Email Security

8 Email Security Experts Share Their Predictions For 2025

We asked 8 email security experts what trends they expect to see in 2025.

Last updated on Jan 15, 2025
Joel Witts Written by Joel Witts
2025 Email Security Trends

As business email compromise (BEC) and other targeted email threats continue to evolve, robust email security measures are more critical than ever.

Looking ahead to 2025, what innovations and strategies will emerge to combat these sophisticated challenges and protect organizational communications?  

We asked 8 experts for their perspective and predictions: 

Brian Reed, Senior Director of cybersecurity Strategy, Proofpoint: “Generative AI is making an impact in the email security space, and I foresee several effects surfacing in 2025. I expect to see Business Email Compromise (BEC) attacks continue to rise over the next year…Further, as end users and employees become more reliant on AI agents to compose and send emails on their behalf, there may be an increase in the likelihood of mistakes as these agents are new to market. I also would not be surprised to see a rise in impersonation attacks, specifically messages designed to try to subvert MFA credentials to compromise key accounts like Microsoft 365, identity providers, and other critical SaaS applications.” Read the full Q&A 

Usman Din, Director of Product Management, Cisco Security: “As threat actors grow more sophisticated and organizations face increasing regulatory pressures, we expect to see some new (and not so new!) trends in email security for 2025: increased focus on AI-powered threat detection and response, growing use of obfuscation techniques, rising demand for API-based and cloud-native email security solutions,  zero trust integration with email security [and] increased use of post-delivery protection and remediation.” Read the full Q&A 

Angel Grant, SVP of Product Marketing Management at Mimecast: “In 2025, the email security landscape will face increasingly sophisticated AI-driven threats, including deepfake-enabled impersonations and financial fraud schemes. However, I also expect we’ll see a rise in overlooked threats like malicious QR codes – which are often exploited due to insufficient safeguards. To combat these challenges, businesses must prioritize advanced anomaly detection and behavioral analysis tools that address human risk and allow them to adopt more holistic security strategies.” Read the full Q&A 

Olesia Klevchuk, Director of Product Marketing, Barracuda Networks:  “Both attackers and security teams will leverage AI more extensively, with security teams focusing on adaptive and predictive threat prevention. As cloud adoption grows, API-based email security will become the standard for real-time, adaptive protection. Organizations will seek integrated platforms that combine email security, XDR, and other security layers to streamline operations. Rising data privacy laws and security regulations will drive demand for compliance-ready email security solutions.” Read the full Q&A 

Tony Anscombe, Chief Security Evangelist, ESET: “Ransomware remains a major focus for organizations and legislators. If regulation makes paying an extortion demand complicated and reduces the monetization back to bad actors, I suspect that bad actors will switch to other methods of extracting money and data from companies…Further use and refinement of AI and machine learning technology will enhance protection for email solutions going forward. In the same way bad actors are improving the content of emails using natural language models, defenders will utilize the same technology to detect those threats.” Read the full Q&A 

Rodolfo Saccani, CTO & R&D Manager, Libraesva: “A recent study commissioned by Libraesva highlights that companies are, in general, not prioritizing email security, despite 88% of the CISOs, security and IT professionals surveyed said that their organization has experienced a successful email security attack in the last quarter…The truth is that the levels of investment, innovation, and skills needed to repel these threats are not being committed. As attackers develop even more sophisticated methods, the gap between these attacks and the ability of traditional email security methods to repel them will only widen.” Read the full Q&A 

Eddie Monaghan, Sales Enablement Officer, TitanHQ: “We will see even more utilization of AI, by both threat (actors to create phishing campaigns) and vendors (to improve detection rates). There will be more multi thread attacks with bad actors augmenting e-mail attacks with text messaging and AI powered voice impersonation calls. We’ll see more focus by vendors on providing security on the main email platforms like M365 and Workspace, as more customers move their e-mail into these environments.” Read the full Q&A 

Rajan Kapoor, Field CISO, Material Security: The obvious answer here is the continued expansion of AI within email security tools…Understanding how these models are trained, how they operate, how they handle data, and how their results are verified is critical.. We’re also hopeful that in 2025, the market will recognize the importance of seeing email security through the lens of the entire spectrum of threats against the productivity suite. Not just inbound attacks, but data exfiltration from the inbox, external sharing of sensitive files from shared drives, misconfigurations, and risky user behaviors…all of these things can have the same impact as clicking a link on a phishing email, yet receive a fraction of the attention. Read the full Q&A

Further reading

Joel Witts

Content Director

LinkedIn Email
Joel Witts is the Content Director at Expert Insights, meaning he oversees all articles published and topics covered. He is an experienced journalist and writer, specialising in identity and access management, Zero Trust, cloud business technologies, and cybersecurity. Joel is a co-host of the Expert Insights Podcast and conducts regular interviews with leading B2B tech industry experts, including directors at Microsoft and Google. Joel holds a First Class Honours degree in Journalism from Cardiff University.