Johnny Lee

US and European companies lean on Microsoft, Proofpoint to protect their inboxes


The majority of large public companies in the US and Europe relies on Microsoft and Proofpoint to service their incoming e-mails, according to recent research.

Recently taken private by Thomas Bravo in 2021, Proofpoint is a cyber security company based in Sunnyvale, California. Introduced 2003, Proofpoint’s first product helped businesses differentiate between spam and valid e-mails. 

At least 67% of companies in the S&P 500 utilized Microsoft and Proofpoint services to receive incoming e-mails. Their services were also used by 55% and 57% of companies in the FTSE 100 and MSCI Europe ex. UK indices respectively. 

In a recent analysis of open-source internet records, US-based technology companies dominate as the e-mail service providers of US and European large public companies. For companies in the S&P 500, around 89% rely on US firms. 73% of companies tracked in the FTSE 100 and MSCI Europe ex. UK indices relied on US firms.

As European cyber regulators increased their scrutiny of critical industries, European companies in the financial services and communication sectors were already less reliant their counterparts in other sectors. Some of these differences may be the result of local data localization laws, which are more stringent in these sectors.

The level of reliance on US firms did not extend to public companies based in countries like China or Russia. 85% of companies tracked by the CSI 300 and the former MSCI Russia 25/50 indices relied on domestic technology service providers. Hong Kong listed companies tracked by the Hang Seng Index tapped US technology firms only 26% of the time.

In China, e-mail service providers to large companies are less consolidated. The top 3 providers to companies in the CSI 300 only commanded 27% of the tracked companies. In the US, the top 3 providers to S&P 500 companies commanded 75% of the tracked companies.

The different patterns of provider adoption may prove to be an important unit of analysis for cyber strategists and security professionals. In 2023, cybersecurity investments remain at the top of the list for most CIOs.

Github source: