Broadcom Alternatives: Five Email Security Strategies for Symantec Customers

Email-based cyberattacks continue to be a major risk factor for organizations, and thus email security continues to be a priority area of defense. This is why Email Security.cloud (formerly Symantec Email Security.cloud)) customers need to closely review the September 2020 report from the independent market research firm Osterman Research.

When it announced the Symantec acquisition, Broadcom laid out plans to focus on endpoint security, web security and data loss prevention, areas the company cited as its “highest revenue opportunities.” It made no mention of email security. Broadcom also said it would shift its go-to-market strategy to focus on the Global 2000.

What the Symantec Acquisition Actually Means for Customers

After noting that more than 90 percent of cyberattacks are delivered by email, the Osterman report warns that “Current Symantec email security customers must not take lightly Broadcom’s change in focus and priority, since this could have significant implications in the not-too-distant future.”

Although Symantec continues to offer email security, the report continues, underlying changes to the company’s business focus have aroused realistic concerns on whether or not Broadcom will continue to invest and support it in the future. Already, Osterman points out, Broadcom has begun to deprioritize its smaller customers and changed certain policies for its mid-sized and larger customers.

What Alternative Strategies Do Symantec Email Security Customers Have?

If you’re an existing Symantec email security customer, it’s important to consider your options. 

In the new report, which was sponsored by Mimecast, Osterman outlines five possible alternatives:

1. Continue using Symantec email security. This is the path of least resistance, since there’s no need to reconfigure your systems or retrain your staff. In all probability, you will receive the same level of protection that you currently have, although with less product support. Over time, though, this approach entails more risk. A vendor that’s less committed to a product line may not update it as often as necessary. And email security products need to be updated and curated on a continuous basis. This is especially pertinent considering the more than 350,000 new instances of malware that surface on a daily basis, including the malicious code behind the latest spate of ransomware attacks.
2. Rely exclusively on Microsoft Exchange Online Protection. For Symantec customers who are also Microsoft 365 (Office 365) users, relying on Microsoft Exchange Online Protection (EOP) is the least expensive and simplest alternative, given that EOP is already part of the MS 365 platform and is active by default. The downside, Osterman says, is that the basic anti-spam, anti-malware and domain-spoofing protection it provides isn’t on a par with many alternative solutions. “Best practice dictates that endpoint and gateway protection should be offered by different vendors for maximum efficacy,” the report also observes.
3. Upgrade to Microsoft Advanced Threat Protection. A better but much more expensive option is to upgrade to Microsoft Advanced Threat Protection (ATP), which delivers added safeguards such as enhanced document and URL-checking for Microsoft file types. The Osterman report adds, however, that ATP consistently misses certain types of threats, while, surprisingly, a lab analysis rates its accuracy as slightly below that of EOP’s.
4. Supplement Microsoft 365 with a cloud-based email security supplement. Still another option is to deploy a cloud-based solution to supplement MS 365’s native security. This approach, which Gartner refers to as Cloud Email Security Supplement (CESS), relies on a cloud-based add-on to inspect emails once they reach the user’s inbox and then quarantine and ultimately remove suspicious messages leveraging the APIs provided by M365. According to Osterman, there are two potential problems with this alternative. The first is the limited flexibility that it offers, and the second is that Microsoft provides no service level agreement (SLA) for API access. This creates a performance and scalability dependence over which the CESS or the customer has no control. Osterman recommends that a CESS, if used at all, can be used as a supplement to a secure email gateway.
5. Replace Symantec with a different secure email gateway. The fifth alternative is to swap out the Symantec email security product for a comparable but different best-of-breed secure email gateway (SEG) solution. If organizations have become comfortable with the use of the Symantec SEG, swapping over to a vendor that is dedicated to email security for foreseeable future can minimize the cost of switching and will not introduce a new approach for their email security. The Osterman report goes on to enumerate the key capabilities that should be considered when selecting a replacement SEG, including: best-of-breed security stack that does not rely on a single form of detection, open APIs and off-the-shelf integrations with common components of a security infrastructure, as well as providing easy-to-use tools for employee self-service.

The Bottom Line

Email-based cyberattacks are a major risk factor for most organizations, and for Symantec email security customers the changes taking place as a result of the acquisition by Broadcom heighten those risks. At a minimum, impacted organizations should be alert to the potential downsides of their relationship with Broadcom and — particularly if they fall outside the of its top customer classification — consider the alternatives discussed above for their email security.