Interviews - News - Analysis: For successful growth with Managed Security Services
MSP Journey · Exploring the truth · Managed Security Services · Logo
Premium Content
learn more

The most dangerous email is not the one that ends up in the spam filter – but the one that looks deceptively real

Why email security is so important Attacks via email are as old as technology itself. But whereas in the past, clumsy phishing attempts could be quickly exposed, today’s attacks are so sophisticated thanks to artificial intelligence that even experts are sweating bullets. “The threat landscape has changed dramatically,” warns Björn Friedrich. “Emails created by AI […]

Why email security is so important

Attacks via email are as old as technology itself. But whereas in the past, clumsy phishing attempts could be quickly exposed, today’s attacks are so sophisticated thanks to artificial intelligence that even experts are sweating bullets. “The threat landscape has changed dramatically,” warns Björn Friedrich. “Emails created by AI look more authentic than ever and make it more difficult to detect fraudulent messages.”

Targeted attacks in which hackers pretend to be business partners or superiors in order to steal confidential information or initiate money transfers are particularly perfidious. “Cyber criminals use social engineering in combination with personalized messages to gain trust – and with frightening success.”

The most important protective measures

To arm yourself effectively against email threats, Vectano GmbH recommends a holistic security concept. This includes:

1. spam and malware filters: these detect and block suspicious emails before they are delivered.

2. AI-supported threat detection: Smart algorithms analyze email content in real time and identify potential threats.

3. link and attachment scans: Links are only checked when they are clicked on to prevent subsequent manipulation.

4. authentication mechanisms: processes such as SPF, DKIM and DMARC prevent emails with forged senders from ending up in the inbox.

5. email encryption: Confidential data should always be transmitted in encrypted form.

6. backup and archiving solutions: Important emails should be stored securely and backed up regularly.

Security as a managed service

More and more companies are turning to managed services to optimize their IT security. “Our customers benefit from an all-round protection package that includes all relevant security measures,” says Friedrich. The big advantage: instead of having to invest heavily in security technology and specialist personnel themselves, companies receive a professional solution for a fixed monthly fee.

The response has been consistently positive. “Many companies now realize that IT security is not a luxury, but an essential investment in their future. Anyone who still believes that they are not being targeted by cyber criminals is being grossly negligent.”

Employee training as the key to security

In addition to technical protective measures, the human factor also plays a decisive role. “Even the best security system won’t help if employees react carelessly to fraudulent emails,” explains Björn. Vectano therefore relies on regular awareness training, in which employees learn to recognize suspicious emails and handle sensitive information securely.

Simulated phishing campaigns are also carried out to raise awareness of the dangers. “Many employees are amazed at how convincing some scams are. But it is precisely through this training that they improve their ability to react and can protect their company from real attacks.”

  • Highlights in 90 Seconds

Anyone who still believes that they are not being targeted by cyber criminals is being grossly negligent.

Björn Friedrich
VECTANO GMBH
  • Our expert's main points
Olaf Kaiser:

Email is a central means of communication in companies. At the same time, it is a popular gateway for cyber attacks. How do you assess the risk?

Björn Friedrich:

Email security is one of our most important pillars in the area of IT security. Cyber criminals specifically exploit vulnerabilities in email communication. New attacks become known every day, and the first step of an attack often begins with a manipulated email. Worryingly, the quality of these attacks has increased significantly through the use of AI. Phishing emails are now so well crafted that even trained users often do not immediately recognize them as a threat.

Olaf Kaiser:

Is social engineering now an increased risk?

Björn Friedrich:

Definitely. In the past, phishing emails were sent out en masse in the hope that someone would fall for them. Today, attacks are much more targeted. Thanks to AI, attackers can very quickly gather detailed information about a person and personalize emails that appear extremely credible.

Olaf Kaiser:

What protection mechanisms should a company definitely implement?

Björn Friedrich:

We recommend our customers a comprehensive security package that includes the following components:

- Spam and malware filter with black and white lists.
- Advanced threat detection to analyze dangerous attachments and links in real time.
- Link check on click to expose manipulated URLs.
- Authentication mechanisms such as SPF, DKIM and DMARC to prevent identity fraud.
- Email encryption to protect sensitive communications.
- Backup and archiving solutions to prevent data loss and comply with legal requirements.
- Business continuity plans to bridge email outages.

Olaf Kaiser:

In addition to technical solutions, the human factor also plays a role. How do you sensitize employees to IT security?

Björn Friedrich:

Wir bieten Awareness-Trainings an, die individuell auf den Nutzer zugeschnitten sind. Wer oft auf Phishing-Mails hereinfällt, erhält intensivere Schulungen. Dazu führen wir simulierte Phishing-Angriffe durch, um das Bewusstsein zu schärfen. Diese Schulungen starten bereits ab 5 Euro pro Nutzer und Monat – eine geringe Investition im Vergleich zu den potenziellen Schäden eines erfolgreichen Cyberangriffs.

Olaf Kaiser:

How much are legal requirements such as GDPR and NIS2 driving the demand for IT security measures?

Björn Friedrich:

Deutlich. Viele Kunden fragen mittlerweile aktiv nach Compliance-konformen Lösungen. Themen wie E-Mail-Archivierung und Verschlüsselung werden oft durch neue regulatorische Anforderungen in den Fokus gerückt. Unsere Aufgabe ist es, Kunden nicht nur auf die Risiken aufmerksam zu machen, sondern ihnen auch passende Lösungen anzubieten.

Olaf Kaiser:

What recommendations do you have for other MSPs who want to expand their email security business?

Björn Friedrich:

1. choose scalable and automatable solutions with open interfaces to increase efficiency.
2. use standardized security packages to achieve higher quality and lower error rates.
3. invest in awareness training to strengthen your customers' human firewall
4. ensure that backup and archiving solutions are always part of your security strategy
5. make sure that basic protection mechanisms such as SPF, DKIM and DMARC are implemented correctly.

  • The full video interview
  • Let's hear it
Apple Podcast
Spotify Podcast

Profile

We see ourselves as an IT partner, innovator and problem solver for SMEs. With a team of over 40 IT experts, we offer comprehensive expertise and reliability, complemented by local support at our locations in Osnabrück, Brakel, Bremen, Stuttgart and Munich. Our values: Partnership: Trusting cooperation at eye level On-site expertise: IT support wherever you need us Innovation and best practices: Always at the cutting edge for your digital future.
Björn Friedrich
Managing Director
VECTANO GMBH
Am Sudheimer Weg 3
33034 Brakel, Germany

Related articles

Service & Solutions

MDR is not a technology, but a service

From the customer's point of view, it is about how Managed Detection and Response (MDR) is used to test and introduce stronger security performance and, from the MSP's point of view, how a central MDR service is linked to important systems via APIs through to the establishment of alarm chains.

WEITERLESEN ➝
Service & Solutions

Managed firewall in focus – from service definition to reporting

What services - both planned and unplanned - are included in your managed firewall packages? How can the customer purchase the whole bundle of hardware, software and services? All as one fixed monthly price? Are there really helpful reports for customers from the firewall? Which services are not included and are provided on demand or on request at the firewall? How do you deal with customers who already have another firewall in use?

WEITERLESEN ➝
Service & Solutions

Ongoing development as a model for success with managed security services

Everything you need to know about setting up Managed Security Services: How is the security model structured? How do customers decide between the three modules for endpoint protection and what tips the scales in favor of the higher variants? What is the customer response to your managed approach? Does the monthly notice period play an important role for you? Which automations are most important to you?

WEITERLESEN ➝

Recommended articles

Tell a friend

LinkedIn
XING
X
WhatsApp
Email

About MSP-Journey

MSP-JOURNEY is the information portal for all managers in the IT channel who want to grow and transform their business with managed security services.

The unique concept of MSP-JOURNEY is that those who successfully implement this business on a daily basis have their say and know what they are talking about: the decision-makers at IT service providers and MSPs.

As managed service and security specialists, we analyze SOPHOS and Systemhaus Coach Olaf Kaiser analyze the success factors for growth with managed security services. To give system houses and MSPs an easier and more effective way to reach their customers and their individual growth, the articles are made accessible and searchable in different categories.

Supported by