Email may seem an unlikely pipeline for cyberattacks, but according to recent analysis from Frost & Sullivan, “Global Email Security Market, Forecast to 2022,” it has become the channel of choice for delivering malware and malware-less attacks, and hackers have begun to employ social engineering techniques for deception and impersonation.
Due to the rising frequency and sophistication of threats, email security grew year on year (YoY) to 11.5 percent in 2017 to touch $2.24 billion. The momentum continued into 2018, with revenues increasing 15.9 percent YoY to $2.59 billion. By 2022, the market is anticipated to be worth $3.58 billion, growing at a compound annual growth rate (CAGR) of 9.9 percent.
Why has email become such a popular medium for hackers? The proliferation of user devices, a mix of device ownership models, always-connected work lifestyles and, above all, the use of cloud-based mailbox services are adding new levels of complexity to email security.
“To tap the opportunities in this market, vendors need to innovate cloud-based solutions as well as augment Office 365 and other cloud email services like Google G-Suite. They will also be looking to build out global data centers to meet data privacy regulations, strengthen cloud resilience, and engage with public cloud (AWS, Azure) for higher scalability,” advises Tony Massimini, senior industry analyst, Digital Transformation. “Furthermore, they may invest in a global threat intelligence network in order to leverage threat intelligence and analytics for advanced threat detection and other functions for email security.”
“Email security has been a crowded and highly fragmented market, but with customers demanding integrated solutions and a single pane of glass, vendors are exploring partnership and consolidation options,” notes Massimini. “Already, vendors like Mimecast offer a fully integrated suite of proprietary cloud services, while the Symantec Email Security solution tightly integrates with security environments via the Symantec Integrated Cyber Defense platform.
For comprehensive email security, Frost & Sullivan says the following items need to be addressed when developing solutions:
- Incorporating more automation to compensate for the shortage of skilled security professionals.
- Complying with data privacy regulations, such as General Data Protection Regulation(GDPR).
- Focusing on malware-less threat detection, threat analytics, and behavioral analysis. Email security awareness training is important.
- Developing data loss prevention (DLP), as well as detection and remediation technologies for outbound email.
- Leveraging email security across the security suite.
- Innovating cloud security and augmenting Office 365 and other cloud email services.