As we near the end of 2012, it seems like the perfect time to rehash one of the big themes that has pre-occupied enterprises over the past 12 months -- content security. Forrester's Wave Report takes it one step further -- taking an in-depth look at the area of security that enterprises really need to take note of. 

Email Content Security Wave

The report entitled "The Forrester Wave: Email Content Security, Q4 2012", alludes to the fact that email continues to be the favored collaboration tool on the market -- despite advances in social media. Enterprises need to secure that content as it moves from one account to another.

In order to do this, as in all other areas of information management, enterprises are turning to vendors that adhere to a number of criteria outlined by the enterprise, which take into account business needs and IT concerns.

But do they work? Clearly that depends on what vendor the enterprise has decided to go with. As a starting point, Forrester has taken a list of 9 vendors and 18 user companies and evaluated them against 47 criteria. These companies include: Barracuda Networks, Cisco, McAfee, Proofpoint, Sophos, Symantec, Trend Micro, Trustwave and Websense.

There were a number of different ways of making it into the Wave -- which we will take a brief look at later. Out of those nine companies six have been identified as leaders, with the other three providing competitive offerings.

Symantec, Cisco, Proofpoint, Trend Micro, Websense, and McAfee lead the pack with Barracuda Networks, Sophos, and Trustwave in the ‘competitive’ space.

Email Security Trends

Before taking a brief look -- there are number considerations that enterprises must keep in mind before choosing an email content security vendor.

In this respect, Forrester warns that these are not the only vendors in the market and that enterprises really need to look at all the vendors out there before making a selection. This Wave, it says, is only a starting point.

With that in mind, businesses need to approach security by looking at the role email plays in the business environment. No matter what vertical, or enterprise, and no matter how much workers are using social media to collaborate, email is wired into the heart of the enterprise business processes.

However, despite its importance, enterprises invest relatively little in email security -- just 7% of security budget. This is a false economy. Email must be safeguarded because:

  • The threat landscape is constantly changing: In the past spam and signature-based malware were the biggest threats. Now enterprises have to deal with attacks via spear phishing campaigns.
  • Punitive fines: The content contained in emails is often covered by regulations concerning the safety of personal data. The fines for breaching HIPAA provisions can rise to US$ 1.5 million for a breach of regulations. And this is only the start.

Shifting Email Security Landscape

In response to the changing landscape, vendors are developing their offerings to include: