Cybersecurity Glossary

What is Integrated Cloud Email Security (ICES)?

Written by IRONSCALES | Jul 10, 2024 5:54:25 PM

Email has become the essential communication tool in the digital age, but it also exposes us to increased risk of cyberattacks targeting email systems. Integrated Cloud Email Security (ICES) solutions are designed to address this concern by providing advanced protection against various email-based threats. This article will discuss the fundamentals of ICES, its key features and benefits, differences from legacy solutions like secure email gateways (SEGs), examples of attacks that ICESs can catch, and considerations for replacing or augmenting your SEG with an ICES.

Integrated Cloud Email Security Explained

Integrated Cloud Email Security (ICES) is a comprehensive email security solution that combines multiple layers of protection to defend against a wide range of email-based threats like business email compromise (BEC), account takeover (ATO), and more. ICESs leverage artificial intelligence (AI), machine learning, and other advanced technologies to detect and block malicious emails that slip past traditional email security tools.

Separately, traditional email security solutions—and the default features of cloud-based email providers—can only detect common email attacks with harmful content, such as SPAM, malicious links and attachments, or fake email domains. However, these methods are not enough to stop newer forms of sophisticated phishing like business email compromise (BEC) or vendor email compromise (VEC) attacks. Unlike the old-school phishing attacks, these advanced attacks use "malicious intent" based emails that only rely on text-based social engineering techniques to trick recipients into giving up login information, sending confidential data, or paying a false invoice

This is where ICES solutions play a crucial role. ICES solutions connect with cloud email services through APIs and integrate directly with Microsoft and Google's built-in email security to deliver comprehensive protection without having to change MX records or possibly affecting email traffic.

What Are ICES Key Features and Benefits?

ICES solutions offer various features and benefits, including:

  • Multi-layered protection: ICESs combine several security layers, such as AI-powered analysis, computer vision, threat intelligence, and sandboxing to stop advanced email threats.
  • Real-time threat detection: ICESs use API-integration with cloud email services to actively monitor and analyze email traffic and inboxes, detects and responds to threats in real-time.
  • Account takeover detection and remediation: ICESs use AI and machine learning to analyze inbox behaviors and various other factors to detect and remediate account takeover attempts.
  • Seamless integration: ICESs are easily integrated with cloud email services, allowing for streamlined deployment and management.


How Does ICES Differ From Secure Email Gateways (SEGs)?

While both ICESs and SEGs aim to protect organizations from email-based threats, ICESs offer a more advanced and comprehensive approach to email security. SEGs primarily rely on traditional techniques such as signature-based detection and content filtering, which may not be effective against sophisticated attacks. ICESs, on the other hand, use advanced technologies like AI, machine learning, and computer vision to identify and block a wider range of threats. Additionally, ICESs are better suited for cloud-based email systems and can be more easily integrated with other security solutions.

What Attacks Does ICES Catch That SEGs Don't?

ICESs can detect and block various attacks that can bypass traditional secure email gateways, such as:

  • Business Email Compromise (BEC) attacks: ICESs can identify and stop BEC attacks, which involve the impersonation of trusted individuals or organizations to manipulate victims into transferring funds or divulging sensitive information.
  • Spear-phishing: ICESs can detect highly targeted spear-phishing emails, which often use social engineering and personalization to deceive recipients.
  • Zero-day exploits: ICESs can protect against previously unknown vulnerabilities or exploits, thanks to their advanced threat intelligence and real-time monitoring capabilities.
  • Account takeover attacks: ICESs can identify suspicious inbox behavior and account activity to detect and remediate account takeover attempts before financial damage occurs.

Should Organizations Augment or Replace Their SEG With an ICES?

When deciding between augmenting an existing legacy secure email gateway (SEG) with an ICES solution, or replacing the SEG with their native cloud email security combined with a ICES solution, organizations should carefully assess their existing security stack, IT/Security team resources, and existing or future IT service management (ITSM) requirements.

While augmenting the SEG with an ICES solution can enhance protection against advanced threats with a defense-in-depth security approach, it may also result in added complexity and potential compatibility issues. Conversely, transitioning to native cloud email security and a modern ICES solution provides a more streamlined approach, offering better integration, scalability, and adaptability to emerging threats while still providing the enhanced protection against advanced threats like business email compromise and account takeover.

Ultimately, the decision should be based on factors such as the organization's security requirements, budget, and existing infrastructure, as well as the potential benefits and challenges associated with each option.