Email security startup
Trustifi is getting a $25 million boost to grow its roadmap, scale its product portfolio and go-to-market efforts, and increase its presence in a highly competitive space.
The Las Vegas-based company announced that the
Series A funding round was led by Camber Partners, an investment firm that backs growth-stage B2B software-as-a-service (SaaS) companies as they rapidly scale up.
Trustifi offers a suite of products and services that are aimed at protecting enterprises from email-based threats, such as phishing,
business email compromise (BEC), vendor email compromise (VEC), account takeover, and spam.
The goal is to protect organizations from data breaches and information stealing, and ensure regulatory compliance through integrations with Microsoft Office 365, Google Workspace, and other emails services.
Many of the offerings leverage AI and include account takeover protection and compromised account detection, inbound email security, and email managed detection and response. Justin Johnson, an investor at Camber Partners, pointed to the Trustifi’s AI-first solutions and channel-first approach as key factors in choosing to invest in the company.
Fast-Growing, Competitive Market
The investment will help Trustifi as it looks to expand in a fast-growing market that includes heavy hitters such as Proofpoint, Check Point, Trend Micro, Microsoft, and Cisco. According to analysts with Fortune Business Insights, the global email security market is expected to grow from $4.68 billion last year to
$10.68 billion by 2032, due in large part to increased malware and phishing activity, such as ransomware, BEC, and email account compromise.
In a November 2024 report,
Cofense – another email security firm –
outlined an evolving email threat landscape that saw an increased use of remote access trojans (RATs) by bad actors, a 600% jumped in the use of malicious Windows documents, and changes in tactics used to exfiltrate data.
Cofense also found that it detected on malicious email bypassing organizations’ secure email gateways every 45 seconds, faster than the every 57 seconds reported a year earlier.
“We continue to see threats bypassing perimeter email security defenses at an alarming rate, which is a clear indication that threat actors continue to innovate phishing campaigns faster than technology can stop them,” Josh Bartolomie, Cofense’s vice president of global threat services, said at the time.
Benefits and Risks
As with many aspects of cybersecurity, AI is becoming a key tool for email security vendors. In a blog post last year,
Barracuda Networks noted that the
use of AI by threat actors is not only driving an increase in the number and sophistication of attacks like phishing, BEC, and emailed-delivered ransomware, but that spearphishing attacks are more convincing. The vendor said that 69% of ransomware attacks begin with an email.
Barracuda officials said that AI capabilities like natural language processing (NLP), anomaly detection, and behavioral analysis are being increasingly used in email security offerings.
“The power of AI-enhanced email protection is based on continuous learning,” they wrote. “These solutions always consume new data and learn from it to improve the email system's defense. Real-time updates, like those mentioned in our post on threat detection and intelligence, ensure immediate protection against new threats.”
Good for MSSPs, MSPs
These can work for MSSPs and MSPs as well as vendors. Email security vendor
ConstantEdge wrote that
96% of all social engineering attacks are sent via email, which the company said is the most widely used method of business communication. Given that, it’s important for MSSPs and MSPs to offer email security services.
“Many email service providers, like Microsoft, offer standard protection against email threats as part of their service – but often, this isn’t enough to identify and protect against all threats an organization might face,” ConstantEdge officials wrote. “As an MSP, you can offer an advanced service run by expert analysts that goes beyond that standard offering, and that’s tailored perfectly for your clients’ specific needs.”
MSSPs and MSPs that include email security in their list of services not only complement their stacks, it also separates them from competitors that don’t offer it. It also gives them another revenue stream.
AI is Front and Center
For Trustifi and its competitors, including AI in the mix is a key part of their offerings, with company CISO Mark Liapustin noting in a blog post the
benefits and risks of generative AI.
“Organizations investing in defensive AI and ML tools, dynamic security awareness training, and attack simulation benefit from these prevention layers in stopping suspicious emails, spam emails, and standard phishing techniques,” Liapustin wrote. “However, hackers also invest in similar AI tools, extending their ability to alter their attack vector with more pinpointed accuracy, increase velocity with additional foreign language support, or set their ransomware attacks dormant.”
It's something that organizations need to keep in mind, according to
Spambrella, which like Trustifi offers emails security and employee awareness training. There is a lot of innovation happening in the tech field, but it shouldn’t overshadow the need for cybersecurity, the company wrote, adding that when talking about email security, a deciding factor should be generative AI.
The good news is that advanced email protection methods do not necessarily call for a trade-off,” Spambrella officials wrote, adding that generative AI let organizations embrace innovation and enable robust defenses to protect against sophisticated threats. “Investing in this technology at any stage of your email security program can make your organization adaptive, future-focused, and fully prepared to mitigate the risks posed by cybercriminals leveraging AI tools for malicious purposes.”
