Gmail making the case for you to switchNurPhoto via Getty ImagesRepublished on January 21 with new security advice for those running Microsofts email platforms, including confirmation on end-of-support dates this year.You have been warned. The 2025 threat landscape is set for an AI revolution, and whatever defenses you have in place will almost certainly not be good enough. Nowhere is this more true than with our email platforms at home and especially at work. Email is the most common cyberattack vector for businesses, a new cyber insurance report has just reinforced, serving as the most prevalent initial entry point to launch financial fraud, ransomware, and data breach attacks.Despite all the cyber noise, sometimes a stat or datapoint still has the potential to stand out. And so it is with the latest report from At-Bay, lauding the benefits of email thats more secure by default. Maybe theres some hope after all.At home there are checks you can do that will help you review your settings and make recommendations Googles account security check-up, for example. But at work its more complex, given that many of these settings will fall to your IT department to control. But that flexibility comes at a price. At-Bay strongly recommends transitioning to a cloud-based email solution to mitigate security risks and ensure proactive vulnerability management.Nothing new here but that transition to cloud brings the potential for increasingly game-changing defenses to be built around email and for a rethink as to how these platforms operate. Were not there yet, but this is a step.MORE FOR YOUGmail scores well in the new report its security upgrades in recent years are paying off in the real world data collected from actual cyber insurance claims. Organizations that used Google Workspace, At-Bay says, experienced the lowest frequency of incidents on average. Compared to the overall average, Googles claims frequency was 54% lower. The insurer highlights features included by default that may not be the default setting in other email solutions. These include real-time scanning for phishing emails and malicious attachments, automatic security updates to protect against vulnerabilities, and integrated threat intelligence to proactively identify and respond to potential threats.Gmail might be the largest email provider on our planet with its claimed 2.5 billion users, but Workspace does not dominate at work the way Gmail might at home. The point being that theres no need to play with settings to secure the platform, its a comprehensive and robust security framework out of the box, without requiring additional attention to set up or configure. Harder to run a comp in the wider world, but this enterprise data does provide some evidence this approach is working, and that the defaults are getting better.The question is how this will evolve to cope with new AI threats heading fast in our direction. As Ive commented before, email is a second-rate technology that has not evolved at the same pace as almost everything else. We still see too many blatant threats skip through any and all defenses into our inboxes. Its still to easy for anyone to ping anyone, and new AI innovations make that all the more dangerous by making those threats more realistic.We are now seeing two parallel developments. A hybrid mix of on-device and cloud screening for threats that target our phones in particular, but new AI desktops and laptops can extend this; and new safe browsing innovations that dont only rely on centrally collated lists. Its time for an email rethink that evolves email into a more messenger-like platform, and screens emails for threats to a level that doesnt happen today. This is what Elon Musk has in mind with X-Mail.Realistically, Google and Gmail are best placed to do this first across a huge user base. But in the meantime, these stats are a great ad for fully managed, cloud-based email at home and at work. Whether Gmail or one of the alternatives, if this isnt what youre running today then the numbers would suggest it might be time to switch.On that note, the report from At-Bay will be interesting to those administering SMB or enterprise email, where traditional choices may now give way to managed alternatives for the first time. Now, as reported by Bleeping Computer, Microsoft has reminded admins that Exchange 2016 and Exchange 2019 will reach the end of extended support in October and shared guidance for those who need to decommission outdated servers.For those on extended support, this could well be an opportunity to explore alternatives whether from Microsoft or others to the traditional approaching of rolling forwards the same or next-gen option. Microsoft confirms that customer installations of Exchange 2016 and Exchange 2019 will of course continue to run after October 14, 2025; however, due to the upcoming end of support date and potential future security risks, we strongly recommend customers act now. The company suggests migrating to Exchange Online or Microsoft 365.Migrating to the cloud is the best and simplest option to help you retire your Exchange Server deployment, the company says, which is aligned with the cyber advice from At-Bay. When you migrate to the Microsoft cloud, you make a single hop away from an on-premises deployment, and benefit from new features and technologies, including advanced generative AI technologies that are available in the cloud but not on-premises.Microsofts cloud-based solutions provide a material security step-up for organizations still operating on-premise email, and At-Bay is unequivocal in recommending a move away from on-premise. The security step-up includes Exchange Online Protection (EOP), the cloud-based filtering service that protects organizations against spam, malware, phishing and other email threats. EOP is included in all Microsoft 365 organizations that have Exchange Online mailboxes.Listening to the cyber insurance industry when it comes to such decisions clearly makes sense. As TechRadar points out, one of the biggest influences on the state of ransomware in the relatively short period since it really arrived just over ten years ago has been cyber insurance. Though not always to the benefit of victims, years of policy changes and updated requirements for cover have seen it make organizations much more resilient in the long run.