1 – “What is your view of the cyber security market, and email security especially, Brian?”

I think how rapidly the cybersecurity space is evolving makes it such an incredibly interesting and challenging field in which to work. Although as an industry it feels like we’ve come a long way, I think in 50 or 100 years’ time when people look back to now, it will be seen as just the beginning. With so many aspects of our lives now managed by or through technology, our threat surface area continues to grow and with it, the need for new and innovative security solutions. I think the average person’s understanding of cyber threats and appreciation of security has increased tremendously over the past few years, which is great as technology on its own is only half the battle.

In terms of email security, currently there’s a dichotomy between traditional email security gateways which protect the perimeter, and newer, API-based solutions which protect the mailbox. While both sides make a case for their method of deployment being the way to go, I think we’re slowly moving towards a future where best practice will be to have a solution for both. We already see some MSPs recognising this and offering a gateway solution from one vendor, combined with an API-based solution from another vendor, although there are pros and cons to this approach.

2- “How are MSPs being let down by the existing range of email security vendors?”

I believe they are certainly being underserved in a number of areas. This is mainly due to the fact that most, if not all, email security solutions on the market today predate MSP – or were built in a way that never envisioned the need for a tier between vendor and customer. Although lots of ‘MSP-focused’ vendors have retrofitted this additional tier, they offer no genuine central management or cross-tenancy capabilities, making it very difficult for MSPs to manage email security for their clients in an efficient and effective way.

For example, an MSP with 50 clients has no central visibility of traffic to their tenancy as a whole, meaning on occasions where an attack evades detection, they’ve no idea if it has been received by 1 end-user or 50 – and from an incident response perspective, this is quite problematic. We’ve heard stories from MSPs where a user at one client receives a phishing email and they report it to the vendor, only for another user at a different client to receive the very same phishing email a day later. If the MSP had the ability to create global rules, they could have instantly blocked that threat for their entire client base – but as I mentioned early, existing solutions are deficient in cross-tenancy capabilities.

The modern MSP wants solutions that are easy to deploy, highly automated, centrally managed, and continually prove their value to the end-customer – and I think a lot of email security vendors are lacking in these departments.

3- “Tell me about the fresh approach that Mesh is taking to tackle these challenges for MSPs head-on?”

At Mesh, everything has been carefully designed to help MSPs reduce admin time, enhance detection capabilities, and ultimately grow their cybersecurity revenue. The Mesh MSP Hub, which is a single pane of glass from where our partners can manage their entire client base – from searching for emails to hunting and removing threats, to deploying global rules and polices – all in real-time, across all clients. This is essentially the first MDR tool for email, a product category that doesn’t actually exist yet, which makes it extremely exciting to be able to offer a completely unique tool to our partners.

We also wanted to provide flexible options for deployment, so we built an email security gateway, with the imaginative name (haha) of Mesh Gateway. Our API based service (Mesh 365) is scheduled for Q1 release, and in Q2 partners and customers will have the option of using both in combination – delivering perimeter and mailbox protection in a unified solution.

4 – What do you see coming next – what predictions have you made and where is Mesh going to remain ahead?”

As I touched on in question 1, we’ll see more and more MSPs providing their clients with a unified approach to email security – both perimeter and mailbox protection. I think email will continue to be the #1 riskiest communication vector for businesses, and new threats and scams will continue to emerge. To stay ahead of the curve, we must continue to innovate and develop detection techniques to protect against these new threats. At Mesh, we’re completely R&D focused and we’ve got some of the brightest minds in email security that enjoy playing a crucial role in the fight against cybercrime – this fuels us.

5- “What’s the best means of engagement for an MSP looking to make a change with their email security vendor?” (Direct engagement / through distribution / book a demo or do you have any webinar dates, etc)?

Traditionally, I think MSPs preferred to deal directly with the vendor, but now we see distributors that genuinely add value – so it ultimately depends on the preference of the MSP. At Mesh, the choice belongs to the MSP – they can deal with us directly or via distribution partners.