The Forrester Wave™: Enterprise Email Security, Q2 2023, is live!

Practically dormant for a decade, the enterprise email security market has sprung to life, with mass customer migration to cloud email, rapid adoption of machine learning, and the widespread use of APIs to connect systems, bolster platforms, and share data. These aligning market forces are driving a resurgence of interest in this space from enterprises of all sizes, the vendors that serve them, and the venture capital firms funding innovation in this space.

This research used 26 different criteria to evaluate 15 vendors: Abnormal Security, Barracuda Networks, Broadcom, Check Point Software Technologies, Cisco, Cloudflare, Fortinet, Fortra, Google, Microsoft, Mimecast, Proofpoint, Sophos, Tessian, and Trend Micro. Here’s what stood out for me.

M&A Is Alive

The rise of cloud-native, API-enabled email security solutions (CAPES) in 2021 coincided with 1) the rise of extended detection and response platforms hungry for email telemetry and 2) the fall of the CFO’s axe on security tech budget line items tied up with platform consolidation (more to come on that shortly from myself and Jeff Pollard). This led CISOs and their teams to look closely at CAPES vendors as cost-effective alternatives to the stalwart secure email gateway (SEG) that could supplement the native capabilities of email infrastructure providers — and gave those CAPES vendors the VC funding they needed for growth or acquisition. A flurry of M&A activity ensued with acquisitions of five CAPES vendors in the last 18 months, including one just last week. Of note, two of the Leaders in this evaluation entered the email security market through their CAPES acquisitions.

Additionally, legacy SEG vendors made moves of their own, including going private, developing API-enabled deployment options, and acquiring complementary technologies. Expect more activity in this space as vendors in adjacent tech categories such as data protection, endpoint detection and response, and managed detection and response buy or develop telemetry sharing and managed services relationships with those remaining CAPES vendors.

Monogamy Is Dead

The emergence of a new email security vendor category (CAPES) and the rush of legacy players to remain competitive means that customers have more choice than ever when it comes to protecting how employees, customers, and partners communicate and collaborate. Often, security and tech leaders are choosing more than one email security partner in a layered or multilayer approach to protection. This was validated by the customer reference calls conducted as part of the evaluation. Of the 37 customer references interviewed, just two were working with a single enterprise email security vendor.

Why are these security leaders choosing to incur the expense? There are two principal reasons: peace of mind (primarily) and greater total efficacy. Why have one layer of protection when you can have two or three? Additionally, one email vendor may not fully meet a customer’s needs. For example, one may offer better outbound protection such as encryption and data loss prevention, and one may deliver better content analysis capabilities. Enterprises can now blend capabilities to create the perfect match for their environments.

Communication And Collaboration Protection Is The New Frontier

The use of messaging, collaboration, file sharing, and enterprise software-as-a-service applications across multiple devices all contribute to employee productivity and experience. Many of these environments are considered “closed,” but one successful phish of a supply chain partner’s credentials opens your organization up to data loss, credential theft, fraud, and ransomware attacks.

Protections developed for the email inbox must extend to these environments and throughout the day-to-day workflows of your employees. As of this evaluation, few vendors currently offer support, though many plan to add capabilities in the next 24 months. When selecting or renewing with an enterprise email security vendor, understand which is delivering or prioritizing a more comprehensive approach to protecting all the ways that your people work.


Check out the full report here for more detail: The Forrester Wave™: Enterprise Email Security, Q2 2023. And Forrester clients seeking their next primary — or secondary — provider can schedule an inquiry or guidance session with me for additional insights.