Email security

Why you should supplement your SEG with an ICES solution

Published on 3rd Mar 2022
How Does Email Encryption Work1440x320

Our recent report Fighting Phishing: The IT leader’s view, shows that 84% of organizations were impacted by a phishing attack over the past 12 months. While most organizations implement tools to deal with these attacks, as criminals grow in sophistication, there's an increased need to supplement this existing technology.

A secure email gateway (SEG) is a great first defense against phishing attacks and other email scams, but organizations should also consider an integrated cloud email security (ICES) solution. 

What is a secure email gateway?

A SEG provides pre-delivery protection to individuals within your business by blocking threats before they reach the mail server. Most email providers are secure and protect businesses from spam, viruses, malware, and DoS (denial of service) attacks.

These providers can block known threats and work as a great add-on to existing antivirus software. What this tool is not so good at, though, is detecting more sophisticated scams such as business email compromise, which is where ICES comes in.

What is an ICES solution?

Using machine learning and natural language processing (NLP), an ICES tool, can go beyond blocking known threats by protecting and educating employees in real-time. In Fighting Phishing: The IT leader’s view, 89% of surveyed IT leaders had at least one issue with the performance of their SEGs. An ICES solution steps in to fill these gaps and better protect a business from malicious actors.

The Gartner 2021 Market Guide defines ICES as the predominant defense against phishing threats that may otherwise slip past traditional security controls. Specific vendor capabilities vary, but the key here is that ICES solutions offer several advantages over SEGs, including advanced threat detection, ease of use, and improved response.

What an ICES solution does

ICES products use behavioral analysis, natural language processing (NLP), and machine learning to detect and stop phishing attacks, account takeovers, and the delivery of ransomware. 

While a secure email gateway might be able to detect known threats, an ICES solution takes this to the next level. While SEGs can scan links and attachments for malware, the more sophisticated attacks use social engineering to lure victims into handing over data or sending money. An ICES product's advanced tools mean it's possible to stop these social engineering attacks before they cause any damage to the business.

Gartner explained in its guide: "[ICES] email security solutions use a variety of advanced detection techniques, including NLU, NLP, social graph analysis (patterns of email communication), and image recognition."

Findings in IBM's Cost of a Breach Report showed that organizations with AI-based security solutions — such as ICES — experienced a significant reduction in data breach costs, cutting breach costs from $6.71m to $2.90m.

Machine learning 

Contextual machine learning allows a tool to understand users' behavior in real-time. That includes the message's content, the sender's typical behavior, their location, and when they're communicating with recipients. That allows the ICES product to spot suspicious activity outside the expected behavior of a user and their recipients. 

NLP

NLP turns language into actionable data. Attackers often use it to find out sensitive information about a target to launch a spear-phishing attack. That's why it's also an important tool in preventing these types of attacks. An ICES solution that uses NLP can understand the context of an email or attachment as a human would and take action accordingly.

Augmentation of SEGs

Augmenting the security of your SEG with an ICES solution is the best way to add additional protection to your business emails. That means you won't just have protection against known threats but also against more sophisticated attacks. An ICES product doesn't need to replace your existing email gateway, either; consider it the next line of defense.

Traditional SEGs provide excellent email hygiene — filtering spam, malware, and some phishing attacks. However, they struggle to detect today's advanced malicious links and payloadless attacks. Treat an ICES tool as a backup for the work your SEG is already doing. By adding machine learning and NLP capabilities to your email security, you'll be able to pick up on more threats, protect your business against email compromise, and foil social engineering attacks.

You might also be interested in ...

Seg555x300
Email security
How do secure email gateways (SEGs) work?

Learn how secure email gateways work and what you need to do to protect your data.

Security Cameras 365X195
Email security
Six essential steps for bolstering your security defenses

Learn how to bolster your organization’s security defenses with these six practical steps that you can begin to implement today.

Padlockkeyboard555x300
Email security
Insider threats in cyber security

Discover Egress's article on insider threats are cyber security; From malicious internal sabotage to accidental email sending or disabling security control.