Date: November 2021 Author: Dave Gruber, Senior ESG Analyst
The rapid move to cloud-delivered email, together with a less-than-comprehensive native email security offering from Microsoft, has spawned a new category of email security controls referred to as cloud email security supplement (CESS) solutions. This new category of offerings intends to close gaps that organizations have identified within the native email security controls offered within Microsoft 365 (M365) and controls included within traditional secure email gateways (SEG).
Most CESS products tout their ability to address one or more of these gaps, helping organizations protect against phishing, credential theft, business email compromise, ransomware, data leakage, interruption in business continuity, and other less publicized gaps. These “mini-add-on-platforms” attempt to provide a one-stop-shop approach to closing email security gaps, without overlapping with the native email security capabilities already included with M365.