chat
expand_more

What is the Future of Cloud Email Security?

In the final post of our series with Ed Amoroso, the TAG Cyber CEO discusses some of the defensive and offensive trends for cloud email.
March 16, 2023

This article is the final post in a five-part series from Ed Amoroso at TAG Cyber. You can read part one here, part two here, part three here, and part four here.


Unlike many security controls that have risen to prominence and then faded gradually, the protection of email has remained an essential aspect of enterprise security strategies. This follows the significant rise in email threats, as well as the continued dominance of email as the primary means for business communication, project coordination, and data sharing—regardless of organizational size, sector, or scope.

In this article, we address some of the next-generation issues we predict will be relevant for cloud-based email systems in the immediate, near, and longer-term future. This includes both offensive issues such as more intense email platform attacks as well as defensive issues such as increased reliance on more intelligent and even autonomous security controls.

Offensive Attack Trends for Cloud Email

Next-generation attacks on cloud email will build on existing methods toward more automated campaigns designed to produce multiple threat consequences. These attacks will continue to be performed by a wide range of threat actors, from nation-state-sponsored groups to new hackers. We anticipate that key aspects of future cloud email attacks will include the following:

  • Autonomous Attacks – Malicious threats will emerge from autonomous weapons that use machine learning to identify cloud email vulnerabilities and predict outcomes.

  • Email Platform Attacks – Future cloud email vulnerabilities will emanate from side channels, like connected third-party applications, that can leak information in unpredictable and uncontrolled ways.

  • Email Assistant Attacks – The future email assistant will likely involve AI-based software that helps users perform email tasks—and will hence be vulnerable to attack.

One constant we expect to remain is that cloud email will persist as one of the primary means by which users communicate. It would be unwise to expect email to go away in any substantive manner or that hosting might shift away from public cloud infrastructure.

Defensive Attack Trends for Cloud Email

Next-generation defenses for cloud email will obviously have to be designed to handle the types of attacks described above, especially in the context of more autonomous campaigns. Specific types of defensive strategies likely to be required in this context include the following capabilities:

  • Predictive Modeling – Predictive modeling is essential to AI, and it stands to reason that this will be an important component of intelligent active defense for cloud email.

  • Advanced Analytics – The use of data analytics will continue to be a major aspect of cloud email defense, albeit with increasingly advanced approaches.

  • Coordinated Defenses – One should expect to see more coordination between different cloud email instances for sharing of intelligence and cooperation on mitigations.

These defenses will have to be particularly good because the offense is always ahead of the defense: attackers only need to find one strategy that works, whereas organizations must continually defend against all tactics. With advances in both offense and defense, especially using AI, the only way progress can be made in our cybersecurity industry will be for the defense to progress more quickly. This will be a challenge.

How Abnormal Security Addresses Email Attacks

The good news is that Abnormal Security is particularly well-positioned for both present-day cyber threats to cloud email services, as well as future-state issues that are likely to emerge.

Abnormal is an AI-based cloud email security platform that learns the behavior of every identity in your environment and analyzes the risk of every event to block even the most sophisticated email attacks.

The solution takes a fundamentally different approach to email security that is based on three core pillars:

  • Identity-Aware – Ingests thousands of diverse signals derived from API integration with your cloud email platform to build profiles of every employee, vendor, application, and email tenant in your environment.

  • Context-Aware – Monitors internal and external email traffic and continuously analyzes how identities behave in relation to one another to identify normal behavior.

  • Risk-Aware – Correlates identity understanding and contextual norms to determine the risk level of every event and identify anomalies with high precision.

These pillars enable Abnormal to provide the next generation of email security that delivers the highest rate of attack detection and prevention, identifying both known and never-before-seen threats with or without indicators of compromise. Buyers would be wise to consider Abnormal Security as a valuable partner to future-proof their cloud email infrastructure from cyber threats.

Wrapping Up

Throughout this series, we’ve explored a myriad of topics related to cloud email and the email threat landscape. We began by discussing why the modern and evolving workplace requires focused and ongoing attention to cloud email threats. Then, we dove into a few of the greatest ongoing cyber risks associated with cloud email.

Our third article explained how AI technology is particularly useful for mitigating threats to cloud email environments, and our penultimate post examined how Abnormal’s platform leverages AI to detect and block the full spectrum of email attacks. Finally, we reviewed some of the most important cloud email security trends.

We hope these posts have been helpful in supporting your efforts to improve email security in your organization. For even more valuable information, please visit the Abnormal Security Resource Center.


See for yourself how Abnormal can protect your employees and your organization from new and emerging email threats. Schedule a demo today.

Schedule a Demo
What is the Future of Cloud Email Security?

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.

Get AI Protection for Your Human Interactions

Protect your organization from socially-engineered email attacks that target human behavior.
Request a Demo
Request a Demo

Related Posts

B 07 22 24 MKT624 Images for Paris Olympics Blog
Threat actors are targeting French businesses ahead of the Paris 2024 Olympics. Learn how they're capitalizing on the event and how to protect your organization.
Read More
B Cross Platform ATO
Cross-platform account takeover is an attack where one compromised account is used to access other accounts. Learn about four real-world examples: compromised email passwords, hijacked GitHub accounts, stolen AWS credentials, and leaked Slack logins.
Read More
B Why MFA Alone Will No Longer Suffice
Explore why account takeover attacks pose a major threat to enterprises and why multi-factor authentication (MFA) alone isn't enough to prevent them.
Read More
B NLP
Learn how Abnormal uses natural language processing or NLP to protect organizations from phishing, account takeovers, and more.
Read More
B DK Compromise 7 11 24
Discover the top five ways hackers compromise accounts, from exploiting leaked API credentials to SIM swapping partnerships, and more. Learn how these techniques enable account takeover (ATO) and pose risks to enterprises.
Read More
B Sans Recap 7 11 24
Discover trends among modern SOC teams, including misaligned budgets, increased automation, unsatisfactory AI tools, staffing issues, and more.
Read More