Email represents the greatest threat vector, responsible for 96% of cybersecurity breaches. And legacy email security solutions that rely on Secure Email Gateways (SEGs) and rule-based controls are simply not up to the task of mitigating increasingly advanced and evolving cyber threats.

In fact, between July 2020 and July 2021, Tessian detected 2 million malicious emails that bypassed SEGs. This declining security effectiveness is the principal reason why security leaders are starting to question whether standalone SEGs have a place in today’s cybersecurity stack.

Combined with growing alert fatigue, and an increasing level of redundancy as organizations adopt SaaS offerings like Microsoft 365 with SEG capabilities natively included, the calls for ripping and replacing SEGs are growing louder. Echoing this shift in the email security landscape, Gartner predicts by 2023, 40% of organizations will be using a cloud email security solution like Tessian in place of a SEG.

Static vs. dynamic protection

The vast majority of organizations still rely on SEGs as the main method of filtering out malicious email-based attacks. Developed in 2004 and designed in the era of on-premise email servers, one of several shortcomings of SEGs is the reliance on an overly manual, rule-based approach, based on threat intelligence.

By using threat intelligence-derived deny lists, creating allow lists, or using signatures for message authentication, SEG-based email security controls are reactively geared to protect your company’s email and data — but only from known threats.

The SEG-based approach offers no protection against zero day attacks, which is a significant and growing threat vector — with zero day discoveries up by 100% in 2021. SEG solutions also fall short against attackers that have invested resources and effort into advanced social engineering campaigns, which are able to circumvent the static, rule-based controls. The greatest attack types that SEGs fail to prevent include Business Email Compromise (BEC), Account Takeover (ATO) and advanced Spear Phishing attacks.

Email threats are on the rise

All it takes is one malicious email to bypass your existing security controls. And as Tessian research has demonstrated, malicious email bypassing SEGs and native tools is extremely common today. This is why Business Email Compromise (BEC) is seen as one of the leading threat vectors to organizations, resulting in $1.8 billion in losses in 2020. 

Cybercrime is also steadily becoming more organized, with cybercriminals offering professionalized “Cybercrime-as-a-Service” offerings. Threat actors are able to bypass SEGs by leveraging intricate social engineering exploit kits procured on the dark web. They’ll even go so far as to recruit unsuspecting cybersecurity professionals to carry out attacks. Spear phishing and ATO are common methods for either perpetrating cyber fraud, data exfiltration, or even more worryingly, deploying ransomware. 

The growing prominence of zero day attacks and ransomware is of particular concern. International law enforcement agencies note remote workers are being targeted with phishing emails carrying malicious payloads, including ransomware. With the  frequency of attacks doubling in the past year, ransomware attacks are now seen as the foremost threat faced by organizations.

Why organizations are ripping and replacing their SEGs

This is where best-in-breed email security solutions like Tessian come into play. Tessian Cloud Email Security intelligently prevents advanced email threats and protects against data loss, to strengthen email security and build smarter security cultures in modern enterprises.

Relying on machine learning and behavioral intelligence, Tessian is able to detect and prevent anomalous and malicious inbound and outbound email traffic, including preventing data loss. Unlike SEGs, Tessian also offers protection against numerous collaboration platform entry points like Microsoft SharePoint, OneDrive and ShareFile. 

And with over 70% of enterprises now hosted in one or more public clouds and utilizing SaaS productivity suites such as Microsoft 365 or Google Suite, which include native SEG capabilities such as sender reputation and authentication, spam filtering and custom routing rules, is yet another reason why standalone SEG solutions are redundant.

If you combine these native capabilities with an intelligent inbound and outbound solution like Tessian, robust email security protection is guaranteed.  

Some of the standout features offered by Tessian include advanced Attachment and URL Protection (behavioral analysis and threat intelligence), as well as a range of Impersonation Attack Defense capabilities, such as:

• Internal Impersonation & CEO Fraud
• Advanced Spoof Detection
• Counterparty & Vendor Impersonation 
• Brand Impersonation
• External Account Takeover 
• Invoice Fraud
• Credential Theft

Tessian also offers protection against malicious data loss enabled through a successful social engineering campaign, or accidental, for example, an employee sending sensitive company data to a personal email address. Other unique features include in-the-moment- security awareness training for suspected phishing email, as well as in-the-moment DLP  pop-ups.

Combined with Microsoft 365 or Google Workspace, Tessian’s ability to address sophisticated inbound email security threats across expanding entry points places it into the best-of-breed inbound email security solution category. But when combined with Tessian’s advanced DLP capability, it becomes undeniable that it’s time to replace your SEG for the next generation of unrivaled email security. And this is why Tessian was recognized as a representative vendor for Integrated Cloud Email Security in the 2021 Gartner Market Guide to Email Security.

Want to learn more about how and why security leaders are replacing their SEGs with Tessian? Check out our customer stories or book a demo.