2022 Email Security Survey: A Look at Emerging Attacks, Tools, and Trends

Our new survey explores the current email threat landscape and what security leaders are doing to stay ahead of increasingly sophisticated attacks.
July 20, 2022

In the past two years, the prevalence of email-borne cyber threats—which was already high—soared to unprecedented levels. According to data from the FBI, both business email compromise (BEC) and ransomware attack volumes swelled to record highs, as did the number of reported phishing attacks.

In response, security leaders are changing how they think about email security. We partnered with Aimpoint Group to survey 300 security leaders to discover what matters most to them when it comes to email security. Based on this survey, our latest 2022 Email Security Trends Report explores how email security strategy is changing, and how security leaders are changing their tactics to better protect their organizations.

Learn What 300 Cybersecurity Stakeholders Think About AI & Email Security

The Challenges of Using Legacy Technology

Gartner estimates that 70% of organizations had already adopted a cloud-based email solution by late 2021, and our survey data shows that 93% of organizations already have a cloud-based solution or intend to implement one in the future. As enterprises shift to the cloud, many are experiencing a mismatch between their legacy security architecture and the needs of their cloud email environment.

Secure email gateways (SEGs), in particular, were engineered for an on-premises world rather than today’s cloud email ecosystem. And as threat actors shift their tactics toward social engineering, the inability of the SEG to stop modern attacks is becoming more apparent. In fact, 78% of survey respondents believe that secure email gateways are largely incapable of protecting modern cloud email environments.

Meanwhile, major cloud providers including Microsoft and Google have made considerable investments in improving the native capabilities of their offerings. Gartner predicts at least 40% of enterprises will use built-in capabilities from a cloud email provider in place of the secure email gateway by 2023.

That said, advanced features and controls are typically only available as an add-on or part of a higher-priced licensure tier from some vendors—and not at all from others. Further, these native security solutions tend to operate by blocking known threats, which means organizations that rely on these capabilities alone may remain vulnerable to never-before-detected threats or sophisticated social engineering and account compromise attacks. Similar to the ineffectiveness of the secure email gateway, 79% of stakeholders believe that native controls offer insufficient threat protection on their own.

So even as enterprises adopt more of cloud providers’ built-in email security capabilities, large numbers of email-borne attacks are still circumventing enterprise defenses. In fact, participants indicate that malware and ransomware are still the biggest concerns, closely followed by credential phishing and business email compromise. This reality makes it abundantly clear that it’s now essential to implement email security solutions that are more effective and efficient than those of the past.

It also requires security teams to shift their mindset, away from a rules-and-policies-based approach to preventing attacks, and toward a reliance on human and behavioral analysis. For many organizations, this will mean displacing the legacy SEG and turning to a combination of modern email security solutions that were designed for a cloud-first world.

The Need for ICES is Urgent and Growing

Recognizing that new email security tools are now available to stop the attacks that bypass traditional solutions, Gartner coined the category of integrated cloud email security (ICES) in the 2021 Market Guide to Email Security.

ICES products are cloud-native solutions that analyze email content via API connectivity so that there’s no need to change the MX records. These platforms leverage technologies like natural language processing (NLP) and behavioral AI to detect and block the malicious emails that legacy solutions miss. And this survey shows that to combat tomorrow’s increasingly sophisticated cyber threats, enterprises will need this sort of innovation—either in addition to or in place of their current tools.

Survey respondents seem to be on the same page with 90% of all participants agreeing that a combination of native security capabilities within cloud email platforms and the implementation of an integrated cloud email security solution can replace the full functionality of a SEG.

Aimpoint seg ices

With the number of impersonation-based attacks like BEC and attacks from compromised accounts still increasing, email security strategies must advance beyond the reactive blocking of known threats. These results show that security leaders are looking to innovative solutions that integrate via API and use artificial intelligence (AI) to baseline known good behavior and block malicious deviations.

Survey Shows Need for Advanced Email Protection

There is little denying that ransomware attacks, business email compromise scams, and other advanced email-borne threats will persist. And because traditional tools cannot protect against these evolving threats, it’s essential to adopt a multi-layered approach—one that’s suited to modern IT ecosystems and architectures.

Security leaders recognize that they must also harness technologies like natural language processing and artificial intelligence to increase efficiency, all while centralizing visibility and control to stay ahead of evolving attacks. As this survey shows, organizations are already shifting to cloud email security to protect themselves, with ICES solutions front of mind.

To learn more about the challenges and opportunities that today’s enterprise email security teams face and how leaders are thinking about evolving their email security strategy for the future, download the full report.

2022 Email Security Survey: A Look at Emerging Attacks, Tools, and Trends

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.


See the Abnormal Solution to the Email Security Problem

Protect your organization from the full spectrum of email attacks with Abnormal.

Integrates Insights Reporting 09 08 22

Related Posts

B Mr Wonderful Talks AI
Explore the future of AI and cybersecurity and learn why prioritizing security investments is crucial with Kevin O’Leary of Shark Tank fame.
Read More
B 1500x1500 MKT468a Open Graph Images for Phishing Subjects Blog
Discover the most engaging phishing email subjects, according to Abnormal data, and how to protect your organization from these scams.
Read More
B Threat Report BEC VEC Blog
Our H1 2024 Email Threat Report revealed significant year-over-year increases in both business email compromise and vendor email compromise. Learn more.
Read More
B 2 7 24 Product Update
Abnormal product enhancements improve detection efficacy, reporting on QR code attacks, productivity, and protection from account takeover.
Read More
B 1500x1500 Quishing Stats Blog 02 05 24
Today we released our H1 2024 Email Threat Report, which examines the threat landscape and dives into the latest evolution in phishing: QR code attacks.
Read More
B 1 30 23 Microsoft ATO
A recent nation-state actor attack by the Russian-backed threat group Midnight Blizzard infiltrated Microsoft. Discover how Abnormal can protect you from account takeovers in real time.
Read More