine learning. It analyzes multiple message attributes, like header data, sender’s IP address, and message body for red flags and urgency.
We use Managed Proofpoint Security. Managed email security providers like ACE MSS provide Proofpoint Email Security solutions in an end-to-end managed service. With managed email security, you no longer have to worry about managing encryption keys or sudden email attacks. You’ll have a dedicated team of security experts monitoring and analyzing all incoming and outgoing email traffic.
Between the two? I prefer Cisco over Forcepoint. If budget is not a problem a hybrid Cisco Forcepoint multilayer. Or a hybrid Cloud + on-premises.
Bur someone asked about three options...? Which was the third? Why was intentionally avoided Proofpoint and compared "Sharks" with "Piranhas" or Barracudas?
I only can recommend Cisco because it´s the only one with which I'd worked enough. I think it is powerful enough and has a lot of possibilities. In addition, to a great support team.
Top brands don't mean best or most cost-effective. My advice is to look a bit further before you make a decision.
Evidence suggests that most top brands are pretty good at detecting and blocking malicious attachments, best case letting through 1%, but can be worse than 50% when it comes to detecting malicious links in the text of the email.
There are numerous less well-known vendors with lower-cost AI-based solutions that have a far better success rate, also providing employees the ability to report on suspect emails which auto-removes them from other staff members' inboxes until they have been properly assessed. Some will provide a visual risk score to the recipient to give them advance warning to be more cautious.
Combining this kind of capability with staff awareness products keeps your vendor list lower and further improves efficiency.
For around £2 GBP per user per month (less than $3) we provide different vendors depending upon the customer's environment but provided as a managed service. This allows our customers to outsource some of the monitoring and day-to-day management, spread the cost on a monthly basis, and flex how many licences they need on a monthly basis too i.e. if you drop 20 users don't pay for them but if you increase by 20 you don't need complex co-termination and pro rata discussions.