Skip to main content

Email security products failing to identify unknown threats

(Image credit: Image Credit: Evannovostro / Shutterstock)

Cybersecurity solutions that aim to protect email inboxes from cyberthreats are under-performing, new analysis has shown.

According to a new report from cybersecurity firm BitDam, “leading email security products” fail to recognise unknown, consumer-targeted threats almost a third of the time. On enterprise level, the figures are marginally less grim, with two-thirds of equivalent threats identified.

Further, almost half of unknown threats (45 percent) bypass at least one of the leading products, such as Microsoft Office 365 ATP, G Suite Enterprise and ProofPoint TAP.

These solutions work on a simple principle: make unknown threats known, as quickly as possible. However, this process is taking “hours or even days”, which BitDam describes as “unacceptable risk” for consumers.  

On average, the solutions need anywhere between 10 and 53 hours to begin protecting against threats that were initially missed, affording criminals time to execute their attacks.

BitDam believes the best way to move forward is to use threat-agnostic technologies that do not require previous threat knowledge in order to function effectively.

“Since data-driven threat detection technologies fail to provide protection against unknown threats due to their inherent dependency on data, they must be augmented by a different type of technology in order to provide better email security," said BitDam.