Email security breaches continue to be the number one threat vector both at work and in our personal email activities. Email also just happens to be one of the most important tools individuals and companies use to communicate, both internally with colleagues and externally outside their domain.
Why email is so vulnerable
Email is a vessel in which phishing, spam, malware, and social engineering attacks arrive in inboxes on a daily basis. Every day, email hits our gateways, some of which attempts to spoof and fool users into providing information that can lead to headaches, money loss, and anxiety. It’s a doorway for predators who will make promises, offer a service, request money, impersonate a government official, and more, trying to acquire personal information or something of value. Alarmingly, it’s also a vector which leads to ransomware attacks. According to blackfog.com, it’s anticipated that a business gets attacked by a cybercriminal every 11 seconds, and damage from these attacks will reach upwards of $20 billion in 2021. Ransomware issues are growing and will continue to do so. Aside from malware attacks that could occur via attachments, phishing emails and Graymail are also some of the biggest culprits of email threats. Data loss is a huge issue when it comes to email security and, as we know, data is what drives everything. Without an email encryption solution, a major aspect of data loss prevention, endpoints will continue to be vulnerable to attacks on sensitive data.
Email Security Solutions
Many vendors offer email security solutions, each claiming to have the features required to protect the customer from attacks. There are myriad examples, but some of the most popular ones include:
- FortiMail by Fortinet, which boasts 99.9% detection of malicious email, rated by the ICSA.
- Mimecast’s Email Security Gateway, which has one of the top-rated peer-reviewed Gartner email gateways. It prides itself on a cloud platform that can quickly deploy enterprise-wide changes when needed.
- Barracuda has an Email Security Gateway program that has an intuitive and simple management interface with features like spam and virus filters, as well as data protection and encryption.
- Microsoft O365 also has a solution called Advanced Threat Protection, a cloud-based platform that can be used to protect your O365 cloud or on premises Exchange environment.
- Cisco Secure Email—a possibly overlooked player in the email security space, and the one we are focusing on today.
Cisco Email Security Offerings
An industry leader in many realms of technology, Cisco offers email security appliances (ESAs) and solutions that thwart off attacks, built by some of the best minds in the engineering world. Their email security is one of the best on the market.
Cisco’s email security offering really took off in 2007 when they acquired IronPort and began to integrate that product line into their own branded email security platform. Since then, they have continued to evolve the product—once IronPort Email Security Appliance and now called Cisco Secure Email—from not only an on-premises physical box solution, but a virtual server solution as well as cloud mailbox defense for companies that are deploying email as a cloud service, e.g., Microsoft Office 365.
Cisco’s Secure Email offering encompasses a host of features and benefits:
- Talos, Cisco’s threat research division, provides threat intelligence for advanced malware protection and to block unwanted email.
- Anti-spam with catch rates as high as 99%.
- Advanced phishing email protection which helps identify deception-based attacks derived from social engineering and imposters.
- Graymail detection and safe unsubscribe features which identify all of those marketing and social networking emails that can have phishing unsubscribe mechanisms.
- AMP and Threat Grid for file reputation scoring.
- Data loss prevention (DLP) can also be enabled within the Cisco Email Security environment, which helps to stop sensitive and important data from falling in the wrong hands.
- Secure Email Encryption Service, an aspect of data loss prevention (DLP), allows for an organization to safely and securely transmit inbound and outbound email. It utilizes authentication on the remote end for the user to be authorized to see the message.
- A Sophos and McAfee antivirus solution, outbreak filters, and forged email detection provide further cybersecurity.
Cisco Secure Email offers three software bundles: Cisco Email Security Inbound Essentials, Cisco Email Security Outbound Essentials, and Cisco Security Premium.
Gartner Peer Insights
In many instances, the Gartner Magic Quadrant is the end all, be all insight into which vendors are the industry visionaries and leaders in various sectors. Email security is no longer rated as a Magic Quadrant in Gartner, unfortunately. However, Gartner recommends using the Peer Insights portion of the site for email security options. Cisco comes in at 4.4 for their reviews, a very solid number with a 93% recommendation rating among users. Cisco continues to adapt to the space with cloud-enabled solutions. Cisco Cloud Mailbox Defense is an excellent step toward visualizing what is needed in the future to protect users from email cyber threats.
In the end, Cisco has its hands in a lot of things, email security being one. They offer a solid product line that has evolved over the years and is continuing to adapt to the needs of today’s businesses. They have proven to be a true visionary in the field and we can count on them to have an eye toward the future.
Mainline Security Practice
Mainline Information Systems has relationships with security providers like Cisco that are focused on email, virtual server, cloud, and network security. Our security experts help our customers architect solutions to protect their data. From analyzing the current architecture to designing and implementing a new solution, Mainline Information Systems has the proficiencies necessary to put your environment on secure footing, protecting it from cyber attacks. For more information on security solutions, reach out to your Mainline representative directly, or click here with any questions.
Related Articles and More Information
VLOG: (2:06) Getting More Out of Your SIEM Solution