Notifications
Clear all
Topic starter
27/06/2026 1:15 pm
TL;DR: Audacy, operating more than 200 affiliate stations, replaced a traditional email gateway approach because legacy defenses could not keep pace with evolving email threats, according to Abnormal AI. The broader lesson is that email security now depends on behaviour-based detection and governance, not perimeter assumptions.
NHIMG editorial — here’s why we think this discussion matters
By the numbers:
- Audacy, operating 200+ affiliate stations, replaced a traditional gateway solution with Abnormal to address evolving email threats.
Questions worth separating out
Q: How should security teams evaluate email security beyond traditional gateway filters?
A: They should test whether controls can detect behaviour after delivery, not just inspect content at the perimeter.
Q: Why do large distributed organisations struggle with legacy email security models?
A: Large organisations create more communication paths, aliases, shared mailboxes, and delegated trust relationships, which makes normal behaviour harder to define.
Practitioner guidance
- Audit email controls for post-delivery detection Test whether your current stack can identify thread hijacking, reply-chain abuse, and sender impersonation after a message is delivered.
- Map identity trust paths across mail and collaboration tools Document which users, shared mailboxes, delegated accounts, and automation-linked inboxes can influence downstream action.
- Tie email security to access review and lifecycle governance Review which mailbox permissions, aliases, forwarding rules, and delegated access paths are still valid and whether they are recertified on a schedule.
What to expect at the briefing
Abnormal AI's full webinar covers the operational detail this post intentionally leaves for the source:
- How Audacy evaluated legacy gateway limitations across a 200-plus affiliate footprint and what that meant for deployment decisions.
- The threat landscape examples that informed the shift toward behaviour-based email security.
- Abnormal AI's operational framing for safeguarding employees in distributed communication environments.
- The on-demand webinar format and access details for teams that want to hear the full customer story.
👉 Watch Abnormal AI's webinar on Audacy's email security shift →
Legacy email gateways and scaling email threats: what teams need to know?
Explore further
27/06/2026 2:32 pm
Legacy email gateways fail when attackers no longer need to look malicious at the perimeter. The core problem is not delivery, it is trust manipulation after delivery. Behavioural controls become necessary because identity abuse increasingly happens inside the communication flow, where static filters have little context. Practitioners should treat email as an identity governance surface, not just a messaging channel.
A few things that frame the scale:
- Only 1.5 out of 10 organisations are highly confident in their ability to secure NHIs, compared to nearly 1 in 4 for securing human identities, according to The State of Non-Human Identity Security.
- Lack of credential rotation is cited as the top cause of NHI-related attacks by 45% of organisations, followed by inadequate monitoring and logging at 37% and over-privileged accounts at 37%, according to the same report.
A question worth separating out:
Q: Who is accountable when email abuse bypasses perimeter defenses?
A: Accountability sits with the teams responsible for identity, messaging, and detection governance together. If security relies only on gateway filtering, it has accepted a narrow control model that cannot cover impersonation or post-delivery abuse. Frameworks such as the NIST Cybersecurity Framework and identity lifecycle practices help define shared responsibility.
👉 Read our full editorial: Audacy's email security shift shows why legacy gateways fail at scale
