There’s a big problem in cybersecurity. Despite over 3,000 products in the market, data breaches are at an all-time high. Businesses are at risk of insider and outsider threats, with a reported 67% increase in the volume of security breaches over the past five years.
Worse still, this increase in security breaches is happening despite organizations spending more than ever to protect their systems and data, up from $1.4 million to $13 million.
Why is this happening? Businesses haven’t been protecting their most important asset: their employees.
Historically, email security solutions have layered defenses first on top of networks, then devices, and finally cloud applications. The majority of these solutions provide blunt protection, or rely on retroactive threat detection and remediation, which leaves obvious (and unfortunate) gaps in a business’ armor.
So, when you can get a firewall to protect your network, and EDR to protect your devices, what do you get to protect your people?
What is Human Layer Security?
Tessian’s Human Layer Security technology understands human behavior and relationships, enabling it to detect and prevent dangerous activity. Importantly, Tessian’s technology learns and adapts to how people work without getting in the way or impeding productivity.
We created this category over a year ago, and it was the thesis for our Series B fundraise. Since then, we’ve seamlessly deployed Tessian solutions to customers across industries from SMBs to multi-national enterprises, and are now detecting and preventing millions of inbound and outbound threats on email.
Why do we need Human Layer Security?
Your employees now control both your systems and your data and, the fact is, people make mistakes, people break the rules, and people can be hacked.
It’s no wonder that 88% of data breaches are caused by human error, with AIG reporting “human errors and behavior continue to be a significant driver of cyber claims.” After all, employees can transfer millions of dollars to a bank account in a few clicks and can share thousands of patient records in an Excel file via a single email.
Instead of expecting people to do the right thing 100% of the time, we think it’s better to preempt these errors by detecting and preventing them from happening in the first place.
Each of our solutions – Tessian Enforcer, Tessian Guardian, and Tessian Defender – is uniquely positioned to do just that, and these solutions can be explored by the specific type of human error they protect against.
People break the rules
Whether done maliciously or accidentally, people in every organization can and do break the rules. Those rules can be related to anything, from a password policy to how sensitive information is stored. But, what about rules related to data exfiltration?
Oftentimes, employees are blissfully unaware of policies related to – and the risk associated with – sending emails containing work-related information to domains outside of their own organization. Take, for example, an employee who sends a file to their personal email account so that they can work from home over a long weekend.
Sometimes, though, work-related information is extracted with more nefarious intent and, unfortunately, this can happen in even the most secure environments. Case in point: In late-2019, an employee at a cybersecurity and defense company sold 68,000 customer records to scammers.
This isn’t an isolated incident, either; more than half of UK employees admitted to stealing corporate data. A quarter of those would be willing to do so for less than £1,000.
People make mistakes
To err is human and, entrusted with both systems and data, employees put themselves in decidedly vulnerable positions as they maneuver dozens of human-digital interactions each day. From a simple typo to a misconfigured firewall, mistakes are inevitable in the workplace.
Unfortunately, though, the consequences of these mistakes are far-reaching.
If an employee accidentally fires off an email containing sensitive customer data to the wrong person – otherwise known as a misdirected email – penalties and fines could be incurred, customer trust could plummet, and reputational damage could be long-lasting. And those are just the consequences to the larger organization. Individuals will likely suffer, too, with misdirected emails no doubt causing employees and supervisors tremendous anxiety and even putting them at risk of being terminated.
People can be hacked
Businesses of all sizes work with a web of suppliers, contractors and customers spanning different time zones and regulatory environments. As a result, we’ve seen a rise in targeted spear phishing attacks where cybercriminals are convincingly impersonating internal and external contacts.
Worse still, the odds are against businesses and their employees. While a hacker only has to get it right once, we are expected to get it right every time.
So, what happens if one employee is successfully tricked one time by a spear phishing email and wires money, shares credentials, or otherwise acts as an entry point for a bad actor to gain access to your network? With the average cost of a data breach in the United States climbing to $8.19 million in 2019, the company will likely take a hard hit, especially with the sharp increase in GDPR fines.
Why focus on email?
To be truly effective, Human Layer Security must protect all human-digital interactions within the enterprise. This is a massive remit.
So, Tessian started with email, because it’s the most popular (we spend 40% of our time on it) and riskiest (most breaches happen here) communication channel.
But why is email currently so poorly protected and how does Tessian fit into larger security frameworks to keep your people and your data safe?
Traditional email security solutions are static, disruptive and admin-intensive. Some demand that employees manually classify every email based on sensitivity or tag all emails being sent to external contacts; this is time consuming and not reliable. (Alert fatigue is real.)
Others may require that employees encrypt emails, which adds friction and slows the pace of business. These older technologies can’t be configured to adequately defend against all the ways people make mistakes or cut corners on email.
Aware of these tech shortcomings, most companies layer in security training.
The hope is that through a combination of training and policies, employees will adopt secure behaviors. Unfortunately, though, two thirds of employees are not regularly trained about cyber threats on email, which is the #1 threat vector in an organisation. What’s more, a significant percentage of those who are trained don’t retain what they’re taught.
Training is incomplete, irregular and doesn’t stick. Hence the need for HLS.
Human Layer Security
In addition to policies, training, and other security solutions, organizations need an extra layer of security.
Human Layer Security works by understanding and adapting to human behavior without compromising productivity. This is only made possible by machine learning (ML), and Tessian built our HLS platform out of the gate using stateful ML.
We built our outbound email protection first, and leveraged the email data from hundreds of customers (with their consent, of course) to build our inbound threat stack. Our stateful ML models analyze historical email data in order to understand human relationships and communication patterns.
Once we know what normal and abnormal look like, Tessian can automatically predict and prevent security breaches.
How is Tessian using machine learning to secure the human layer on email?
We get it—ML/AI are used often and interchangeably in the cybersecurity space. But, the simple truth is that a solution built on ML enables better email protection because ML models get smarter and better over time as more data is ingested.
Tessian’s Human Layer Security platform consists of intelligent and fully customizable email filters. For every inbound and outbound email, our filters analyze a vast array of data points in real time to create a comprehensive assessment of the correspondence.
In the simplest terms, to determine whether an email is safe or unsafe to send/receive, we examine:
Relationship History: Analyzing past and real-time email data, Tessian has a historical view on all email communications and relationships. For example, we can determine in real time: if the wrong recipient has been included on an outbound email; if a sensitive attachment is being sent to a personal, non-business email account; if an inbound email with a legitimate-looking domain is a spoof by detecting an unusual IP address.on
Content & context: Using natural language processing to analyze historical email data, Tessian understands how people normally communicate on email and what topics they normally discuss. As a result, our filters automatically detect anomalies in subject matter (i.e. project names) or sentiment (i.e. urgency), which might indicate a threat.
Tessian understands and adapts to how people work, so it can prevent threats before they happen. It gets out of the way so people can proceed confidently with business as usual without being slowed down, or having to add threat detection to their to-do list.
First, you protected our networks. Then, you protected our devices. Now, you can protect your people with Tessian’s Human Layer Security.