Redefining Email Security: Circles of Trust and Relationship Mapping in Risk Calculations
In today’s digital landscape, email remains the most common—and most dangerous—vector for cyberattacks. From phishing campaigns to advanced business email compromise (BEC) schemes, attackers have become experts at exploiting human trust. Traditional defenses—filters, blacklists, and signature-based detection—are no longer sufficient to counter increasingly sophisticated threats. That’s why our team has re-architected our SaaS email and SSPM (SaaS Security Posture Management) platform around the concept of ‘circles of trust’ and relationship mapping.
As we finally move out of testing for our new Sabiki SSPM for Microsoft 365, it is important to understand how we link these results with our Email security engine to provide a level of inspection, that frankly we have not seen done on the market at this depth.
What Are Circles of Trust?
Circles of trust represent the implicit and explicit levels of credibility between users. Think of them as digital “trust rings” that capture the nuances of human relationships in the workplace. A colleague you’ve exchanged hundreds of emails with is more trustworthy than an external vendor you’ve interacted with once. By quantifying and mapping these circles, we can create a dynamic model of how trust propagates across users, domains, and communications.
The Fragility of Trust Without SSPM
While circles of trust add a powerful layer of context to inbound email risk calculations, trust can be fragile. A single compromised email account or stolen password can instantly break the trust model, turning a once-reliable sender into a dangerous threat vector. In fact, this is one of the primary ways attackers weaponize trust—by infiltrating existing circles and using them against organizations.
This is why SSPM is critical to completing the circle of trust. By continuously assessing account hygiene, identity posture, and SaaS configurations, SSPM injects the necessary context to validate whether trust is still warranted. Without SSPM, circles of trust risk becoming a liability rather than a safeguard, because the system may continue trusting an account that has already been compromised.
When SSPM and relationship mapping work together, organizations achieve a holistic defense: one that not only measures trust but also ensures the foundation of that trust is secure.
The Power of Relationship Mapping
Traditional email security solutions treat emails as isolated transactions, analyzing message content, headers, or metadata for anomalies. But context is key. Who is the sender? How often do they communicate with the recipient? Is this request in line with prior interactions? Relationship mapping provides the context needed to answer these questions.
By mapping relationships over time, our platform can:
Detect when a message comes from an account that looks familiar but deviates from established trust patterns.
Identify when attackers attempt lateral phishing by hijacking compromised accounts.
Prioritize risk calculations not just based on the content of an email, but also on the history and quality of the sender-recipient relationship.
How Circles of Trust Enhance Risk Calculations
Integrating circles of trust and relationship mapping fundamentally changes how risk scores are calculated for inbound email. Instead of relying solely on static indicators or keyword triggers, our platform now layers in:
Trust Weighted Scoring: Messages from within strong trust circles are scored differently from messages on the periphery.
Behavioral Baselines: Trust patterns establish baselines for normal communication, making deviations easier to spot.
Dynamic Adaptation: As relationships evolve, trust circles adapt, ensuring the model reflects real-world changes.
This dynamic approach minimizes false positives while catching the subtle attacks that bypass traditional defenses.
A Step Forward for SaaS and SSPM Security
Our platform’s integration of circles of trust into SSPM functions elevates security from reactive to proactive. Instead of simply blocking known threats, we’re anticipating and mitigating attacks that weaponize trust. In an era where attackers exploit relationships as much as technology, this re-architecture represents a paradigm shift in SaaS email and posture management.
The next generation of email security isn’t just about smarter filters or faster detection. It’s about understanding trust, context, and relationships at a human level—and embedding that intelligence into automated defenses. With our new architecture, organizations can move beyond surface-level protection and embrace a model that reflects how real people communicate.
For technical leaders, this means adopting a solution designed with advanced AI and contextual models that evolve with your business.
For business decision-makers, it means reduced risk, stronger compliance posture, and fewer costly incidents.
By weaving circles of trust into the fabric of risk calculation—and reinforcing those circles with SSPM—we’re helping businesses defend against the threats that matter most: the ones that exploit trust itself.
“We should not measure the maturity of our SSPM solution simply on how many scans we do. We know for a fact that in almost all 365 breaches analyzed it was a combination of maybe 10 settings that led to disaster. So in reality we are pinpointing quality of risk signal and their relationship to each other over quantity for a real business outcome. Not to mention feeding this analysis into the Email security decision making chain...now that’s powerful.”