The redemption of Hornetsecurity by the American Proofpoint confirms a substantive trend: the accelerated disappearance of European publishers specializing in messaging protection, while email remains the first attack.
It is a silent, but structuring trend: the safety of European professional messaging is gradually under foreign control. After the acquisition of French Altospam in 2021, proofpoint one of the American heavyweights of cybersecurity has just announced the acquisition of the German Hornetsecurity. One more operation in a market that has become strategic, where European players are now rare … even nonexistent.
Behind these mergers takes place a deeper change, that of the loss of control of a critical link in operational cybersecurity. The email remains, in 2025, the main entry point of the cyber attacks: phishing, ransomware, account compromise, data leak. It is also a central tool for economic, political and institutional exchanges. Its protection is expected to be sensitive infrastructure. This is no longer the case.
An entire sector passed under a foreign flag.
The European Email filtering, behavioral and collaborative security filtering market is now largely dominated by American companies. Microsoft and Google, via their 365 suites and workspace, concentrate most of the use. Specialized actors Proofpoint, Mimecast, Barracuda, structure the complementary offer.
What about European independents? They have become the exception.
Mailinblack, SME based in Marseille, is today the only French actor and one of the latest in Europe to develop sovereign email protection technology. Created in 2003, the company offers a complete platform, hosted in France, combining messaging security, user awareness and RGPD compliance. It equips more than 22,000 organizations in the public sector, health, communities and SMEs.
The solution illustrates the possibility of another path, that of cybersecurity designed for real uses, based on technological autonomy and data control.
Digital sovereignty: the dead angles of everyday life.
Because this is where the European paradox is nestled. We are gladly talking about digital sovereignty about Cloud, Datacenters or 5G. But everyday functional bricks: email, authentication, endpoint protection, almost completely escape industrial strategies. And it is through them that the most effective attacks pass, because they target humans before targeting infrastructure.
US extraterritorial legislation (Cloud Act, FISA) allow, in some cases, American authorities to demand access to data hosted by service providers, even abroad. Confiding in the protection of its digital exchanges to non-European technologies therefore amounts to delegating the confidentiality of its operations to third-party powers.
MP Philippe Latombe recently recalled it in a public alert: cybersecurity cannot be thought only in technical terms. She engages political choices. It involves deciding to whom we trust to inspect, sort, analyze and block the content of her own communication.
Mailinblack, the French exception!
Mailinblack’s positioning is based on an assumed conviction: that in Europe, it is not only necessary, but possible, to reconcile security requirement, digital sovereignty and proximity to users.
In a market dominated by integrated offers and standardization logics, the French company defends an independent, legible and aligned approach to the realities on the ground. This strategic choice, far from a withdrawal, affirms technological and ethical autonomy, and gives Mailinblack a singular place: that of a sovereign, coherent actor, and solidly anchored in the concrete needs of organizations.
