GUEST ESSAY: Advanced tools are ready to help SMBs defend Microsoft 365, Google Workspace

By Adrien Gendre

Throughout 2022, we saw hackers become far more sophisticated with their email-based cyber attacks. Using legitimate services and compromised corporate email addresses became a norm and is likely to continue in 2023 and beyond.

Related: Deploying human sensors

Additionally, with tools like ChatGPT, almost anyone can create new malware and become a threat actor.

According to a recent report, small businesses (defined as those with under 250 employees) receive the highest rate of targeted malicious emails at one in every 323 emails, and 87 percent of those businesses hold customer data that could be targeted in an attack.

Another report by Vade completed last year found that 87 percent of respondents agreed their organization could take the threat from email security more seriously.

Intelligent defense

Small-to-midsize businesses (SMBs) continue to think they’re “too small to be a target.” This is  a harmful misconception. Hackers may pick SMBs over larger companies for several reasons, namely because SMBs don’t have the same budget or resources dedicated to cybersecurity as large companies.

As attacks grow in number and sophistication, these smaller organizations will need technology that tightly integrates with modern productivity suites such as Microsoft 365 and/or Google Workspace that also provides comprehensive threat intelligence.

Secure email gateways (SEGs) are a common solution used by businesses both large and small to analyze emails for malicious content before they’re able to reach corporate systems. However, with the emergence of API-based or integrated email security solutions, SEGs have become obsolete.

Over the past couple of years, organizations have been opting for API-based email security solutions for reasons including increased visibility into productivity suites, easy deployment and ability to share threat intelligence from email with other applications used throughout the business operation.

Microsoft 365 and Google Workspace are the two most popular productivity suites used worldwide. While strides have been made to make both platforms more secure, it’s inevitable that when hackers run into roadblocks, they’re going to innovate their attack methods to sneak past whatever defenses stand in their way.

Consolidated visibility

The bottom line is, security operations centers (SOCs) and MSPs need solutions that allow them to quickly investigate and respond to email-borne threats transiting through networks without any misconfigurations that could harm, or even halt business operations.

One of the major challenges our customers have voiced to us is how difficult it is to monitor and manage threats from all their endpoints. They need better visibility into their cybersecurity landscape if they’re going to have any chance of protecting their assets effectively.

Additionally, IT teams are being overburdened by managing too many complex tools. They need solutions that allow for powerful integrations but consolidate the most important threat intelligence into simple dashboards.

Products that that speed up incident response times by automating remediation are going to become hot commodities as these suites continue to increase in popularity.

Wider protection

AI-based email solutions can tightly integrate with these suites to catch threats that Microsoft 365 and Google Workspace don’t identify…and perhaps more importantly, those solutions can learn from the threats they encounter to keep similar and more advanced ones from slipping past barriers in the future.

In 2023, we predict MSPs and SMBs will invest in tools that integrate seamlessly with productivity suites, reduce incident response times, and lighten the load on IT teams, rather than invest in solutions that solely secure email.

We also predict hackers are already one step ahead and know these tools are going to become commonplace. It’s time for businesses small and large to level up their email security solutions with tools that can learn from and predict the bad guys’ next moves – not just move suspicious emails to spam.

About the essayist: Adrien Gendre is a co-founder of Vade and serves as its Chief Tech & Product Officer.  Founded in 2009, Vade supplies AI-based cybersecurity technologies that help companies defend many types of email-borne attacks.

February 7th, 2023