5 Key Takeaways from Our Conversation with Ed Amoroso

Ed Amoroso discusses the biggest security risks with cloud email and how to prevent them.
January 20, 2023

Cloud-based productivity platforms like Microsoft 365 and Google Workspace offer several benefits including easier collaboration across teams, more project agility, less tedious maintenance, and reduced costs. However, the cloud platform also exposes organizations to more security risks, as it creates new avenues for email attacks.

Minimizing these risks is key to keeping data and employees safe in a cloud-based environment. There are a number of factors security leaders must consider in an effort to keep their organizations secure in the face of these new threats:

  • Where do your existing solutions provide protection?

  • Where do you need additional tools to fill security gaps?

  • How can you prepare for future advanced attacks?

To answer these questions, we spoke with Ed Amoroso, Founder and CEO of TAG Cyber and American First Credit Union. As a seasoned industry leader, Ed provided his thoughts on the current state of cloud email security and where he believes the future is headed.

Here are a few key takeaways from that conversation.

Cybercriminals Seek the Most Lucrative Attack Vectors

“We all know crime has been around forever, so criminals are no dummies. They go where the money is; they go where the action is. And I think we would all agree that right now it's about every business—all sizes, all scopes, all sectors, even all cultures, and geographies—are pretty dependent on messaging and email. So it doesn't surprise anyone that this would be a pretty rich area for cyber crimes.” —Ed Amoroso

Like any other type of bad actor, cybercriminals will always choose the most lucrative path that offers the least resistance. This means attackers are targeting their efforts toward attack vectors that provide them with low risk, high reward, and high ROI—in other words, email

Whether it’s a large enterprise or an SMB, and whether or not it should be this way, all organizations depend heavily on email—making it an opportune access point for every threat actor.

Email Continues to Be the Easiest Access Point

“It doesn't surprise anybody that even the advanced actors will do the easy thing and that's to go after your email. So if the barn doors are wide open, I'm not gonna climb through the window. I'm gonna walk through the barn doors. Right now, sadly, email is the barn doors.” —Ed Amoroso

Email is an indispensable part of our personal and professional lives. It's how bills are paid; it's how people communicate. And it's the one commonality between all businesses, allowing us to interact and engage asynchronously with colleagues and partners all over the globe.

This is even more so the case as we live in an increasingly remote world. The wide usage and universal connectivity provided by email make it an easy gateway for attackers to access massive volumes of business and personal data. Failure to control access to email leads to it becoming like a barn door—wide open, as Ed says. Accordingly, you need to focus on fixing your barn door and putting those security elements in place.

Attack Types Are Evolving With Innovative Technologies

“For 2023, one of the things we're predicting is a much greater use of automation and even AI for offensive weapons. We're also predicting that these email attacks will probably be part of a more intensive and more directed campaign at industrial control.” —Ed Amoroso

With the shift to primarily remote cloud environments, attackers are discovering new opportunities to infiltrate organizations. Unlike inbound email attacks that target accounts by sending an email, new email platform attacks utilize unguarded entry points within a cloud email platform to access either an individual account or the entire email platform.

One way attackers are accomplishing this is by leveraging third-party applications as a means of access. With dozens of plug-ins and third-party app integrations attached to your email, for everything from calendars to creative suites, even organizations with the most stringent app policies are susceptible to a gap in protection.

Platforms with Advanced Detection Capabilities Outperform Traditional SEG Solutions

“Now we're in an era where we're much more dependent on analytics, much more dependent on machine learning, on behavioral processing, on collecting network traffic, on having a much more intelligent, more personalized approach to processing emails. So instead of it being first a filter and then a gateway, now it's a pretty advanced capability that's very intimate with the cloud.” —Ed Amoroso

As attacks increase in sophistication, it is vital that organizations equip themselves with a modern security solution. Ed discussed the importance of combatting these attacks with advanced detection capabilities beyond traditional SEG solutions. This means adopting a more intelligent and personalized approach to processing emails through the use of behavioral analysis and machine learning.

The key is being able to detect the anomalies while baselining and patterning known-good behavior versus something that's abnormal. Through the use of machine learning, the right technology can analyze these signals and assess potential threats through a behavioral science lens.

Cybersecurity Training Isn’t Enough; Organizations Need Modern Protection Technology

“I'm enthusiastic that tech is the answer, not just, ‘Hey everybody, if you don't do this right, you're gonna get fired.’ That's just not gonna work.” —Ed Amoroso

While it’s important to prioritize cybersecurity education within your organization, simply creating awareness is not enough. Oftentimes, dialed-up awareness campaigns cause a fear of technology which can be a disservice to your employees who need those tools to perform their jobs. There needs to be a healthy balance between advanced security technology, learning processes, and procedures.

Next Steps

Investing in more innovative email security solutions will become increasingly important as cloud email replaces on-premises email as the preferred implementation. Traditional email security solutions are not capable of blocking sophisticated inbound email attacks and platform attacks, and these threats will only become more frequent and sophisticated over time.

For even more insights from Ed Amoroso, watch the full webinar here.

Want to learn more about how Abnormal can protect your cloud email platform? Schedule a demo today.

Schedule a Demo
5 Key Takeaways from Our Conversation with Ed Amoroso

See Abnormal in Action

Schedule a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.


See the Abnormal Solution to the Email Security Problem

Protect your organization from the full spectrum of email attacks with Abnormal.

See a Demo
Integrates Insights Reporting 09 08 22

Related Posts

BC 5 31 23 Vendor Risks
Learn the biggest risks associated with your vendor relationships and how to protect your organization from Vendor Email Compromise (VEC) attacks.
Read More
B 5 30 23 Teams
See how Abnormal's advanced security solutions protect Microsoft Teams workspace from malicious attacks and account takeovers.
Read More
Zoom BC
Discover how Abnormal protects your Zoom messages and prevents attackers from using the application to breach your business.
Read More
B 5 22 23 SOC
Discover how Abnormal simplifies detection, enhances investigation, and automates remediation, increasing threat investigation efficacy at the SOC level.
Read More
B Phishing
Knowing what to do after receiving a phishing attack is essential for preventing costly consequences. Learn how to respond to Phishing attacks.
Read More
B 5 15 23 Israel BEC
Abnormal research into an advanced Israel-based threat group puts a spotlight on the continuing rise of BEC attacks.
Read More