Egress has had a successful year – culminating in winning a prestigious award – but this is on the back of a lot of work to improve its email security services and it is something that businesses in the channel can look to offer customers to improve their security.
There was much celebration at Egress in November when the company scooped the Security Innovation of the Year awards for its adaptive security for cloud email at the 2023 UK IT Industry Awards.
Egress took the award as earlier this year, the company became the first cybersecurity organisation to apply an adaptive security model to cloud email. By aggregating product telemetry and behavioural data from across each customer’s cybersecurity ecosystem, Egress provides a single, unique view into human risk throughout the organisation to enhance visibility and surface new insights.
“We were delighted to win that and that shows how innovative Egress is,” says Dan Hoy, director of strategic partnerships at Egress. “It is the leaders in UK IT industry coming together so for us to win that Innovation Award, speaks of the investment we’re making and the products that we’re delivering.”
Fast-growing
Egress is a fast-growing cybersecurity business, headquartered in London with satellite offices in Cheltenham and Sheffield. The company is also growing internationally, with offices in New York, Boston and Brisbane.
“Our focus is email security and we position ourselves in the market as an intelligent cloud email security vendor focused on helping organisations mitigate advanced email security threats both inbound and outbound,” says Dan.
“Inbound includes phishing attacks, potentially business email compromise, those hard to mitigate threats that cause a lot of concern to organisations and most have probably been affected by them in the last 12 months.
“On the outbound side we look to address advanced email security threats such as misuse of email, essentially data exfiltration.”
Joseph Hedegaard-Ganly, Solutions Architect at Saepio Information Security, a partner of Egress, adds that on the outbound side often there’s more data flowing out accidentally than is being stolen by attackers. “A lot of the time it’s a background risk that people don’t necessarily know that they have an issue with,” he says. “it’s not as in your face as inbound phishing, where you’re getting obvious fraud, on the outbound side it can be as seemingly innocuous as sending an email to the wrong person by accident and the person that’s received that email doesn’t let you know.
“Email is still a critical business communication channel. There has been discussion about how email might one day die and everything will be done over WhatsApp or Teams, but in reality is the opposite is true. Email is a trusted communication for official business to business communication. Some of that market noise has meant that three or four years ago, there was a lack of development in email security and we’ve seen that impact on more traditional email security vendors that didn’t put as much emphasis as they should on protecting it. As a result, we’ve seen vendors like Egress stepping up and delivering innovation and recognising that email risk is comprehensive. Almost everywhere where we see businesses suffering data breaches, it is either directly based on an email going out or being the initial access point for an incident.”
Dan adds that Egress also offers Egress Protect. “This is an email encryption product, where once you’ve identified your sending information to the right recipient, what’s the necessary level of assurance and security to apply to that email?”
Dan adds that a key differentiator for Egress is its breadth of capability. “We compete against vendors in that focus predominantly on that inbound piece, but we believe email security is very much inbound and outbound, and often what starts as inbound attack can lead to an outbound data breach if someone’s responding to a phishing attack,” he says. “We take a broader view of the number of cases we can mitigate. It works well in the partner community from a value perspective.”
Better together
Joseph says there is recognition that security is moving towards a ‘better together’ approach where vendors integrate their technology to deliver better outcomes, especially for smaller security teams.
To this end, Egress recently integrated with CrowdStrike. The integration of the Egress Intelligent Email Security suite with the AI-native CrowdStrike Falcon XDR platform enhances Egress’ adaptive security model with identity risk scoring from CrowdStrike Identity Threat Protection – empowering customers to stop email-based threats driven by risky human behaviours.
“Again, it’s extending that risk story beyond purely data sources from our email platform, but to consider other areas of risk, for example, identity management,” says Dan.
“We recognise that risk isn’t limited just to email – although it’s a major threat to any organisation – and we also understand that our relevance to the market and the value we can deliver to customers and partners that are delivering those services to their customers has to be broader than that.”
Joseph adds that integrations like CrowdStrike are giving customers an edge. “Especially in small businesses where we’re simplifying their job, saving in an unbelievable amount of time around something like security awareness training, where historically you might have a single IT analyst having to select and roll out training for 500 staff, which actually ends up becoming a huge task in its own right,” he says.
“Egress is automating that intelligently. integrating with other solutions to deliver better outcomes for teams is quite a big piece of the innovation that we’ve seen in the last 18 months in the email space.”
MSP programme
Also in the past 18 months Egress has invested heavily in the channel, which has had 220% partner generated revenue growth in the last 12 months, according to Dan. “Today about 80% of deals in the UK are partner lines,” he says. “As of the start of next year in the UK, we go 100% channel. That tells the story of the transition we’re making as a business to invest in our channel partners.
“The demand of customers and service providers has probably never been higher. We’re not a commoditised market where it’s just a case of show me a list of features and functionality and I’ll pick the right solution. People and businesses such as Joseph and his team at Saepio are constantly providing that consultative support to guide customers to what the right solution is.”
Joseph adds that in the last few years cybersecurity has gone from something that was only on the board agenda of mature businesses, whereas now they are speaking to SMBs where it is not even a core part of their business, “and yet cyber is on the board agenda,” he says.
“This has meant that the demands from a solutions perspective, not only in terms of what they’re looking at technology vendors to deliver, but also what they’re looking for in terms of outcomes and strategy, has been through the roof.
“The days of being able to throw some licence keys over the fence and that’s your job as a solution provider are gone. We see a minimum bar as being part of the board discussion talking about cyber. The bar has gone up, which is a good thing. I think often we forget that small businesses are impacted a lot of the time in the same proportion as big businesses in terms of loss of revenue, but their capabilities are a fraction of that.
“There’s a real collective responsibility on the solution provider and vendor side, to make sure that we’re offering robust and accessible solutions to actually protect businesses. Those requirements aren’t going to change anytime soon.”
Investment in solutions
Dan says Egress invested significantly in its partner programme so it can deliver the best possible solutions. “The main things that we’re trying to deliver to partners is solutions with real value, which will then drive that recruitment and growth with more partners,” he says.
“One key element is product innovation and vision. A lot of partners want a vendor to not only meet an immediate need, but also give confidence in their future view of threat and a roadmap of how they can develop and expand their customer base and we’ve done a very good job of that. We’re doing a lot around customer advocacy and that third party analyst validation piece.
“There is a predictable profitability play here and that is from a resale perspective. With MSPs our retention rates are more than 90%, which gives real confidence to partners.”
Dan adds that speed is also important within the channel. “Any partner we work with needs to know from a sales and technical perspective that we can be agile and give them the support they need to answer questions they have with their customers in a timely manner.
“That’s what we’re delivering to partners, and we’ve seen real success in that over the last 12-18 months. We’re the only provider in our space offering that fully managed inbound and outbound remediation on email, which is quite a compelling USP for MSPs.”
Continual innovation
Dan adds that Egress will continue this journey in the future as the threats to email continue to grow and the market is demanding the full service offering that Egress provides. “We will continue to invest in that,” he says “We will ensure it delivers what our MSP partners need – so it must be relatively straightforward to manage, install and support. You can’t grow the MSP model without having best of breed technology, so we will continue to innovate.
“In this industry you must continue to innovate because of the threat profiles out there. The attackers are continually innovating so we have to too.”
Dan adds that partners such as Saepio are helping to feed that innovation. “It’s easy in our space to live in a world of email security and if you’re not careful, you can believe your own hype without validation from the market. With people like Joseph and businesses like Saepio, we get that validation and if they believe something can be improved or changed, they’ll be vocal about it because it matters to them and to their customers.”
Joseph adds: “The feedback loop that we have with Egress is one of the more compelling of any of our vendor partnerships,” he says. “We have confidence that they’re going to support our customers over a long period of time because what they work on and develop is not just stuff for the sake of being representative in the market. It’s the things that are going to make a difference to our customers.
“When we look at some core features, not just the integrations that customers are asking for, when it’s Egress releasing it, we’re talking weeks or months rather than it’s on a roadmap for the middle of next year. That does instil a lot of confidence with customers and from our perspective it says we’re in the right ship when it comes to being able to deliver what our customers are asking for.”
