How Should the Modern Workplace Address Cloud Email Security?

Learn why the modern and evolving workplace requires focused and ongoing security attention to cloud email threats.
December 15, 2022

This article is the first of a five-part series from Ed Amoroso at TAG Cyber exploring the risks to cloud email environments.

Enterprise security teams must understand the mechanics of the modern workplace to design proper cyber defensive schemes. Without such insight, the security functions and protection controls in use could be targeting the wrong types of threats. In fact, without a clear understanding of how employees actually work, security teams might just build security programs consistent with generic compliance frameworks.

In this article, we introduce and analyze three major trends in the modern workplace that directly impact how cybersecurity must be implemented. These trends are unmistakable and have been accelerated by recent events such as the COVID-19 pandemic, as well as major advances in cloud infrastructure, SaaS tools, and collaboration systems such as Microsoft Teams and Zoom.

Three Trends in the Modern Workplace

With so many professionals now working remotely, three major trends are changing how work is performed in the typical enterprise. These trends, listed below, seem to transcend all industrial and government sectors and have been found to apply equally across organizations of varying sizes, scopes, and locations.

  • Trend 1 - Work from Anywhere: Work locations have shifted from physical corporate premises to virtually anywhere.

  • Trend 2 - Cloud Application Usage: Cloud-connected applications have grown significantly for employees, partners, and customers.

  • Trend 3 - Virtual Work Coordination: The coordination of work in a typical organization has shifted from face-to-face meetings to virtual collaboration.

These workplace trends have led companies such as Zoom to emerge as major players in the enterprise market. It is not uncommon, for instance, for employees to spend their entire workday in online meetings or communicating via SaaS-hosted applications like Outlook and Slack. This contrasts with prior work generations who were more likely to be seated together working in physical conference rooms.

Shifts in the Modern Workplace

Shifts in the Modern Workplace

As one would expect, the impact of these workplace trends on cybersecurity is significant. Specifically, with targeted resources now virtual and largely dependent on email, adversaries have adjusted their focus accordingly.

Modern cyber threats have evolved alongside the evolution of how people work. In the sections below, we provide additional insight and commentary on the security impact that results from each of these trends.

Security Impact of Work from Anywhere

The shift toward employee work from anywhere was not only a result of the recent pandemic, as it was emerging long before people were staying home to avoid illness. Today’s workers typically seek to balance their work, family, and life interests and obligations, so the flexibility of working anywhere represents a major benefit—one that can help companies attract and retain the best talent.

Two technologies have become more significant in the context of this shift: virtual conferencing and email. This should not come as a surprise to any observer, and the security implications here are immense. Email, in particular, has become the primary means by which remote workers collaborate virtually, and this helps to explain why the cyber threat to email systems and messages has exploded in intensity in recent years.

Advice for enterprise teams in this area should be clear: steps to augment existing email security controls should be a priority. In fact, if one were to conceptualize the singular place where investments—even modest ones—in security will pay the greatest current dividend, it is hard to argue that email protections would not be the top choice. Security teams are thus wise to ensure they are working now with the best email security vendor partners in the world.

Security Impact of Cloud Application Usage

The shift to cloud and software as a service (SaaS) usage has caused the focus of the IT infrastructure to shift from a premise-based ecosystem to one that is both distributed and virtual. This certainly increases the flexibility of services and allows workers to share information more readily, and provides ubiquitous access to data, applications, and shared services.

The shift has also transformed how third-party suppliers are handled, including how they are contracted, maintained, and coordinated. By using new capabilities like cloud-based portals for data sharing, teams can reduce the burden of awkward virtual private networks (VPNs) and similar utilities. But such cloud and SaaS usage also increase the cyber risk of mishandled data and misconfigured systems.

Once again, the need emerges for security teams to engage in partnerships with the best cloud and SaaS security solution providers—generally in areas related to ongoing posture assessment and dynamic threat mitigation. But just as with work from anywhere, we must acknowledge the vital role that email plays in cloud and SaaS coordination. This underscores the urgency of working closely with an excellent email security vendor partner.

Security Impact of Virtual Work Coordination

Finally, it should be clear that when work is distributed everywhere and when resources are migrated to the cloud, that work coordination will become virtual. This has great benefits on the quality of work-life situations, such as travel and relocation. Many jobs that previously demanded in-person support can now be performed through work-from-anywhere arrangements—so long as the virtual work coordination can be managed.

The security implications are comparable to what is outlined above. And yes – email security emerges once again as a primary threat mitigation driver. The reality is that virtual work coordination, especially across organizations, relies heavily on email. This implies that to properly manage the risks associated with modern virtual work coordination, email would appear to be a major factor in determining the level of security in place.

So, what does this mean for your organization? Stay tuned for our next article, where we’ll provide insight into the current risks to cloud email.

Read part two of this series here.

Learn how Abnormal can protect every member of your organization from the full spectrum of email attacks. Request a demo today.

How Should the Modern Workplace Address Cloud Email Security?

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.


See the Abnormal Solution to the Email Security Problem

Protect your organization from the full spectrum of email attacks with Abnormal.

Integrates Insights Reporting 09 08 22

Related Posts

B Skills 3 26 24
Discover the security risks associated with generative AI, machine learning, containerization, and microservices, and explore strategies to address the skills gap among cybersecurity professionals.
Read More
B 1500x1500 MKT481 Images for Convergence Season 2 Announcement Blog
Generative AI attacks and AI-powered security tools are changing the security landscape. Get the insights you need to know in our upcoming web series.
Read More
B 1500x1500 MKT477 Energy Infrastructure Data Blog
Energy and infrastructure organizations face an increased risk of business email compromise and vendor email compromise attacks. Learn more.
Read More
B Mr Wonderful Talks AI
Explore the future of AI and cybersecurity and learn why prioritizing security investments is crucial with Kevin O’Leary of Shark Tank fame.
Read More
B 1500x1500 MKT468a Open Graph Images for Phishing Subjects Blog
Discover the most engaging phishing email subjects, according to Abnormal data, and how to protect your organization from these scams.
Read More
B Threat Report BEC VEC Blog
Our H1 2024 Email Threat Report revealed significant year-over-year increases in both business email compromise and vendor email compromise. Learn more.
Read More