What is the Future of Cloud Email Security?

This article is the final post in a five-part series from Ed Amoroso at TAG Cyber. You can read part one here, part two here, part three here, and part four here.

Unlike many security controls that have risen to prominence and then faded gradually, the protection of email has remained an essential aspect of enterprise security strategies. This follows the significant rise in email threats, as well as the continued dominance of email as the primary means for business communication, project coordination, and data sharing—regardless of organizational size, sector, or scope.

In this article, we address some of the next-generation issues we predict will be relevant for cloud-based email systems in the immediate, near, and longer-term future. This includes both offensive issues such as more intense email platform attacks as well as defensive issues such as increased reliance on more intelligent and even autonomous security controls.

Next-generation attacks on cloud email will build on existing methods toward more automated campaigns designed to produce multiple threat consequences. These attacks will continue to be performed by a wide range of threat actors, from nation-state-sponsored groups to new hackers. We anticipate that key aspects of future cloud email attacks will include the following:

• Autonomous Attacks – Malicious threats will emerge from autonomous weapons that use machine learning to identify cloud email vulnerabilities and predict outcomes.

• Email Platform Attacks – Future cloud email vulnerabilities will emanate from side channels, like connected third-party applications, that can leak information in unpredictable and uncontrolled ways.

• Email Assistant Attacks – The future email assistant will likely involve AI-based software that helps users perform email tasks—and will hence be vulnerable to attack.

One constant we expect to remain is that cloud email will persist as one of the primary means by which users communicate. It would be unwise to expect email to go away in any substantive manner or that hosting might shift away from public cloud infrastructure.

Next-generation defenses for cloud email will obviously have to be designed to handle the types of attacks described above, especially in the context of more autonomous campaigns. Specific types of defensive strategies likely to be required in this context include the following capabilities:

• Predictive Modeling – Predictive modeling is essential to AI, and it stands to reason that this will be an important component of intelligent active defense for cloud email.

• Advanced Analytics – The use of data analytics will continue to be a major aspect of cloud email defense, albeit with increasingly advanced approaches.

• Coordinated Defenses – One should expect to see more coordination between different cloud email instances for sharing of intelligence and cooperation on mitigations.

These defenses will have to be particularly good because the offense is always ahead of the defense: attackers only need to find one strategy that works, whereas organizations must continually defend against all tactics. With advances in both offense and defense, especially using AI, the only way progress can be made in our cybersecurity industry will be for the defense to progress more quickly. This will be a challenge.

The good news is that Abnormal Security is particularly well-positioned for both present-day cyber threats to cloud email services, as well as future-state issues that are likely to emerge.

Abnormal is an AI-based cloud email security platform that learns the behavior of every identity in your environment and analyzes the risk of every event to block even the most sophisticated email attacks.

The solution takes a fundamentally different approach to email security that is based on three core pillars:

• Identity-Aware – Ingests thousands of diverse signals derived from API integration with your cloud email platform to build profiles of every employee, vendor, application, and email tenant in your environment.

• Context-Aware – Monitors internal and external email traffic and continuously analyzes how identities behave in relation to one another to identify normal behavior.

• Risk-Aware – Correlates identity understanding and contextual norms to determine the risk level of every event and identify anomalies with high precision.

These pillars enable Abnormal to provide the next generation of email security that delivers the highest rate of attack detection and prevention, identifying both known and never-before-seen threats with or without indicators of compromise. Buyers would be wise to consider Abnormal Security as a valuable partner to future-proof their cloud email infrastructure from cyber threats.

Throughout this series, we’ve explored a myriad of topics related to cloud email and the email threat landscape. We began by discussing why the modern and evolving workplace requires focused and ongoing attention to cloud email threats. Then, we dove into a few of the greatest ongoing cyber risks associated with cloud email.

Our third article explained how AI technology is particularly useful for mitigating threats to cloud email environments, and our penultimate post examined how Abnormal’s platform leverages AI to detect and block the full spectrum of email attacks. Finally, we reviewed some of the most important cloud email security trends.

We hope these posts have been helpful in supporting your efforts to improve email security in your organization. For even more valuable information, please visit the Abnormal Security Resource Center.

See for yourself how Abnormal can protect your employees and your organization from new and emerging email threats. Schedule a demo today.