Outlook for the Email Security Market

Outlook for the Email Security Market

Since COVID-19 forced nearly 1.5 billion workers into their home offices, email usage has spiked dramatically. Scammers, spoofers, phishers, and other bad actors have created a greater need for email security, especially when home offices make individuals more vulnerable to these threats. To understand what this means for the email security marketplace itself, GLG talked to Joe Hlavin, GLG Council Member and Principal at H III Enterprises. Below are a few select excerpts from our broader discussion.

Let’s begin with your view on security spending, particularly for the email security market. Are you seeing it increase or decrease and do you expect this to stay the same, increase, or get worse?

Email security spending was somewhat halted in late Q1 as work-from-home efforts took priority, but throughout Q2, email security began to move its way back up the priorities list as organizations began to realize that working from home greatly enhances the threat vector, particularly in email. Email continues to be the most popular attack. There was a 30% increase in impersonation fraud in the first 100 days of COVID. These attacks are not solely focused on the corporate network; they now also focus on the home network.

Once an attack is initiated on a home network, bad actors can move parallel across to the corporate endpoint. Once a home PC, modem, router, or access point is compromised, it makes accessing the endpoint on those networks that much easier. Organizations have begun increased spending, beefing up not just expansion of their existing solutions but also security awareness trainings to focus on employee awareness.

With multiple opportunities in multiple markets, expect the market opportunity to continue to grow faster for email security than the overall security market as a whole.

With the continuation of work-from-home or work-from-anywhere, there’s a greater concentration on the need for email security, including spoofing and phishing attacks. Do you see this continuing to be a priority for the remainder of 2020 and for 2021? And which companies do you believe are best positioned here to win?

We do continue to see it be a priority for the rest of this year and into 2021. Email security is very much dependent upon employees’ actions. Bad actors spend all their time looking at social engineering to find successful threat vectors. With employees relocating, there are several items to keep in mind. First, the threat vector has changed. Employees on home networks are not as secure as within the enterprise. We’ve seen this manifest, as phishing directed toward enterprise has decreased, while phishing attacks pointing toward the home have significantly increased. This is calculated to compromise endpoints on home networks.

It’s also important to consider that the culture of work-from-home is different from in the office. Security awareness has become crucial to remind employees that threats do exist, and that company policies extend to the home office. With an increase in bad actors and the fact that only about 50% of businesses have an email security system — especially in SMB — there is still much growth to be recognized.

With that said, Proofpoint, Microsoft, and Mimecast are probably best positioned to meet the demand. Proofpoint is a strong solution for email protection, encryption, archiving, and continuity delivered as a single platform with a single management console. It has unparalleled ability to identify email threats with its global threat intelligence platform that spans email, social, and mobile. Other vendors rely on third parties for their threat intelligence, making them somewhat less accurate. What’s more, Proofpoint has quickly formed partnerships around work-from-home strategies. This is what it seems to do best. It seems to identify a trend and quickly form a strategy to execute against that strategy in that market shift.

Microsoft has the benefit of Office 365, which gives it the unique ability to provide a product via its ACP solution. While this solution does work well, it’s limited to Office 365. Integration and management are not developed as third-party solutions. It is a very low-cost alternative and a lot of SMBs opt for it, but most enterprises essentially have two solutions — an ACP solution plus a Mimecast or ACP plus Proofpoint.

Mimecast is probably the most fully featured solution, and it monitors billions of emails and has a large threat database. It’s good for customers because they always keep up to date on the latest threats and they’re ready to protect any organization against them. While they recently are spending most of their focus on the enterprise market, they’re rather expensive in comparison with Proofpoint and some of their other competitors and they spend a lot of time defending that cost differential.

Proofpoint seems to be largely displacing their competition. Whom are they stealing share from? And what is your thought as to what is driving these switches?

Proofpoint has indeed been almost dominating in their win rates over the past several quarters. We don’t really see too much switching between Proofpoint and Mimecast, nor do we see organizations abandoning Microsoft.

Instead, they’re gaining shares from some of the industry veterans, such as Trends and Symantec. Trends and Symantec both seem to have these competing internal strategies, which make their offerings and their vision somewhat confusing at times.

Smaller businesses have moved away from Symantec for a couple of different reasons. They’re releasing fewer features, but their price tags are going up. There have also been issues with Symantec’s threat detection for a long time, and their effectiveness against phishing and posture emails has been somewhat subpar for a long time.

Trends had difficulty in maintaining compliance with some of their customers, a crucial factor that drives so many security sales. Trends has also had a lot of confusing end-of-life announcements, which have left their customers wondering what they should do with their product. It’s been driving some of their customers to competitors just because the announcements themselves are very vague.


About Joe Hlavin

In addition to being Principal at H III Enterprises, his consulting firm, Joe Hlavin acts as Director of Sales and Business Development at n2Grate, a nationwide data center and cloud integration company that focuses on hardware, software, training, professional, and cloud services for public sector and large business clients. Joe has more than 25 years of selling technology into Tier 1/2 U.S. operators and has deep technical and business understanding of several technology areas such as data centers, cybersecurity, access (wired and wireless), mobile wireless, and NFV.


This article is adapted from the July 23, 2020, GLG teleconference “Email Security Market: PFPT, MSFT, MIME, AVGO, FEYE.” If you would like access to this teleconference or would like to speak with Joe Hlavin, or any of our more than 700,000 experts, contact us.