Email Security

Q&A: Angel Grant, SVP At Mimecast, On AI-Driven Email Threats And The Future Of Email Security

Expert Insights interviews Angel Grant, SVP of Product Marketing Management at Mimecast

Last updated on Jan 31, 2025
Joel Witts Written by Joel Witts
Expert Insights Q&A with Angel Grant, SVP At Mimecast

The evolving landscape of email security has forced organizations to confront increasingly sophisticated cyber threats. Attackers are leveraging AI to craft highly targeted phishing campaigns, deepfake-enabled impersonations, and other forms of social engineering that exploit human vulnerabilities.

“Email security can no longer be a standalone defense tactic for businesses,” says Angel Grant, SVP of Product Marketing Management at Mimecast. “Organizations need to understand and proactively detect user behavior anomalies to effectively combat bad actors from exploiting these platforms for personal gain.” 

In this Q&A, Grant shares her insights on the challenges organizations face in email security, how Mimecast’s solutions address these needs, and what trends and priorities will shape the industry in 2025. 

Q. What are the biggest challenges in the email security space today and how are threats evolving?  

The rising sophistication of cyber threats presents a major challenge for customers.  

We’re seeing attackers increasingly exploit advancements in AI. From deepfakes to impersonation scams, bad actors are finding new ways to bypass traditional defenses and convince users to act.  

These threats are becoming more targeted by leveraging behavioral insights to trick users into giving up sensitive information, providing account information, and even committing financial fraud. 

Compounding the issue is the expanded human risk attack surface, driven by remote work and the different platforms employees use to communicate and collaborate. Email security can no longer be a standalone defense tactic for businesses. There is a growing need for organizations to understand and proactively detect user behavior anomalies to effectively combat bad actors from exploiting these platforms for personal gain. 

Q. How does the Mimecast Email Security Cloud Gateway platform help teams address these challenges, and how do you differentiate yourselves from competitors? 

Our Email Security solution is uniquely designed to tackle today’s cybersecurity challenges by integrating advanced anomaly detection, AI-powered threat intelligence, and automation. Beyond basic spam and virus filtering, Mimecast employs sophisticated techniques to detect and block all types of email-based attacks, from phishing and ransomware to credential theft and zero-day attacks.  

Mimecast’s Advanced Email Security has total deployment flexibility and can be leveraged with or without a gateway. Email Security Cloud Integrated, the gateway-less option, is AI-powered and purpose-built to enhance and extend Microsoft 365 protections and does not require a MX record change.   

Mimecast’s global threat intelligence network takes this protection a step further by continuously updating its database to stay ahead of emerging threats, ensuring accurate detection of the latest malware and phishing campaigns.  

The platform is differentiated by a vast partner ecosystem, with over 300 integrations to spur further program efficacy. 

Q. What are your top recommendations for CISOs in the process of looking for an email security solution?  

The ways we collaborate and how we share and use data have evolved from a world in which email was the primary method of communication. Organizations need to look for a unified and dynamic solution to help protect collaboration, detect insider risk, simplify compliance, and empower their users. 

This requires looking carefully at the actions users take, the attacks that target them, and the access they have, and building an individualized risk profile that dynamically adapts for each user. This approach allows security teams unprecedented visibility into human risk and can lead to more tailored interventions when it comes to offering training or adjusting security controls to better protect company data and user safety. 

CISOs must prioritize email security solutions that provide seamless integration into existing ecosystems while offering comprehensive visibility across potential attack vectors. It’s crucial to choose platforms that responsibly leverage AI to enhance detection and automate threat response, enabling teams to stay ahead of increasingly sophisticated attacks. Additionally, platforms that offer advanced anomaly detection and robust employee training programs can equip organizations to identify and mitigate threats like impersonation and malicious QR code or CAPTCHA attacks effectively. 

Q. What trends do you expect to see in the email security space in 2025? 

In 2025, the email security landscape will face increasingly sophisticated AI-driven threats, including deepfake-enabled impersonations and financial fraud schemes. However, I also expect we’ll see a rise in overlooked threats like malicious QR codes – which are often exploited due to insufficient safeguards. To combat these challenges, businesses must prioritize advanced anomaly detection and behavioral analysis tools that address human risk and allow them to adopt more holistic security strategies. 

In your view, what should organizations’ top email security planning priorities for 2025 be?  

In 2025, organizations must move beyond disparate and siloed security solutions, as these will no longer provide adequate long-term protection. Instead, IT and business leaders should prioritize comprehensive security platforms that seamlessly integrate into existing systems and networks. Such platforms should offer flexibility, allowing businesses to adopt capabilities tailored to their evolving demands and emerging threats. By investing in unified platforms, organizations can enhance their threat detection and response while simplifying management and improving overall resilience against sophisticated cyberattacks. 

Any holistic cybersecurity strategy is incomplete without an eye to compliance. There are many new requirements on the horizon, including the upcoming PCI DMARC deadline. Compliance needs will continue to rise in 2025 and beyond, with a greater focus on AI development and usage. At Mimecast, we’ve tried to be ahead of the curve, as we’re strong believers in transparency, safety and sustainability in our AI usage. By building strong foundations to guide AI adoption, organizations can better equip themselves to meet compliance standards, and, more importantly, to keep users safe and informed. 

Further reading 

Joel Witts

Content Director

LinkedIn Email
Joel Witts is the Content Director at Expert Insights, meaning he oversees all articles published and topics covered. He is an experienced journalist and writer, specialising in identity and access management, Zero Trust, cloud business technologies, and cybersecurity. Joel is a co-host of the Expert Insights Podcast and conducts regular interviews with leading B2B tech industry experts, including directors at Microsoft and Google. Joel holds a First Class Honours degree in Journalism from Cardiff University.