Cofense - Security Awareness Training & Email Threat Detection

How to Choose an Email Security Solution

By many experts’ estimates, security teams spend close to 25 percent of their time dealing with phishing attacks. When phishing threat actors are becoming more active and sophisticated, and security teams are overloaded and overwhelmed, comprehensive email security is no longer an option. It’s a strategic necessity.

Choosing an email security solution may be one of the most important tasks confronting enterprise security leaders. Yet, it may also be among the most challenging to get right. A few guidelines can help inform sound choices when evaluating the many available options.

Prioritize Core Capabilities

Fundamental capabilities of email security – many of which seem obvious – include protections against spam, malware, malicious links, and business email compromise (BEC). Also critical are, of course, encryption, data loss protection (DLP), DMARC services, and phishing-awareness training. Can you find a vendor or solution that offers all of these via services that are operationally feasible and user-friendly?

Many enterprises opt for a secure email gateway (SEG) for monitoring sent and received emails. The SEG may be cloud-based or on-premises as a device or virtual appliance equipped with software designed to identify and filter unwanted communications.

There are pros and cons to this option. For top-rated SEGs, pros include spam filtering, malware, phishing protection, reporting, and admin controls. Among the cons are cost and complexity, and the inability to foil clever threat actors. For example, SEGs can’t block spoofed emails or URLs, a favored tactic that phishing threat actors use to steal credentials, launch malware, and more. Nor can SEGs reliably counter BEC. Also, because SEGs sample from ongoing attacks, they aren’t updated fast enough to consistently capture modern phishing attacks. These begin and end quickly, sometimes within hours.

Understand Email Threats

The number-one email threat is phishing, traditionally employing corrupt attachments, URLs that – when clicked – route to malware-laden sites, and other types of come-ons that lure recipients through urgency or scare tactics to reveal sensitive information. Advanced email threats are effective because they’re far harder to detect and prevent. Their architects know what SEGs can and can’t do.

For example, attackers will use compromised Microsoft Office 365 accounts to send convincing “update required” messages. They’ll spoof banking websites and shopping sites in a portal presented in an email message. These are often near-exact duplicates of the real thing and are very hard to spot. Cloud filesharing also is abused by phishing threat actors. Among the ploys: Recipients are advised via email that a document requires immediate review and attention. This tactic has stumped even the experts.

Augment or Replace System-Based Email Security

For enterprises using cloud email and its built-in security as a first line of defense, it’s important to carefully assess whether it’s reliably blocking threats. Consider tools that can fact-check and validate vendor claims, as well as their solution’s performance when in use.

In choosing an email security solution, and whether to augment or replace existing security, evaluate the benefits essential to the integrity of essential systems and operations. These may include scalability, operational simplicity, customer support, and security awareness offerings.

An effective email security solution is comprehensive, reliable, and uncomplicated. It helps businesses marshal every available resource to fight email threats such as phishing. It consistently blocks emerging email threats and quarantines them automatically. It affords user tools that enable and simplify reporting of suspected phish. It helps businesses enlist employees as the last line of defense against email threats.

A comprehensive solution starts with advanced technology. It then layers that intelligence with human users conditioned to respond as sensors spotting and reporting the malicious emails that SEGs miss.

Contact us to find out how Cofense can help with choosing an email security solution that does everything your enterprise requires.


Interested in learning more about phishing detection and response?

Explore our Resource Center for our latest content

Explore our database of phish found in environments protected by SEGs, updated weekly

Download our latest Phishing Review to learn about threat landscape trends.


We use our own and third-party cookies to enhance your experience by showing you relevant content, personalizing our communications with you, and remembering your preferences when you visit our website. We also use them to improve the overall performance of our site. You can learn more about the cookies and similar technology we use by viewing our privacy policy. By clicking ‘Accept,’ you acknowledge and consent to our use of all cookies on our website.