Email Security

Q&A: Libraesva’s CTO: Teams Must Prioritize Email Security In The Era Of GenAI

Expert Insights interviews Rodolfo Saccani, CTO and R&D manager at Libraesva.

Libraesva

Rodolfo Saccani is the CTO and R&D manager at Libraesva. He has an extensive background in experimental avionics, clinical research, and aviation safety, which he has developed while working across Europe and in the USA.

Expert Insights recently reached out to the Libraesva team for Saccani’s insights on the state of the email security threat landscape, how AI is changing the nature of both email threats and email security, and what CISOs should be looking for when choosing an email security solution.

What are the biggest challenges for customers in the email security space today and how are threats evolving?

The evolving threat landscape presents a significant challenge for email security, as organizations must stay ahead of rapidly emerging threats and adapt their defenses in real-time. 

Sophisticated attackers are continually updating their tactics, exploiting the vulnerabilities that arise from remote work arrangements and personal device use to launch highly targeted cyberattacks.

The shift to remote work has introduced new risk vectors, including unsecured home networks, inadequate visibility into employee activity, and increased reliance on public cloud services. This creates an environment where threat actors can easily breach security controls. Artificial intelligence (AI) is now a primary tool for hackers, enabling them to launch highly sophisticated and targeted attacks that compromise email accounts and gain unauthorized access to systems.

 Small and medium-sized businesses (SMBs) are particularly vulnerable due to their limited internal resources and lack of specialized expertise. As the threat landscape continues to evolve at breakneck speed, email security requires a high degree of specialization to stay effective.

How does the Libraesva ESG platform help to teams address these challenges, and how do you differentiate yourselves from competitors?

Libraesva is an email security vendor focused 100% on email. Our company is built around agility, our software platforms are designed to support continuous innovation and rapid deployment of up-to-date security engines.

Being able to quickly react to emerging threats is not enough though. Libraesva ESG implements proactive security: it is designed to block threats that are not yet known. This is crucial for an emails security solution because email is the entry point of any new threat with roughly 200 new malware families per year and hundreds of malware variants within each family that appear for the first time in an email. 

The Libraesva ESG QuickSand Sandbox, for example, is capable to detect and block malicious code that no security system has seen before and for which no intelligence is available through a process that is immune to evasion techniques.

  • Libraesva ESG layered approach, scanning at the gateway and integrating with APIs, allows customers to view the entire flow and details of inbound, outbound, and internal emails in a single interface.
  • Libraesva Adaptive Trust Engine uses AI to understand the usual communication behavior patterns for organizations and individuals to defend against emerging AI threats.
  • Libraesva’s unique multilayered click-time URL analysis can follow all redirects and analyze intermediate stops to detect malicious URLs and evasion techniques.
  • Automatic threat remediation handles compromised messages post-delivery by automatically recalling messages from the user’s inbox.


What are your top recommendations for CISOs in the process of looking for an email security solution?

I can imagine how frustrating it must be to navigate the complex world of email security solutions, where glossy brochures filled with buzzwords and features can make it hard to find a clear answer.

Over the past decade, email security has undergone significant evolution, resulting in increasingly complex solutions that boast substantial performance differences. What was once a straightforward feature can now be implemented in multiple ways, leading to varying levels of effectiveness and making it challenging for organizations to choose the right solution.

When choosing an email security solution, look for vendors with a strong track record of customer loyalty and retention. In fact, some providers deliver extremely high renewal rates, such as Libraesva, which has successfully retained 96% of its customers at the end of each contract term.

Testing an email security solution with your own email traffic is a straightforward and risk-free process. It’s the most effective way to gauge the solution’s performance and ensure it meets your specific needs.

What trends do you expect to see in the email security space in 2025?

Artificial intelligence (AI) has become a game-changer in the cybersecurity landscape, enabling both attackers and defenders to deploy more sophisticated attacks and advanced countermeasures.

As security vendors harness AI capabilities, they can bolster their defenses against an ever-evolving threat landscape. From threat detection and response to automated alerts and behavioral analysis, AI is revolutionizing various aspects of cybersecurity, offering numerous impactful use cases that are becoming increasingly integral to modern security ecosystems.

Humans are often the weakest link in an organization’s cybersecurity defenses, making them a major vulnerability point for email security in particular. Attackers increasingly exploit human psychology, luring victims into clicking on malicious links or opening infected attachments to launch attacks. 

This highlights the urgent need for advanced cybersecurity solutions that leverage machine learning and AI to provide continuous network monitoring, automated threat detection, and proactive defense against targeted phishing and ransomware attacks.

In your view, what should organizations’ top email security planning priorities for 2025 be?

A recent study commissioned by Libraesva highlights that companies are, in general, not prioritizing email security, despite 88% of the CISOs, security and IT professionals surveyed said that their organization has experienced a successful email security attack in the last quarter.

Under half (47%) of those surveyed have seen an increase in their email security budget over the previous year, behind data security (51%) and cloud security (50%). More worrying is that 43% said investment stayed the same and 1 in 12 (8%) said it decreased. With this lack of investment, it is no wonder that under 2 in 5 (36%) CISOs, security and IT professionals surveyed said their email security keeps up with new threats extremely well.

The truth is that the levels of investment, innovation, and skills needed to repel these threats are not being committed. As attackers develop even more sophisticated methods, the gap between these attacks and the ability of traditional email security methods to repel them will only widen. You can find more insights about this research in the report: “Libraesva The Reality Gap”.

Further reading