5 Key Takeaways from Our Conversation with Ed Amoroso

Ed Amoroso discusses the biggest security risks with cloud email and how to prevent them.
January 20, 2023

Cloud-based productivity platforms like Microsoft 365 and Google Workspace offer several benefits including easier collaboration across teams, more project agility, less tedious maintenance, and reduced costs. However, the cloud platform also exposes organizations to more security risks, as it creates new avenues for email attacks.

Minimizing these risks is key to keeping data and employees safe in a cloud-based environment. There are a number of factors security leaders must consider in an effort to keep their organizations secure in the face of these new threats:

  • Where do your existing solutions provide protection?

  • Where do you need additional tools to fill security gaps?

  • How can you prepare for future advanced attacks?

To answer these questions, we spoke with Ed Amoroso, Founder and CEO of TAG Cyber and American First Credit Union. As a seasoned industry leader, Ed provided his thoughts on the current state of cloud email security and where he believes the future is headed.

Here are a few key takeaways from that conversation.

Cybercriminals Seek the Most Lucrative Attack Vectors

“We all know crime has been around forever, so criminals are no dummies. They go where the money is; they go where the action is. And I think we would all agree that right now it's about every business—all sizes, all scopes, all sectors, even all cultures, and geographies—are pretty dependent on messaging and email. So it doesn't surprise anyone that this would be a pretty rich area for cyber crimes.” —Ed Amoroso

Like any other type of bad actor, cybercriminals will always choose the most lucrative path that offers the least resistance. This means attackers are targeting their efforts toward attack vectors that provide them with low risk, high reward, and high ROI—in other words, email

Whether it’s a large enterprise or an SMB, and whether or not it should be this way, all organizations depend heavily on email—making it an opportune access point for every threat actor.

Email Continues to Be the Easiest Access Point

“It doesn't surprise anybody that even the advanced actors will do the easy thing and that's to go after your email. So if the barn doors are wide open, I'm not gonna climb through the window. I'm gonna walk through the barn doors. Right now, sadly, email is the barn doors.” —Ed Amoroso

Email is an indispensable part of our personal and professional lives. It's how bills are paid; it's how people communicate. And it's the one commonality between all businesses, allowing us to interact and engage asynchronously with colleagues and partners all over the globe.

This is even more so the case as we live in an increasingly remote world. The wide usage and universal connectivity provided by email make it an easy gateway for attackers to access massive volumes of business and personal data. Failure to control access to email leads to it becoming like a barn door—wide open, as Ed says. Accordingly, you need to focus on fixing your barn door and putting those security elements in place.

Attack Types Are Evolving With Innovative Technologies

“For 2023, one of the things we're predicting is a much greater use of automation and even AI for offensive weapons. We're also predicting that these email attacks will probably be part of a more intensive and more directed campaign at industrial control.” —Ed Amoroso

With the shift to primarily remote cloud environments, attackers are discovering new opportunities to infiltrate organizations. Unlike inbound email attacks that target accounts by sending an email, new email platform attacks utilize unguarded entry points within a cloud email platform to access either an individual account or the entire email platform.

One way attackers are accomplishing this is by leveraging third-party applications as a means of access. With dozens of plug-ins and third-party app integrations attached to your email, for everything from calendars to creative suites, even organizations with the most stringent app policies are susceptible to a gap in protection.

Platforms with Advanced Detection Capabilities Outperform Traditional SEG Solutions

“Now we're in an era where we're much more dependent on analytics, much more dependent on machine learning, on behavioral processing, on collecting network traffic, on having a much more intelligent, more personalized approach to processing emails. So instead of it being first a filter and then a gateway, now it's a pretty advanced capability that's very intimate with the cloud.” —Ed Amoroso

As attacks increase in sophistication, it is vital that organizations equip themselves with a modern security solution. Ed discussed the importance of combatting these attacks with advanced detection capabilities beyond traditional SEG solutions. This means adopting a more intelligent and personalized approach to processing emails through the use of behavioral analysis and machine learning.

The key is being able to detect the anomalies while baselining and patterning known-good behavior versus something that's abnormal. Through the use of machine learning, the right technology can analyze these signals and assess potential threats through a behavioral science lens.

Cybersecurity Training Isn’t Enough; Organizations Need Modern Protection Technology

“I'm enthusiastic that tech is the answer, not just, ‘Hey everybody, if you don't do this right, you're gonna get fired.’ That's just not gonna work.” —Ed Amoroso

While it’s important to prioritize cybersecurity education within your organization, simply creating awareness is not enough. Oftentimes, dialed-up awareness campaigns cause a fear of technology which can be a disservice to your employees who need those tools to perform their jobs. There needs to be a healthy balance between advanced security technology, learning processes, and procedures.

Next Steps

Investing in more innovative email security solutions will become increasingly important as cloud email replaces on-premises email as the preferred implementation. Traditional email security solutions are not capable of blocking sophisticated inbound email attacks and platform attacks, and these threats will only become more frequent and sophisticated over time.

For even more insights from Ed Amoroso, watch the full webinar here.

Want to learn more about how Abnormal can protect your cloud email platform? Schedule a demo today.

Schedule a Demo
5 Key Takeaways from Our Conversation with Ed Amoroso

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.


See the Abnormal Solution to the Email Security Problem

Protect your organization from the full spectrum of email attacks with Abnormal.

Integrates Insights Reporting 09 08 22

Related Posts

B Complex Case of Account Compromise Blog
Discover how Abnormal helped one organization detect the sophisticated tactics an attacker used to compromise an employee's email account.
Read More
B Cross Platform Account Takeover
Discover the dangers of cross-platform account takeover, the challenges of detecting this attack, and how to implement proactive protection against ATO.
Read More
B 5 17 24 Legal
Learn how cybercriminals use superficial disclaimers to deceive others while facilitating illegal activity on cybercrime forums.
Read More
B Cybersecurity Influencers Blog 2024
Stay up to date on the latest cybersecurity trends, industry news, and best practices by following these 15 innovative and influential thought leaders on social media.
Read More
B 5 13 24 Docusign
Cybercriminals are abusing Docusign by selling customizable phishing templates on cybercrime forums, allowing attackers to steal credentials for phishing and business email compromise (BEC) scams.
Read More
Abnormal employees honored as CRN 2024 Women of the Channel for their influential leadership in the tech industry.
Read More