Gartner's Latest BEC Report Suggests
- Business email compromise (BEC) is a simple, yet deadly attack that can have devastating financial effects on a company
- Traditional email protection like Mimecast and Proofpoint cannot detect BEC attacks because of their fundamental architecture.
- The best way to protect against BEC is to deploy a modern email solution which integrates via API to better understand the organization and protect against internal threats and account takeover.
An Easy Way to Inflict Major Damage
If you are frustrated with your Secure Email Gateway letting unwanted and dangerous emails into your company, you'll be dismayed to learn of another SEG-related shortcoming.
Business email compromise attacks (BEC) are rising in popularity and they are difficult to protect against. Gartner found that BECs increased by nearly 100% in 2019 and through 2023, predicts that BEC attacks will continue to double each year, at a cost of over $5 billion to its victims.
BEC attacks are popular because they are simple to execute. By spoofing a trusted user it requires no malware or malicious URL to convince a recipient to share valuable information or send significant amounts of money.
External Email Gateways Do Not Have the Internal Context Needed
According to the report, external Secure Email Gateways do not have the contextual information they need stop these attacks. Companies like Mimecast and Proofpoint are designed only to monitor inbound email—therefore they have no way of scanning internal email or understanding the context or conversational relationships within an organization. When an external gateway sees an email from the 'CEO' to the 'CFO', it will be the very first time it has seen such a conversation. While an internal solution will have seen thousands of similar real, internal conversations to compare it to, an external gateway can only guess at the context.
Microsoft and Google Cannot Build Local A.I. to Scale
Both Microsoft and Google have the internal access required to prevent BEC attacks and many of their anti-spoofing tools do a good job at blocking basic attacks but their infrastructure cannot perform the per-customer contextual analysis required for most BEC attacks.
They work with far too many companies and customers to properly monitor all internal accounts and understand an organization's relationship and reputation patterns.
Gartner Requirements for a BEC Solution
Every email security vendor claims to prevent BEC attacks, but, according to Gartner a true BEC solution for the cloud must:
- be deployed inside the cloud email server, typically via API,
- offer internal email protection, between users,
- use advanced machine learning for internal email context,
- offer account takeover protection.
According to the report, external Secure Email Gateways fail on all points.
Avanan Technology for BEC Protection
Today, there is only one vendor that offers true inbound protection.
Not only is Avanan the number-one rated email security in Gartner's Peer Insights, it provides all the protections crucial to stopping BEC attacks:
- Machine learning algorithms combine with role-based, contextual analysis of previous conversations to identify threats that Google, Microsoft and external mail gateways miss,
- Deployment-day analysis of one-year's email conversations to build trusted reputation network,
- Scanning and quarantine of internal email and files in real-time, protecting against east-west attacks and insider threats,
- AI and machine learning techniques to rapidly adapt to new threats and behaviors,
- Account takeover protection beyond email: login events, configuration changes and end user activities throughout the suite.
An important benefit of deploying within the cloud email service is immediate access to historical conversations. Within hours of first deployment, the Avanan AI scans a year's worth of email conversations to build a reputation network that not only provides superior BEC protection, it reduces the number of false positives that plague most other email solutions. The 'tuning' that typically take months with other security solutions is done automatically using millions of real email conversations.
Attacks Change Every Day, Only Avanan Is Prepared to Adapt
BEC emails are just the latest methodology in the arms race of attack methods. As organizations move to the cloud, attackers have followed. Only Avanan, built within Office 365 and G Suite are in a position to see the latest attack methods that often bypass externally deployed gateways.
If Gartner is impressed with what we do about email security, they should see what we do for Slack (and, soon, Teams).