Sophos Email now includes Sophos Phish Threat

ProductsPhish ThreatSophos Email
Nov 04 2025 By

We’re announcing an important enhancement to our email security portfolio that combines comprehensive email protection with user awareness training to help protect customers against one of the most common attack vectors: phishing emails.

From December 10, 2025, Sophos Phish Threat (CPHISH or CPHISH-MSP) will be automatically included with Sophos Email Licenses (CEMA or CEMA-MSP). Together, they provide defense against email-based attacks and help reduce the risk of human error, enabling organizations to educate users, detect attacks earlier, and prevent costly compromises. Sophos Email now offers even greater value, visibility, and resilience.

The following applies to Term and MSP Flex customers effective December 10, 2025.

  • New Sophos Email customers: When a new customer purchases Sophos Email, they will have access to both Sophos Email and Sophos Phish Threat in their Sophos Central account.
  • Existing Sophos Email customers(no existing Sophos Phish Threat license): Existing Sophos Email customers will see Sophos Phish Threat automatically added to their Sophos Central account.
  • Existing Sophos Phish Threat customers(no existing Sophos Email license): There is no change for these customers. Term and MSP Flex Partners can continue to sell and renew Sophos Phish Threat standalone.
  • Existing customers with both Sophos Email and Sophos Phish Threat: Customers will continue to have access to Sophos Email and Sophos Phish Threat.
    • Term customers: At their next renewal, they only need to renew Sophos Email (CEMA) as Sophos Phish Threat is automatically included.
    • MSP Flex customers: No action is required. From the December billings run onward, when a customer has both Sophos Email and Sophos Phish Threat, MSPs will be charged only for Sophos Email usage, not for Sophos Phish Threat.

 

Benefits for Term partners

Sophos Email term subscriptions (CEMA) will automatically include Sophos Phish Threat. This enhancement ensures customers receive comprehensive email protection and user awareness training through a single, unified solution.

  1. Greater value without a price increase: Term customers automatically receive Sophos Phish Threat included with Sophos Email—without any price increase. This strengthens protection, increases ROI, and delivers more value per license, helping customers stretch their security budgets further.
  2. Protection and education in a single solution: By combining email security and user awareness training under one license, organizations eliminate the need to purchase and manage separate products. This simplifies procurement, deployment, and administration—reducing both cost and complexity.
  3. Enhanced security posture and compliance readiness: Phishing simulations and training help customers demonstrate proactive risk management and employee awareness for compliance frameworks such as ISO 27001, SOC 2, and GDPR. This supports stronger audit readiness and reduced regulatory risk.

 

Benefits for MSP Flex partners

Sophos Email MSP Flex subscriptions (CEMA-MSP) will automatically include Sophos Phish Threat. This enhancement allows MSPs to deliver stronger, smarter protection to every customer while increasing service value and competitiveness.

  1. Stronger email security positioning: The automatic inclusion of Sophos Phish Threat strengthens the Sophos Email value proposition, making it easier to win against competitors and close deals faster.​
  2. Upsell opportunities: MSPs can now offer a complete Email Security and User Awareness program —expanding customer footprint, increasing recurring revenue, and improving customer retention.
  3. Improved customer outcomes​: Combining technical defences with user training creates a more resilient security posture, leading to fewer breaches and higher customer satisfaction.​

 

Stopping email-based attacks before they start

Email remains one of the most targeted entry points for attackers. Ninety percent of cyberattacks begin with a phishing email, and according to the FBI, Business Email Compromise schemes cost organizations more than 2.7 billion dollars globally in 2024. Threat actors know that a single click can open the door to serious compromise.

Sophos Email helps organizations stay ahead of evolving threats by combining protection, visibility, and manageability across platforms. It blocks phishing, spam, and Business Email Compromise attacks before they reach users with advanced threat protection, sender authentication, and content analysis. With the addition of Sophos Phish Threat, they provide defense against both email-based attacks and human vulnerabilities, helping organizations educate users, detect attacks earlier, and prevent costly compromises.

Sophos Email is trusted by thousands of organizations worldwide to stop advanced email-based threats. Sophos was named an Overall, Product, Innovation, and Market Leader in the 2025 KuppingerCole Leadership Compass for Email Security. Additionally, as of 29 October 2025, Sophos Email was rated 4.8/5 stars based on total 348 ratings on Gartner® Peer Insights™, a public platform that offers verified, first-hand reviews of enterprise software and services from experienced IT professionals.

This announcement follows our August 2025 announcement of enhancements and new offerings for the Sophos Email Security Portfolio.

 

Expanding prevention through user awareness

Even the strongest security technology can be undermined by human error. According to Gartner®,  “by 2026, 85% of data breaches will involve a human element, including social engineering and user error.”1 In this scenario, reducing user susceptibility to phishing and building a culture of awareness is essential.

Sophos Phish Threat emulates real-world phishing attacks to identify weaknesses in an organization’s security posture and empowers users through interactive training modules. It includes:

  • 500-plus phishing templates and 100-plus engaging training modules
  • Outlook add-in for PC and Mac to report simulated attacks
  • Automated reporting for phishing and training results
  • Available in 11 languages

 

The only MDR-optimized email security solution

As the only MDR-optimized email security solution, Sophos Email enables Sophos MDR analysts to take immediate action, such as removing malicious messages or fine-tuning policies, in real time. It enhances Microsoft 365 and Google Workspace with additional layers of protection and simplified management. Integration with Sophos XDR delivers end-to-end visibility and faster, data-driven threat response.

Learn more about Sophos Email and Sophos Phish Threat in the Partner Portal or on the Sophos website.

 

 

1Gartner, Gartner Security & Risk Management Summit Presentation, Human Factors in Cybersecurity, Gartner, 16-17 March 2026

Gartner and Peer Insights™ are trademarks of Gartner, Inc. and/or its affiliates. All rights reserved.

Gartner Peer Insights content consists of the opinions of individual end users based on their own experiences, and should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. Gartner does not endorse any vendor, product or service depicted in this content nor makes any warranties, expressed or implied, with respect to this content, about its accuracy or completeness, including any warranties of merchantability or fitness for a particular purpose.

About the Author

Caitlin McDole is a Senior Product Marketing Manager at Sophos, working directly with Managed Service Providers. With a career deeply rooted in cybersecurity and the partner ecosystem, Caitlin brings a strong understanding of the MSP community and extensive expertise in product marketing.