As part of its key findings, the Gartner Market Guide notes that, “Impersonation and account takeover attacks via business email compromise (BEC) are increasing and causing direct financial loss, as users place too much trust in the identities associated with email, which is inherently vulnerable to deception and social engineering.” Indeed, according to the Federal Bureau of Investigation, U.S. firms lost a total of $43 billion to BEC between June 2016 and December 2021.
To effectively combat the massive increase in advanced Business Email Compromise (BEC) attacks, a new approach to email security is needed as traditional solutions that rely on rules and scanning of links and attachments are increasingly bypassed. This new approach should be able to continuously learn from real-world attacks and incorporate regular phishing simulation and awareness training to effectively prevent socially engineered attacks with malicious intent.
The Gartner Market Guide recommends that security and risk management leaders should:
- Use email security solutions that include anti-phishing technology for targeted BEC protection that use AI to detect communication patterns and conversation-style anomalies.
- Include API-based ICES solutions when evaluating email security solutions. The simplicity of evaluation and additional visibility into internal traffic and other communication channels can reduce risk, as these solutions create communication graphs and baseline user activity to detect suspicious behavior.
- Invest in solutions that can use their API integrations into collaboration platforms to filter malicious content or suspicious interactions.
- Reinforce training with context-aware banners and in-line prompts to help educate users.
“Successful Business Email Compromise (BEC) attacks not only result in significant financial losses for organizations, but also add to the burden of enterprise security teams. These teams are required to conduct manual investigations into the BEC attacks that manage to evade conventional security measures,” Eyal Benishti, CEO at IRONSCALES. “As BEC and other advanced phishing attacks intensify, we remain committed to protecting customers and partners through the most powerfully simple email security solution that uses a combination of AI and human insights.”
More than 10,000 global customers depend on IRONSCALES to combat the advanced phishing attacks with the industry’s only solution that combines AI and human insights.
To download the full 2023 Gartner Market Guide for Email Security, please visit: www.ironscales.com/gartner.
(1) Gartner Market Guide for Email Security, Ravisha Chugh, Peter Firstbrook, Franz Hinner, 13 February 2023
Gartner is a registered trademark and servicemark of Gartner, Inc and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
About IRONSCALES
IRONSCALES is the leader in AI-powered email security protecting over 13,000 global organizations from advanced phishing threats. As the pioneer of adaptive AI, we detect and remediate attacks like business email compromise (BEC), account takeovers (ATO), and zero-days that other solutions miss. By combining the power of AI and continuous human insights, we safeguard inboxes, unburden IT teams, and turn employees into a vital part of cyber defense across enterprises and managed service providers. IRONSCALES is headquartered in Atlanta, Georgia. To learn more, visit www.ironscales.com or follow us on X @IRONSCALES.
