Step Into The Future of Cybersecurity — Save your spot at the Human Layer Security Summit for free.

Request a Demo of Tessian Today.
Automatically stop data breaches and security threats caused by employees on email. Powered by machine learning, Tessian detects anomalies in real-time, integrating seamlessly with your email environment within minutes and starting protection in a day. Provides you with unparalleled visibility into human security risks to remediate threats and ensure compliance.

Advanced Inbound and Outbound Threat Protection for an International Law Firm

  • 11 June 2021

Tessian’s mission is to secure the human layer by empowering people to do their best work, without security getting in their way.

Company: Penningtons Manches Cooper
Industry: Legal
Company Size: 1,000 employees
Solutions: Enforcer, Guardian, Defender
Environment: Hybrid
Platform: Outlook

Customer since: 2016

About Penningtons Manches Cooper

Penningtons Manches Cooper is a leading UK and international law firm which provides high quality legal advice to both businesses and individuals. The firm has UK offices in the City of London, Basingstoke, Birmingham, Cambridge, Guildford, Oxford and Reading with an overseas network stretching from Asia to South America through their presence in Singapore, Piraeus, Paris, Madrid and São Paulo.

With 130 partners and over 880 people in total, Penningtons Manches Cooper is acknowledged as a dynamic and forward-thinking practice which combines legal services with a responsive and flexible approach.  They have established a strong reputation in a variety of sectors, particularly private wealth, shipping, technology and property. 

Penningtons Manches Cooper lawyers are also recognised for their expertise in life sciences, education, retail, sports and entertainment and international trade.

Before Tessian….

Before deploying Tessian in 2016, Marcus Shepherd, Best Practice Operations, and Richard Mullins, IT Security Engineer, both suspected Penningtons Manches Cooper had a more significant problem with email data breaches than was being reported.

Marcus explained, saying “It was pretty clear that, together with the rest of the industry back then, we had a problem with email data breaches but had no visibility as to the extent of it. We had reporting processes in place, but had a hunch that the actual number of incidents was higher than those being reported by employees. Part of the problem was education. Complete understanding of what constituted a data breach and the possible consequences of data breaches – even with very basic personal details – was not fully understood then.  A lot of employees were not clear that if something had taken place, it needed to be reported.”

While they were leveraging some standard rules in Outlook for inbound threats, they were relying on employee training, rule-based systems, and self-reporting to prevent outbound threats like misdirected emails and data exfiltration (both accidental and malicious).

“We were having trouble with rule-based solutions and identifying email threats. You could spend hours trying to configure them to their optimal level and still have an issue with false positives. We needed an intelligent solution that could identify and pinpoint these threats without bombarding the users with false positive alerts.”
Richard Mullins IT Security Engineer

According to Marcus and Richard, they lacked visibility and control over threats, employees were struggling with alert fatigue, and their security team was inundated with more false positives than they could investigate. 

Must-have features….

In evaluating solutions, the firm was originally looking for three key features.

Effectiveness: Because data loss incidents were a concern, their top priority was to find a solution that would accurately predict data loss incidents on email. But unsurprisingly, they were wary of any solution that might trigger false positives. This would distract partners and cause alert fatigue.

Ease-of-use: They wanted a tool that would be easy to deploy and not require a large security team to manage it day-to-day.  

Education: It can be difficult to encourage fee-earners to prioritize security considerations when dealing with busy and demanding clients. The pop-ups triggered by rule-based tools weren’t offering employees the information they needed to understand how to handle data safely or why it was so important to do so. Marcus and Richard wanted a tool that offered context and complemented training and awareness programs.

“At the time, Tessian was the only product on the market that was being innovative with AI and machine learning. Every other solution provided no more than another annoying pop-up asking, ‘Are you sure you want to send this?’. We wanted something different, so it was a no-brainer for us to choose Tessian.”
Marcus Shepherd Best Practice Operations Manager

With Tessian….

As an innovative firm with a proactive security team, Penningtons Manches Cooper was an early adopter of Tessian and deployed Tessian Guardian and Tessian Enforcer in 2016 to prevent misdirected emails and data exfiltration on email. In 2019 – as soon as it was released to market – they deployed Tessian Defender.

Tessian offers advanced threat protection 

Since deploying Tessian, Richard and Marcus have seen Tessian Enforcer reduce loss of IP from people leaving the firm, have seen over 3,000 interventions where Tessian Guardian has prevented a potential data breach by flagging a misdirected email, and have seen Tessian Defender prevent advanced impersonation attacks including CEO Fraud and Business Email Compromise. 

“Tessian is a vital part of our security stack when it comes to cyber awareness, risk and compliance, and information protection. It’s an essential perimeter defense – and sometimes the last line of defense,” Richard said. 

Tessian surfaces rich insights about employee behavior on email

With Human Layer Risk Hub, Penningtons Manches Coopers’ security team has clear visibility of threats. 

“Tessian is doing the heavy lifting for us now. We’re no longer looking through spreadsheets with hundreds or thousands of events. With Human Layer Risk Hub, we get incredible visibility within the portal into high-risk users and high-risk events. We can now identify users whose behavior could put us at risk, whether it’s via misdirected emails, unauthorized emails, or spear phishing attacks. This all helps massively with incident response since our security and compliance teams do not have limitless resources,” Richard said. 

In-the-moment warnings reinforce security awareness training and reduce risk over time

Tessian’s in-the-moment warnings offer context about why an email is being flagged as malicious or suspicious. They’re written in clear, easy-to-understand language and help nudge employees towards safer behavior over time.

“Tessian goes hand-in-hand with our education strategy and helps remind our users that information handling isn’t just a nice-to-have. Individuals have rights and all firms have an obligation to respect these.”
Marcus Shepherd Best Practice Operations Manager

The platform is easy to deploy and manage day-to-day 

Tessian deploys within minutes, learns within hours, and starts protecting in a day. Richard and Marcus experienced this during their initial deployment and again during their merger with Thomas Coopers LLP in 2019. 

Marcus explained, saying that “Deploying Tessian across new users after the merger was seamless. We got everyone connected immediately which helped us extend our security culture right away”. 

Low flag rates and false positives mean Tessian doesn’t get in the way 

It was important for Marcus and Richard to find a tool that worked, without distracting, frustrating, or confusing especially busy lawyers. 

With Tessian, they no longer struggle with high rates of false positives.

“We trust Tessian to deliver accurate and concise messages to our employees about email threats, which has enabled us to scale back our rule-based inbound email threat protection. This allows IT to focus on the true email threats and reduces alert fatigue on the end-user.”
Richard Mullins IT Security Engineer

Tessian sets the benchmark for technology partners

From the outset, Richard and Marcus have been proactive in helping shape Tessian’s product roadmap to serve them, other law firms, and customers across industries.  

“In terms of a relationship with a supplier, Tessian is the benchmark for continuous improvement and adapting to the threat landscape. We have a huge amount of engagement and feedback with Tessian which has helped to improve our email security posture. They actively want to go on our journey with us and are always willing to listen to our concerns or requirements,” Richard said.