Time to Sunset Email Security Gateway Appliances?
Barracuda Networks recently faced severe malware that affected their email security gateway (ESG) appliances. Because of the severity of the issue and the increase in advanced email threats, Barracuda recommended that customers physically remove and decommission the gateways rather than just applying current patch version levels.
According to experts, this action by Barracuda is an unusual response to a zero-day vulnerability.
The transition from pivot from patch to a device replacement is surprising, suggesting that the malware used by the attackers has a persistent presence at a deep level, making simple wiping insufficient to remove their access.
This is why replacing Barracuda ESG devices is critical to protecting the organization’s email channel, intellectual property and sensitive employee information.
Why Replace Email Security Gateway Appliances?
The email security market has experienced notable transformations, mainly because of the emergence of cloud-native email services. According to Gartner®, a vast majority of organizations, approximately 85%, are expected to adopt a “cloud-first” strategy by 2025. In a cloud-based environment, SEGs, which are outdated devices, cannot offer the required scale, advanced AI capabilities, resilience and flexibility that organizations need for their security controls.
Email Security Gateway Becoming Less Effective Against Email Phishing Attacks
Gartner® recognizes that advanced email security capabilities are increasingly becoming integrated into cloud email security solutions rather than being used as a gateway. Most legacy ESGs from Barracuda and other vendors could not evolve their security protection capability, becoming less effective against the next generation of email phishing attacks.
Legacy devices have a finite amount of compute, memory, and network throughput. Hackers continue to change the attack vector by increasing the velocity and scale of the attack, the method of phishing and their target. These changes will overwhelm the ESG device and other similar appliances.
Using hacker-enabled AI, the attackers process their initial attack telemetry to determine timely adjustments to their threat vectors. These changes could include a large-scale attack or a smaller, more precise target. ESG devices do not have the AI process capability and machine learning tools to make faster decisions to help stop these more sophisticated attacks.
Outsmarting the Hackers With AI Innovation
Organizations collecting security telemetry from their network devices, email, and identity management systems can process using their AI capabilities and security orchestration automation and response (SOAR) playbooks to counter the new threat.
Using AI with behavior analytics, organizations will see similar changes in the incoming attacks and can automatically deploy countermeasures with their extended detection and response (XDR) capabilities. Without AI, legacy ESG devices cannot perform similar defensive security measures.
Why Migrating off ESG Should be a Top Priority for Email Security Teams
By 2024, at least 40% of organizations will use protection capabilities integrated into cloud email providers instead of an SEG. In the modern world, email security must continuously innovate to stay one step ahead of hackers. Artificial intelligence, machine learning security tools and continuous education and investment in knowledge for your security operations teams will help protect your organization from future attacks.
