Email-based threats have grown in number and severity. South Africa moved up the rankings on cyber security firm Symantec’s global cyber threat list from 83rd in 2017, to 27th in 2018. The report also found that malware, phishing and spam threats are higher than the global average. In Mimecast’s ‘State of Email Security’ report, 88% of South African respondents had experienced phishing attacks, with 53% citing an increase in this attack in the previous year.
JJ Milner, MD of hosted infrastructure provider Global Micro Solutions, says he expects the size of the market to double over the next 24 months. “Any company that provides email services today is in the business of security. The reality is that hackers will get in if they want to, so our focus is on providing affordable solutions that address the most likely risks, and to lay a security foundation for our customers so they can use technology without having to worry about being attacked. To effectively fight bad actors and consolidate threat intelligence, you need to work faster than a bot. Increased vulnerability due to BYOD is also a major concern for businesses of all sizes.”
Milner says the biggest risk to companies is internal, making education and training of users a never-ending responsibility for organisations and their security providers. “Users are constantly being tricked into making security mistakes or giving away sensitive information,” he says.
“Well-known brands with a solid reputation can become victims of fraudsters who pretend to be them and lure unsuspecting users into downloading a malicious attachment to their computers,” says Riaan Badenhorst, GM of Kaspersky in Africa. “Email scammers are also targeting big global events, such as sporting events. We will likely continue to see such threats grow as fraudsters become more sophisticated.”
Most people don’t realise that email threats are by far the most common, because almost all are stopped before hitting their inbox. It’s this actionable intelligence that businesses are expecting.
Individual mail accounts receive hundreds of potential threats every month, with the majority being ‘traditional’ phishing or scam emails. “They are generally not personalised and contain bad English or low-quality images and layout,” says Colin Thornton, MD of Turrito Networks. “Increasingly, though, emails are becoming more sophisticated. They can dodge mail filters and may be personalised or come from familiar addresses.”
Turrito resells Mimecast, Synaq and Microsoft security solutions, sometimes in combination, and is provider- and product-agnostic, with solutions dependent on customer needs, from the desktop to the datacentre. “Most versions of Office 365 exchange have built-in email security, but in the more affordable packages, it may be watered down or not as configurable, says Thornton. “In Office 365 E5, the advanced email security service is reliable and configurable, but comes with a hefty price tag.”
As recently as three to four years ago, companies were still designing and building their own email servers or systems. This meant capital expenditure, configuration and implementation challenges, ongoing support, backups and a host of other running costs.
Nowadays, the vast majority have moved to the cloud and use off-the-shelf products like Gmail and Office 365 email where Google or Microsoft worry about almost everything. Some companies still use very basic email accounts with internet service providers, and these often have very little flexibility or added extras (like security).
“In our experience, most local businesses are using Office 365 mail because of the additional products and their familiarity with Microsoft,” says Thornton. But whether a business uses Gmail or Office 365, the entry-level mail accounts are not sufficiently secure. That’s where other solutions come in. Mimecast’s cloud-based security system works in addition to whatever security might be built into your email account, regardless of where that account sits. Email hits Mimecast’s servers before the client’s, so dangerous emails and spam are stripped out before users even have a chance to download them.”
“Given that cyber crime is growing rapidly and across the globe, the need for effective protection and advice is certainly not going to fade any time soon,” says Badenhorst. “This presents an opportunity for the local channel market to play a critical role in building a cyber-immune future, but that can only be achieved with support from public and private sector organisations and industries.”
Ozone Information Technology Distribution, for example, sells on security services as managed subscription solutions and has succeeded in expanding its own market share and cementing growth opportunities. “The advanced solutions available in South Africa allow channel players to get started in the market using robust and tested solutions that meet global standards,” says MD Henk Olivier.
Ozone provides email filtering and protection and archiving solutions. The products provide visibility for IT service providers, allowing them to assess the threats attempting to access company email networks, providing them with the tools they need to identify spam and spoofing, and act against these threats.
“The architecture of a security solution depends on the size of the company and its needs, says Olivier. “Most companies are looking for hosted email solutions, which makes it easier for resellers as you can easily become a reseller of most email service providers and offer this to your clients. Factors like security, mail archiving or retention, size of storage and contingency or uptime can be managed and offered by resellers to their clients by just making use of large internet service providers’ offerings. The margins are small, but the annuity-driven business model is great if you have a sizeable and growing client base.”
Most resellers of email solutions start by creating their own cloud infrastructure, hosting and managing email as well as email security, he adds. This is easy for resellers to do, as most large internet service providers offer these services to their resellers and partners
The current focus for email security and continuity is to ensure that businesses are more aware of the role that communication plays in business operations and how losing this can have a huge impact on the business. The go-to-market for vendors and suppliers of these services are organisations that need to become aware of the risks involved and which have to invest in protection and put plans in place.
Cloud-hosted email security
Cloud storage and services have changed email security and continuity significantly. With businesses and end-users keeping more mail and for longer, email providers have had to upgrade their services to offer much larger storage capacities and (in some cases) unlimited archiving. Previous IT best-practice would be to archive mails after one or two years, when mailboxes reach a certain size; this is no longer acceptable to many users who use their email as a form of filing and record of almost all communication.
“Much more storage is needed now, but it’s Microsoft’s problem, or Mimecast’s, not yours,” says Thornton. “Our customers have moved to cloud email at unprecedented rates because the benefits are so numerous. It’s virtually unheard of for businesses to have email on-premise unless data sovereignty is an issue.”
Olivier agrees. “With companies keeping emails for longer, there is an impact on storage and storage costs, as well as the productivity and resources needed for the processing of millions of emails. This is particularly difficult for businesses that have email security and archiving hosted locally onsite as they not only need the space and resources for this, but for the backups as well. Cloud services are much easier to manage and scale; they can be expensive in specific circumstances, but they are still better than on-premise solutions.”
With the threat landscape growing in scope and concern, companies will continue to seek out products that offer deeper protection to both internal and external stakeholders. A recent Market Research Future report predicted that by 2023, the email security market will be worth about $18 billion.
In a world where technology connects people across platforms and borders like never before, Badenhorst says, cyber security is about more than just protecting devices. “Our focus needs to be developing ecosystems where everything connected is protected. Over and above consistent education and awareness around cyber security threats and how to ensure protection, security solutions need to predict, prevent, detect and respond to cyber attacks.”
As seen in The Margin