Gartner Blog Network

Anti-phishing and Email Security Research Publication List

by Neil Wynne  |  June 7, 2019  |  Comments Off on Anti-phishing and Email Security Research Publication List

Gartner’s anti-phishing and email security analyst cohort (Mario de Boer, Peter Firstbrook, Patrick Hevesi and I) has written great research on these topics. I’ve collated and listed these notes so they’re easier for our clients to find.

Fighting Phishing — 2020 Foresight
Analysts: Peter Firstbrook, Neil Wynne
Summary: Phishing attacks are increasingly using impersonation to bypass traditional defense mechanisms. Weak sender identification will continue to present opportunities for creative attacks. Security and risk management leaders should use this research to adjust their strategy and business processes.

Mitigating the Risk of Phishing When Technical Security Controls Fail
Analyst: Mario de Boer
Summary: Phishing attack prevention is far from perfect. Technical professionals must understand end user’s role in phishing detection and the human role of the incident responders during phishing response. Emerging technologies support users and incident responders with phishing detection and response.

Toolkit: Security Incident Response Scenario for Phishing Attacks
Analysts: Brian Reed, Neil Wynne
Summary: Security incidents happen within all organizations, and mistakes in responding to these incidents can have serious repercussions. This Toolkit contains best-practice materials that security and risk management leaders can use to run a tabletop exercise testing their response to a phishing attack.

Market Guide for Email Security
Analysts: Neil Wynne, Peter Firstbrook
Summary: Large-scale migration of email to the cloud has necessitated a strategic shift in how to secure this communication channel. Security and risk management leaders must adopt a continuous adaptive risk and trust assessment mindset to protect inboxes from exposure to increasingly sophisticated threats.

How to Build an Effective Email Security Architecture
Analysts: Mario de Boer, Patrick Hevesi
Summary: Email is the most commonly used channel for both opportunistic and targeted attacks on client endpoints. This assessment analyzes how technical professionals can use email security technologies to protect against attacks such as business email compromise, advanced malware, phishing and spoofing.

Solution Comparison for Nine Secure Email Gateways
Analysts: Patrick Hevesi, Mario de Boer, Mark Judd
Summary: Email is the preferred channel for targeted and untargeted attacks for users and their client endpoints. This document provides technical professionals with a tool for selecting SEG products to protect their enterprises’ email against attacks, compromise, malware infestation, phishing and spoofing.

Additional Resources

View Free, Relevant Gartner Research

Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.

Read Free Gartner Research

Category: information-security-management-program  security-of-networks-and-endpoints  security-of-networks-and-endpoints-for-technical-professionals  security-of-the-cloud  security-of-the-cloud-for-technical-professionals  

Tags: emailsecurity  phishing  seg  

Neil Wynne
Principal, Analyst
11 years at Gartner

Neil Wynne is a Principal, Analyst on the Transformational Security team within Gartner Research & Advisory. Mr. Wynne's research efforts cover several aspects of cybercrime and fraud prevention, including email fraud and anti-money-laundering. Read Full Bio

Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.