Email remains one of the primary malware delivery methods. With over 90% of successful cyberattacks starting with phishing1 and business email compromise (BEC) attacks accounting for nearly $3 billion in losses per year2, email security has never been more important.

Furthermore, with the advent of generative AI (GenAI), these phishing and BEC attacks are expected to pose an even greater threat. According to a survey by 451 Research S&P Global Market Intelligence, 83% of security leaders express concern about GenAI enabling more advanced phishing and BEC attacks, up from 21% a year ago.3

The need for a comprehensive email security solution is clear, but the threat posed by email-based attacks goes deeper. Given email’s prominent role as the starting point of an attack and/or as part of a multi-stage attack, siloed email security proves to be less effective in combating the dynamic threat landscape. An​ email security solution’s level of integration with a broader MDR service or XDR platform to provide deep visibility and – optimally – control to SecOps teams provides the best outcomes.​

Following multiple enhancements to Sophos Email, the only MDR-optimized email security solution, Sophos is introducing two new offerings to boost email security posture. Sophos EMS provides deployment flexibility and integration into Sophos MDR and XDR, while Sophos DMARC Manager ensures DMARC compliance for improved security and brand trust.

Sophos Email

Sophos Email is the only MDR-optimized email security solution, providing comprehensive email security via a single offering.

Sophos Email delivers protection against phishing and BEC attacks through multi-layered defenses powered by natural language processing (NLP). With NLP-powered message scanning, phishing and BEC attacks are blocked from inboxes before users can interact with them.

Sophos Email’s native integration with Sophos MDR and Sophos XDR provides truly unmatched threat visibility, response capabilities, and centralized control for security teams. These capabilities enable security teams to have a holistic view of email telemetry and take actions during critical events.

Sophos Email also seamlessly integrates with M365 and Google Workspace, enhancing the security posture of organizations’ existing investments.

NEW Sophos Email Monitoring System

Sophos Email Monitoring System (EMS) is an easy-to-deploy, powerful sensor that detects threats other email security products miss and provides unrivaled visibility and control to Sophos MDR and XDR. EMS is not an alternative to Sophos Email – it is designed for customers of third-party email security solutions. By providing a second layer of scanning, EMS also helps evaluate the efficacy of an existing third-party solution.

Sophos EMS easily deploys on top of any existing email security solution to add a layer of threat identification with zero disruption to existing email flow or security policies. Leveraging 20+ AI/ML models, including NLP, Sophos EMS identifies malicious emails otherwise missed.

Sophos EMS natively integrates email telemetry into Sophos MDR and Sophos XDR. This native integration provides visibility and control to Sophos MDR and XDR that third-party email security solutions can’t.

Manual clawback functionality in Sophos EMS allows email administrators and security analysts to remove malicious emails from user inboxes that were missed by the existing third-party solution but identified by EMS.

NEW Sophos DMARC Manager – Powered by Sendmarc

Sophos DMARC Manager is the result of a partnership between Sophos and Sendmarc, one of the leading DMARC solution providers. As a protection add-on for Sophos Email and Sophos EMS customers, Sophos DMARC Manager quickly and easily helps organizations ensure and maintain DMARC policy compliance​, an increasingly prominent requirement backed by major email providers, governments, and regulators.

Sophos DMARC Manager protects an organization’s users by verifying a sender’s identity. This protection prevents two increasingly sophisticated types of phishing and BEC attacks: domain spoofing and impersonation attacks.

By ensuring an organization’s DMARC compliance, Sophos DMARC Manager helps protect an organization’s brand reputation while improving delivery rates for outbound emails.

DMARC compliance is an ongoing endeavor. Sophos DMARC Manager’s intuitive dashboards, automated monitoring, and comprehensive reporting simplify the otherwise onerous task of maintaining DMARC compliance.

As email continues to be a primary vector for cyberattacks, organizations must evolve their defenses to meet increasingly sophisticated threats, especially those amplified by generative AI. Sophos’ MDR-optimized email security portfolio, now enhanced with EMS and DMARC Manager, reflects the market’s shift toward integrated, visibility-rich solutions. These additions not only enhance email threat detection and response but also support broader security operations through MDR and XDR integration.

– Monika Soltysik, senior research analyst for Security and Trust at IDC

1https://www.cisa.gov/shields-guidance-families

2https://www.ic3.gov/AnnualReport/Reports/2024_IC3Report.pdf

3451 Research S&P Global Market Intelligence – Voice of the Enterprise: Information Security, Organizational Behavior 2024