Notifications
Clear all
Topic starter
27/06/2026 1:17 pm
TL;DR: DexKo Global says replacing its legacy SEG with a Microsoft plus Abnormal API-based architecture across 7,000 employees and a partner-heavy supply chain freed budget and bandwidth while improving protection and automation, according to Abnormal AI. The real shift is that email security is moving toward API-level control and operational efficiency, not just filter tuning.
NHIMG editorial — here’s why we think this discussion matters
By the numbers:
- 7, exKo Global replaced its legacy SEG with a Microsoft + Abnormal API-based architecture across 7,000 employees and dozens of locations.
Questions worth separating out
A: The decision should hinge on where the organisation needs control.
Q: Why do partner-heavy organisations need a different email security approach?
A: Partner-heavy organisations face a broader trust surface, because threats can arrive through legitimate threads, shared mailboxes, and vendor relationships rather than only through obvious phishing.
Practitioner guidance
- Map your email security control plane to identity flows Document where mail access, partner collaboration, and mailbox actions are governed today.
- Assess external trust paths alongside employee mail risk Review contractor, supplier, and acquisition-related mail flows as part of the same governance model.
- Prioritise post-delivery response capability Test whether your email platform can search, recall, quarantine, or remove messages after they reach the mailbox.
What to expect at the briefing
Abnormal AI's full webinar covers the operational detail this post intentionally leaves for the source:
- Migration steps for moving from a legacy SEG to a Microsoft plus API-based architecture in a large enterprise.
- Time commitment and rollout considerations for organisations replacing a gateway-based email stack.
- Automation, protection, and productivity benefits described by the team that ran the migration.
- Operational context for how a partner-heavy supply chain influenced the email security decision.
👉 Watch Abnormal AI's webinar on DexKo Global's SEG retirement and email security modernization →
Legacy SEG retirement: what it means for modern email security?
Explore further
27/06/2026 2:35 pm
Legacy email security is increasingly a governance problem, not just a detection problem. The DexKo example shows a distributed enterprise with employees, partners, and contractors that needed more than perimeter filtering. When the collaboration surface expands, email security has to support identity-aware control, post-delivery response, and operational flexibility. The practical conclusion is that legacy SEG decisions now affect wider access governance, not only message inspection.
A few things that frame the scale:
- Organisations maintain an average of 6 distinct secrets manager instances, creating fragmentation that undermines centralised control, according to The State of Secrets in AppSec.
- Companies are dedicating an average of 32.4% of their security budgets to secrets management and code security, with US organisations leading at 40.8%.
A question worth separating out:
Q: How do teams know if their email security stack is limiting programme maturity?
A: Look for operational drag: manual remediation, duplicated policy work, slow response to mailbox threats, and limited automation across cloud email and identity workflows. If the platform mainly preserves legacy processes instead of reducing them, it is constraining maturity rather than enabling it.
👉 Read our full editorial: Legacy SEG retirement shows how email security is being re-architected
