Tessian Recognized as a Representative Vendor in 2021 Gartner Market Guide for Data Loss Prevention — Read more.

Request a Demo of Tessian Today.
Automatically stop data breaches and security threats caused by employees on email. Powered by machine learning, Tessian detects anomalies in real-time, integrating seamlessly with your email environment within minutes and starting protection in a day. Provides you with unparalleled visibility into human security risks to remediate threats and ensure compliance.
Customer Stories

Read our latest Customer Stories, interviews and news. Learn how Tessian protects organisations in Financial Services, Legal, Technology and other markets.

Customer Stories
Advanced Inbound and Outbound Threat Protection for an International Law Firm
11 June 2021
Company: Penningtons Manches Cooper Industry: Legal Company Size: 1,000 employees Solutions: Enforcer, Guardian, Defender Environment: Hybrid Platform: Outlook Customer since: 2016 About Penningtons Manches Cooper Penningtons Manches Cooper is a leading UK and international law firm which provides high quality legal advice to both businesses and individuals. The firm has UK offices in the City of London, Basingstoke, Birmingham, Cambridge, Guildford, Oxford and Reading with an overseas network stretching from Asia to South America through their presence in Singapore, Piraeus, Paris, Madrid and São Paulo. With 130 partners and over 880 people in total, Penningtons Manches Cooper is acknowledged as a dynamic and forward-thinking practice which combines legal services with a responsive and flexible approach.  They have established a strong reputation in a variety of sectors, particularly private wealth, shipping, technology and property.  Penningtons Manches Cooper lawyers are also recognised for their expertise in life sciences, education, retail, sports and entertainment and international trade. Before Tessian…. Before deploying Tessian in 2016, Marcus Shepherd, Best Practice Operations, and Richard Mullins, IT Security Engineer, both suspected Penningtons Manches Cooper had a more significant problem with email data breaches than was being reported. Marcus explained, saying “It was pretty clear that, together with the rest of the industry back then, we had a problem with email data breaches but had no visibility as to the extent of it. We had reporting processes in place, but had a hunch that the actual number of incidents was higher than those being reported by employees. Part of the problem was education. Complete understanding of what constituted a data breach and the possible consequences of data breaches – even with very basic personal details – was not fully understood then.  A lot of employees were not clear that if something had taken place, it needed to be reported.” While they were leveraging some standard rules in Outlook for inbound threats, they were relying on employee training, rule-based systems, and self-reporting to prevent outbound threats like misdirected emails and data exfiltration (both accidental and malicious).
According to Marcus and Richard, they lacked visibility and control over threats, employees were struggling with alert fatigue, and their security team was inundated with more false positives than they could investigate.  Must-have features…. In evaluating solutions, the firm was originally looking for three key features. Effectiveness: Because data loss incidents were a concern, their top priority was to find a solution that would accurately predict data loss incidents on email. But unsurprisingly, they were wary of any solution that might trigger false positives. This would distract partners and cause alert fatigue. Ease-of-use: They wanted a tool that would be easy to deploy and not require a large security team to manage it day-to-day.   Education: It can be difficult to encourage fee-earners to prioritize security considerations when dealing with busy and demanding clients. The pop-ups triggered by rule-based tools weren’t offering employees the information they needed to understand how to handle data safely or why it was so important to do so. Marcus and Richard wanted a tool that offered context and complemented training and awareness programs.
With Tessian…. As an innovative firm with a proactive security team, Penningtons Manches Cooper was an early adopter of Tessian and deployed Tessian Guardian and Tessian Enforcer in 2016 to prevent misdirected emails and data exfiltration on email. In 2019 – as soon as it was released to market – they deployed Tessian Defender. Tessian offers advanced threat protection  Since deploying Tessian, Richard and Marcus have seen Tessian Enforcer reduce loss of IP from people leaving the firm, have seen over 3,000 interventions where Tessian Guardian has prevented a potential data breach by flagging a misdirected email, and have seen Tessian Defender prevent advanced impersonation attacks including CEO Fraud and Business Email Compromise.  “Tessian is a vital part of our security stack when it comes to cyber awareness, risk and compliance, and information protection. It’s an essential perimeter defense – and sometimes the last line of defense,” Richard said.  Tessian surfaces rich insights about employee behavior on email With Human Layer Risk Hub, Penningtons Manches Coopers’ security team has clear visibility of threats.  “Tessian is doing the heavy lifting for us now. We’re no longer looking through spreadsheets with hundreds or thousands of events. With Human Layer Risk Hub, we get incredible visibility within the portal into high-risk users and high-risk events. We can now identify users whose behavior could put us at risk, whether it’s via misdirected emails, unauthorized emails, or spear phishing attacks. This all helps massively with incident response since our security and compliance teams do not have limitless resources,” Richard said.  In-the-moment warnings reinforce security awareness training and reduce risk over time Tessian’s in-the-moment warnings offer context about why an email is being flagged as malicious or suspicious. They’re written in clear, easy-to-understand language and help nudge employees towards safer behavior over time.
The platform is easy to deploy and manage day-to-day  Tessian deploys within minutes, learns within hours, and starts protecting in a day. Richard and Marcus experienced this during their initial deployment and again during their merger with Thomas Coopers LLP in 2019.  Marcus explained, saying that “Deploying Tessian across new users after the merger was seamless. We got everyone connected immediately which helped us extend our security culture right away”.  Low flag rates and false positives mean Tessian doesn’t get in the way  It was important for Marcus and Richard to find a tool that worked, without distracting, frustrating, or confusing especially busy lawyers.  With Tessian, they no longer struggle with high rates of false positives.
Tessian sets the benchmark for technology partners From the outset, Richard and Marcus have been proactive in helping shape Tessian’s product roadmap to serve them, other law firms, and customers across industries.   “In terms of a relationship with a supplier, Tessian is the benchmark for continuous improvement and adapting to the threat landscape. We have a huge amount of engagement and feedback with Tessian which has helped to improve our email security posture. They actively want to go on our journey with us and are always willing to listen to our concerns or requirements,” Richard said.
Customer Stories
Why Schroders Adopted Tessian 5 Years Ago, And How The Platform Has Evolved Since Then
By Maddie Rosenthal
24 March 2021
Company: Schroders Industry: Financial Services Seats: 6,500 Solutions: Guardian, Enforcer, Defender About Schroders   As a global active asset manager, Schroders has over 200 years of experience in investment and innovation and remains committed to creating a better future by investing responsibly for their clients. Across five business areas – including Private Assets & Alternatives, Solutions, Mutual Funds, Institutional and Wealth Management, Schroders invests in a wide range of assets and geographies and is responsible for £574.4 billion (€641.7 billion/$785.1 billion) in client assets, managed locally by 42 investment teams worldwide.  As a global business with over 5,500 talented staff across 35 locations, Schroders is able to stay close to their clients and understand their needs.  Schroders was an early adopter of Tessian, having first deployed the platform back in 2016. Since then, they’ve been using Tessian Guardian, Enforcer, and Defender for both inbound and outbound email security to help prevent accidental data loss, malicious data exfiltration, and inbound threats like spear phishing and Business Email Compromise (BEC). We talked to Rob Hyde, Chief Information Security Officer, and Mike Vieira, Perimeter and Cloud Security Capability Lead, to find out why Schroders initially chose Tessian, how the solution has evolved over the years, and how their security posture has improved as a result.   1. There is no “silver bullet” when it comes to email security   When we asked security leaders what threat vector they’re most concerned about protecting,  nearly half said email. For Rob, this isn’t a surprise.  “All big financial firms recognize that email-based processes are prone to human error. But we can’t take email out of the equation. There’s training, but people of course make mistakes despite being advised not to. So, what can you do? You either stop using email, or you find a product like Tessian that removes some of the risk,” he explained. As a part of their DLP strategy, Schroders uses Tessian Guardian to prevent employees from sending emails to the wrong person and from attaching the wrong files to emails; they use Tessian Enforcer to prevent employees from sharing sensitive information outside of the company network.  For Rob and Mike, Tessian Enforcer has been invaluable, especially once employees made the switch to remote working in early 2020. Mike explained, “Tessian Enforcer proved incredibly valuable after we made the shift to remote working. It allowed us to get a bird’s eye view of how employees were handling data and helped us understand what policies we needed to reinforce, what policies we needed to change altogether, and even gave us a better idea of what tools and technology would help our employees do their jobs more efficiently outside of the office”. Importantly, though, when it comes to locking down email, there is no silver bullet.  Training is necessary. Policies are essential. And rule-based DLP solutions have their place. So, what makes a solution really stand out? Its ability to complement and bolster other solutions, while also filling in the gaps.  Tessian is that solution for Schroders.
2. Rule-based and legacy solutions are admin-intensive with a low ROI  While the static nature of rules has been a pain point for Schroders, it isn’t the only drawback of legacy DLP solutions.  “Traditional DLP has a low return on investment, and it’s expensive to run. It does stop some malicious emails, but it’s very low volume,” Rob explained. Tessian is different, though. “On the other end of the spectrum, you have Tessian. If you look at Guardian, for example, it’s stopping data loss every day. Now, misdirected emails aren’t malicious activity, but the consequences are no less severe and the ROI is clear and easy to calculate. All we have to do is look at the number of employees who were going to do something – like send an email to the wrong person, move sensitive data outside of the company – but didn’t because of the solution.” he said.
For Rob and Mike, the ROI of Tessian is compounded by the fact that it’s effortless for their team to maintain. Because it’s proactive in preventing data loss and detecting inbound threats, there’s virtually no intervention or investigation required. 
3. Security solutions should enable employees, not restrict them  As one of the most successful asset management companies in Europe, it’s incredibly important to Rob and Mike that cybersecurity doesn’t come at the cost of reduced productivity or employee disruption.  “It’s a fine line. You want to give employees the freedom and flexibility to do their job. You don’t want to restrict too much, especially on email. But, equally, you have to help them understand their responsibility and the role they play in keeping the company secure,” Rob explained. Tessian satisfies both needs. In-the-moment warnings are helpful, not annoying and, because the platform is powered by machine learning, threats are detected with incredible accuracy; flag rates and false positives are much lower than other solutions, with just 1-2 emails emailed flagged per employee, per month.
Better still, this supports Schroders’ ethos of trust and enables Rob to support the organization. He explained, saying that “we trust our employees. They want to do the right thing. But we have to support them. Tessian helps us do that. The warning messages are well-written and give our users a chance to make better, more informed decisions”.
Learn more about how Tessian prevents human error on email Powered by machine learning, Tessian’s Human Layer Security technology understands human behavior and relationships. Tessian Guardian automatically detects and prevents misdirected emails Tessian Enforcer automatically detects and prevents data exfiltration attempts Tessian Defender automatically detects and prevents spear phishing attacks Importantly, Tessian’s technology automatically updates its understanding of human behavior and evolving relationships through continuous analysis and learning of an organization’s email network. That means it gets smarter over time to keep you protected, wherever and however your work. Interested in learning more about how Tessian can help prevent email mistakes in your organization? You can read some of our customer stories here or book a demo.
Schroders Case Study hbspt.cta.load(1670277, '57be6462-e7f3-4e36-ab06-cf44b24cb0cc', {"region":"na1"});
Customer Stories
How Tessian Gave GoCardless Better Control and Visibility of Their Email Threats
By Maddie Rosenthal
18 February 2021
Company: GoCardless Industry: Financial Services Seats: 450 Solutions: Guardian, Enforcer, Defender About GoCardless  GoCardless is a global leader in recurring payments. The GoCardless global payments network and technology platform takes the pain out of getting paid for more than 55,000 businesses worldwide, from multinational corporations to small businesses.  Each year GoCardless processes $18 billion of payments across more than 30 countries. GoCardless is headquartered in the UK, with additional offices in Australia, France, Germany, and the United States.  To help prevent accidental data loss, malicious data exfiltration, and inbound threats like spear phishing and Business Email Compromise, GoCardless has deployed Tessian Guardian, Enforcer, and Defender as their complete inbound and outbound email security solution. We talked to Punit Rajpara, Head of IT, and Benjamin Ayers, IT Engineer, to find out why GoCardless chose Tessian and how their security posture has improved since deployment.  1. Mistakes are inevitable, and self-reporting isn’t enough.  43% of people admit to making a mistake at work that compromised cybersecurity. For Punit and Ben, this isn’t a surprise.  “Whether you like it or not, people make mistakes. It’s inevitable. It could be an accident – like sending a spreadsheet or proposal to the wrong person. Or it could be something more intentional and malicious, like a bad leaver. Whatever it is, we – and all other businesses, really – need to accept that and be prepared for it. At GoCardless, we’d like to be proactive rather than wait for something bad to happen,” Punit explained. That’s why he and his team had a process in place for employees to follow if and when mistakes did happen: reporting. But, after a Proof of Value with Tessian, they realized self-reporting wasn’t enough.
2. Their existing security stack offered limited protection, visibility, and control. GoCardless had several email security solutions in place, many of which were native tools like Google’s rule-based DLP. But these tools alone just weren’t effective enough.
But HLS-I was just one of the features that met their criteria. Their ideal solution needed to be low-maintenance, too. They found that in Tessian. “Tessian was clearly designed with end-users in mind. It’s really allowed us to empower our users to protect themselves without much – if any – admin overhead. That was essential for us,” Ben said. This is especially important for GoCardless since empowerment is an integral part of their ethos.  What about inbound? GoCardless – who have security training and awareness programs in place to help employees spot phishing emails – wasn’t looking for spear phishing protection. But, they immediately saw the value of Tessian Defender. Punit explained, saying “We didn’t come to Tessian for inbound protection. Just outbound. But when we saw how effective Tessian Defender was – especially at reinforcing training – we quickly realized how valuable it would be to have one single platform that covered both inbound and outbound. If we can solve two problems together, why do just one? That was a deciding factor for us”.  3. A breach would have devastating consequences. Since deploying Tessian Guardian to prevent misdirected emails, Tessian Enforcer to prevent data exfiltration, and Tessian Defender to prevent spear phishing, Punit and Ben have seen how their security posture can improve.  But, in order to get buy-in, it was important they outlined the consequences of a breach. For GoCardless, just a few include: Exposed client data  GDPR fines and penalties  Customer churn Customer litigation Loss of VC funding Loss of license  Reputational damage That’s not to say, though, that they had to weigh the cost of the solution against the potential cost of a breach.
 Learn more about how Tessian prevents human error on email Powered by machine learning, Tessian’s Human Layer Security technology understands human behavior and relationships. Tessian Guardian automatically detects and prevents misdirected emails Tessian Enforcer automatically detects and prevents data exfiltration attempts Tessian Defender automatically detects and prevents spear phishing attacks Importantly, Tessian’s technology automatically updates its understanding of human behavior and evolving relationships through continuous analysis and learning of an organization’s email network. That means it gets smarter over time to keep you protected, wherever and however your work. Interested in learning more about how Tessian can help prevent email mistakes in your organization? You can read some of our customer stories here or book a demo.
GoCardless Case Study hbspt.cta.load(1670277, 'a3c10d11-c5e4-4fac-96d8-af18dbb965b8', {"region":"na1"});
Spear Phishing Customer Stories
How Tessian Is Preventing Advanced Impersonation Attacks in Manufacturing
By Maddie Rosenthal
12 January 2021
Company: SPG Dry Cooling Industry: Manufacturing Seats: 368 Solutions: Defender About SPG Dry Cooling SPG Cooling is an innovative, global leading manufacturer of air-cooled condensers that has been providing exceptional quality equipment to coal, oil, and gas industrial plants for over a century. They employee a global workforce and have over 1,000 customer references. We talked to Thierry Clerens, Global IT Manager at SPG Dry Cooling, to learn more about the problems Tessian helps solve and why he chose Tessian Defender over other solutions.  Problem: The most advanced threats can slip past other controls  Phishing is a big problem across all industries.  But, because inbound email attacks are becoming more and more sophisticated and hackers continue using tactics like domain impersonation and email spoofing, Thierry knew he needed to implement a new solution that could stop the phishing emails that might slip past his O365 controls and trained employees. He cited one specific incident where a hacker impersonated a company in SPG Cooling’s supply chain and attempted to initiate a wire transfer.  How? A tiny, difficult-to-spot change in the domain name.  “They created a fake domain with exactly the same name as the real user. But the top-level domain .tr was missing at the end. So it was just .com. No user – not even IT! – is looking at the domain name that closely. They tried to get us to deliver money to another account,” Thierry explained. While the attack wasn’t successful (SPG Dry Cooling has strong policies and procedures in place to confirm the legitimacy of requests like this) he wanted to level-up his inbound email security and help users spot these advanced impersonation attacks. So, he invested in Tessian. Thierry explained why. 
Tessian Defender analyzes up to 12 months of historical email data to learn what “normal” looks like. It then uses natural language processing, behavioral analysis, and communication analysis to determine if a particular email is suspicious or not in real-time. To learn more, read the data sheet.  Problem: You can’t train employees to spot all phishing attacks Tessian also helps employees get better at spotting malicious emails with in-the-moment warnings (written in plain English) that reinforce training by explaining exactly why an email is being flagged. Here is an example:
This feature is especially important to Thierry, who values phishing awareness training but understands it has to be ongoing.  “We like to empower our users and we like that, with Tessian, our users learn and become better and better and better. That’s what we’re trying to do at SPG Dry Cooling. We’re trying to train and educate our users as much as possible. We’re trying to be innovative in the ways that we get our users, our company, our members, everybody, to better themselves,” he said. In evaluating solutions, he wanted something that would protect his people, while also empowering them to make smarter security decisions. He found that in Tessian, explaining that “the most interesting feature for me is the user education. You have to train your users. You have to help them get better at spotting threats by helping them understand the threats. Tessian does that.” Problem: It’s nearly impossible for IT teams to manually investigate all potential inbound threats Before Tessian, Thierry and his team had to manually investigate all emails that employees flagged as suspicious. With limited time and resources – and given the fact that “some are really good and are even hard for IT people to find” – it was nearly impossible for them to keep up. 
Thierry explained that Tessian extends the capabilities of his team. How?  It automatically detects and prevents threats Domains can be added to the denylist in a single click, before they even land in employee’s mailboxes Tessian dashboards make it easy for IT to see trends and create targeted security campaigns to help educate users.  Tessian was also easy to deploy. “As a part of our proof of concept, Tessian started ingesting historical data about employee’s IP addresses, what emails they normally send, who they normally communicate with. We saw how it was helping in just a few weeks. After that, we connected Tessian to Office 36. It took just 15 minutes,” he said.  Learn more about how Tessian prevents human error on email Powered by machine learning, Tessian’s Human Layer Security technology understands human behavior and relationships. Tessian Guardian automatically detects and prevents misdirected emails Tessian Enforcer automatically detects and prevents data exfiltration attempts Tessian Defender automatically detects and prevents spear phishing attacks Importantly, Tessian’s technology automatically updates its understanding of human behavior and evolving relationships through continuous analysis and learning of an organization’s email network. That means it gets smarter over time to keep you protected, wherever and however your work. Interested in learning more about how Tessian can help prevent email mistakes in your organization? You can read some of our customer stories here or book a demo.
SPG Dry Cooling Case Study hbspt.cta.load(1670277, '18e021b3-d228-43a7-9fa6-e3f44190d20c', {"region":"na1"});
Customer Stories DLP
Why Caesars Entertainment Chose Tessian as Their Complete Outbound Email Security Solution
By Maddie Rosenthal
07 January 2021
Company: Caesars Entertainment UK Industry: Entertainment Seats: 250 Solutions: Guardian and Enforcer  About Caesars Entertainment UK  In 2006, Caesars Entertainment – the world’s largest casino entertainment company, best known for properties such as Caesars Palace, Planet Hollywood, and Harrahs – acquired London Clubs International. The current seven casinos in the UK form Caesars Entertainment UK. While the organization is passionate about delivering exceptional gaming entertainment and proud to offer customers unrivaled networks and benefits, they’re also active in the community, sponsoring and supporting a number of charities, including YGAM, GamCare, and The Gordon Moody Association. To help prevent both accidental data loss and malicious data exfiltration, Caesars has deployed Tessian Guardian and Enforcer as a complete outbound email security solution to protect 250 employees. Tessian solves three key problems for Caesars, which we explore in the Q&A interview below. Or, you can keep reading for a summary of the discussion.  1. An honest mistake on email almost caused a data breach Oftentimes, cybersecurity solutions are purchased retroactively, meaning after a breach has occurred. But, for Charles Rayer, Group IT Director at Caesars Entertainment UK, Tessian was a proactive investment, elicited by a near-miss. Here’s what happened: A customer relations advisor was sending emails to the casino’s VIPs. But, in one email, the employee accidentally attached the wrong document, which was a spreadsheet containing personal information related to some of their top 100 customers.   Luckily, they also spelled the email address incorrectly, so it was never actually sent. Nonetheless, it was a wake-up call for Charles and his team.
So, what would the consequences have been if the email had actually gone through? Charles explained, saying, “We’re covered by the GDPR and the Sarbanes-Oxley Act because we’re a public listing with US parent companies which means, had the email been sent, we would have had to report it which is a long process. And, even though we had security solutions in place, we would have most likely recieved a fine.  But for us, the biggest issue would have been the reputational damage. If that personal information did fall into the wrong hands, what would they do with it? Would they use it for their own personal benefit? Would they use it against us?”  With Tessian Human Layer Security Intelligence, Charles now has clear visibility of misdirected emails – what he previously considered an “iceberg threat” – and, because Tessian Guardian automatically prevents emails from being sent to the wrong person, Charles feels confident that a simple mistake won’t cost Caesars its reputation.  “It’s an issue of human error. We truly believe people are 100x more likely to accidentally mishandle data than to do it deliberately. So how do you solve it? There are thousands of solutions that categorize emails, look for strings of numbers, and identify keywords based on rules. But they don’t help in this situation. Tessian does. It knows – and continues learning – what conversations you normally have with people and can pick-up when something’s off. That’s the feature that really stood out to us.” Charles said.  To learn more about how Tessian Guardian uses historical email analysis, real-time analysis, natural language processing, and employee relationship graphs to detect and prevent misdirected emails, download the data sheet.  2. Other solutions triggered 10x as many false positives as real events  While – prior to deploying Tessian  – Charles didn’t have any technology in place to prevent misdirected emails, he did have a solution in place to prevent unauthorized emails. But, because it triggered so many false positives, he and his security team were drowning in alerts, making it impossible to investigate even a fraction of the alleged incidents in real time.  It was also disruptive for employees to interact with day-to-day. “I would say on average, we saw 10x as many false positives as real incidents of data exfiltration. Some days you’d have 100 incidents logged, and not one of them would be of merit. It was a deluge of junk, with the occasional useful bit of information,” he explained.  Charlies pointed out that Tessian, on the other hand, flags just 5-6 unauthorized emails a day company-wide with a false positive rate that’s marginal now, and will only get smaller as it continues to learn from employee behavior and relationships. Yes, that means it gets smarter over time.  How? Enforcer analyzes historical email data to understand what “normal” content, context, and communication patterns look like. The technology uses this understanding alongside real-time analysis to accurately predict whether or not outbound emails are data exfiltration attempts.  That means Charles and his team can actually investigate each and every incident and, when employees do see a warning, they interact with it instead of ignoring it.
Want to learn more about how Tessian Enforcer’s machine learning algorithms get smarter over time? You can get more information here.  3. Employees in the entertainment industry handle highly sensitive data – but not all of them As Charles pointed out, employees working in the entertainment industry – especially those who work in customer service – handle a lot of sensitive information. That means that mistakes – like sending a misdirected email or emailing a contract to a personal email address to print at home – can have big consequences. It also means employees may be motivated to exfiltrate data for a competitive advantage or financial gain.  Charles has seen all of the above.  “Not just our sector, but all sectors in the entertainment industry are based around customer service and personal contact. That means we have to know a lot about our customers. And that information is valuable. It’s information people want which means we have to make sure we protect it,” he explained.  But, not all employees have access to the same type of information. Customization, therefore, was important to Charles, who said, “We have a number of employees who don’t actually have access to sensitive information and a number of employees who don’t email anyone external. So there’s no point deploying across the entire company. We wanted to focus on people who deal with customers.  Likewise, not everyone who has been onboarded is in the same internal email group, which means we have to apply different controls and rules to different people. We can do all of this easily with Tessian.” While Tessian does offer 100% automated threat prevention, we know that for security strategies to be truly effective, technology and in-house policies have to work together. With Tessian Constructor, security leaders can create personalized rules and policies for individuals and groups.  Learn more about how Tessian prevents human error on email Powered by machine learning, Tessian’s Human Layer Security technology understands human behavior and relationships. Tessian Guardian automatically detects and prevents misdirected emails Tessian Enforcer automatically detects and prevents data exfiltration attempts Tessian Defender automatically detects and prevents spear phishing attacks Importantly, Tessian’s technology automatically updates its understanding of human behavior and evolving relationships through continuous analysis and learning of an organization’s email network. That means it gets smarter over time to keep you protected, wherever and however your work. Interested in learning more about how Tessian can help prevent email mistakes in your organization? You can read some of our customer stories here or book a demo.
Caesars Case Study hbspt.cta.load(1670277, 'ff80e5bd-f870-47e7-b210-ba27519c7e77', {"region":"na1"});
Human Layer Security Customer Stories
Recap: Tessian Webinar, How to Build a Security Culture in Today’s Working World
By Monica Nio
04 November 2020
In our most recent research report, Securing the Future of Hybrid Working, we revealed that 75% of IT decisions makers believe the future of work will be “remote” or hybrid” – where employees could work wherever and however they’d like. So, we wanted to find out: How that might affect an organization’s security culture Why a positive security culture is even more important when employees are remote  How automation can help ease the burden on thinly-stretched IT teams while empowering employees to make smarter security decisions We explored these topics with Rachel Beard, Principal Security Technical Architect at Salesforce, and Ray Chery, SVP and Co-Head of Security Softwares at Jefferies. The discussion was led by Trevor Luker, Tessian’s VP of Information Technology.  Want to watch the full video? You can view it on-demand here. Otherwise, read our notes below for key takeaways and quotes from the panelists.  Want to learn more about our guest speakers and their companies? Skip down to the bottom of the page. And, if you want to be the first to know about future virtual events, subscribe to our newsletter.  5 key takeaways from the Tessian webinar We have to re-learn how to communicate in a hybrid work structure. Gone are the days of just walking up to our colleagues and asking if they sent that suspicious email or tapping someone in IT on the shoulder to clarify a new security policy.  That means security and business leaders need to arm their teams with tools to collaborate and frequently check-in to make sure each and every employee feels comfortable with their new remote set-up. The key to a positive security culture is making employees feel like they play an active role in protecting the organization’s systems and data. But how? Instill the value of privacy and security from the outset with training and other programs and initiatives. Watch the full webinar for more insights into exactly what Rachel and Ray do at Salesforce and Jefferies.   There are benefits and drawbacks to hybrid work. According to Rachel and Ray, productivity is on the rise, which is great news. Teams are aligning on shared goals and initiatives, despite being physically distant. But people are missing the “human” interaction and camaraderie of an in-person office and many are finding it difficult to separate their personal and professional lives. It’s essential you tackle this problem head on and prioritize employee wellbeing.  Automated tools can make security accessible for everyone. This also contributes to a positive security culture by reducing IT teams’ workload. More on this in the summarized Q&A below. Jefferies uses Tessian to prevent misdirected emails. Ray’s team loves Tessian for its “noise-to-value ratio”. So, what makes Tessian so easy to use? Our technology is powered by machine learning, which means our solutions automatically detect and prevent threats like data exfiltration, misdirected emails, and spear phishing with accuracy and ease.  To find out more about how Rachel and Ray think about security culture, Trevor asked them both several questions about their perspective on automation and how to make employees a part of the solution.  We summarized their answers below. Remember, you can watch the full interview here. Q. Prior to COVID, Jefferies went from 5% to 99% of their employees working remote. Will this change be permanent? Ray: “We’re all more comfortable with getting things done from home; we’ve had to grow accustomed to it over the course of the last couple months. [However], our IT team is planning on going back to being in the office 2 or 3 of the 5 days every week. And part of that is driven by the fact that the interaction with the team is different virtually. Teams that really do interact more collaboratively feel the need to still be in the office. I definitely think hybrid work is here to stay.”  Q. Would you say that increased employee workload makes your organization more vulnerable? Ray: “We’re all doing a million things at once. When you’re stretched that thin all the time, folks tend to make mistakes, are more likely to click on an email that they’re not supposed to, or may not be reading things as thoroughly as they need to. The risks are definitely enhanced given that everyone is working from home now.”  Looking for more insights into why people make mistakes and how businesses can prevent errors before they turn into breaches? Check out our research, The Psychology of Human Error. Q. How can automation save your IT team’s time? Rachel: “At Salesforce, we’ve always had a lot of self-service mechanisms. We have Concierge as our service where you can go searching for the information that you need and open a ticket only if you need advanced help. But now, we’re looking at other ways that our customers can do the same. That way, IT can be more available for the highly specialized activities, and some of the more routine ones can be addressed by the employees themselves.”  Ray: “Ultimately, there’s no patch for human error. Humans are going to make mistakes. I think as much automation as we can incorporate into our security stack is really for the better. It removes repetitive errors, streamlines incident management, and reduces the boring stuff that our security analysts need to do. Instead of formally writing tickets and reaching out to me as an employee every time I violate an email rule, we can set it up as such so there’s a pop-up instead.” 
Q. Can tools add to an organization’s security culture in a positive way? Rachel: “Yes, when you have the guidelines and boundaries in a really transparent way. It makes everything more safe for everybody. You just have to think about how to implement that so that you allow your users to be able to do their work effectively and not get in their way too much or become an obstacle while protecting your sensitive data.”  Q. How has Tessian’s Guardian helped with Jefferies’ security culture in today’s working world? Ray: “We’re doing so many things now at home. And at home, we’re more exposed and more likely to make mistakes. We love Tessian because it’s very low-impact [on obstructing employees’ work]. It is a product that delivers with accuracy. Our IT team likes the noise-to-value ratio. When I think about the misaddressed email capabilities alone – we’re all sending a million emails a day – it’s very easy for us to send an email to the wrong person. The way that Tessian handles it in a seamless way is really great.”  Learn how Guardian can help your organization prevent accidental data loss. View Guardian’s page now. For more insights and personal anecdotes, watch the full video now.  About Rachel Rachel Beard is the Principal Security Technical Architect at Salesforce. Rachel joined Salesforce in 2014 and is a Principal Security Technical Architect.  Rachel’s areas of expertise are Salesforce security, data privacy, and compliance. She has over 14 years experience at Salesforce, spanning everything from System Administrator to Developer and even Product Marketing. Rachel is also the volunteer coordinator for Wet Nose Rescue, a leader of a Pride ERG at Salesforce, and a chair on the Diversity & Inclusion Committee at her local public school.  About Ray Ray Chery is the SVP and Co-Head of Security Software at Jefferies. Ray Chery is Senior Vice President and Co-Head of Security Software in Jefferies’ Technology Investment Banking Division. Based in San Francisco, Ray focuses primarily on enterprise security software. He has advised on more than $50B in transaction value over his 14-year career as a technology banker and has worked with and advised companies such as Bomgar, Carbonite, CrowdStrike, DigiCert, Forcepoint, Gigamon, Imperva, Plexxi, Sailpoint and Tufin.  He has also served on the Young Professional Advisory Council (YPAC) and continues to volunteer with Make-A-Wish Greater Bay Area. About Jefferies Jefferies, the global investment banking firm, has served companies and investors for over 55 years. Headquartered in New York, with offices in over 30 cities around the world, the firm provides clients with capital markets and financial advisory services, institutional brokerage and securities research, as well as asset and wealth management. About Salesforce Salesforce is a customer relationship management solution that brings companies and customers together. It’s one integrated CRM platform that gives all your departments — including marketing, sales, commerce, and service — a single, shared view of every customer.
Human Layer Security Customer Stories
Recap: Q&A With Chris Kovel, CTO, PJT Partners
By Maddie Rosenthal
02 November 2020
In case you missed it, Chris Kovel, Chief Technology Officer at PJT Partners, recently joined Robyn Savage, Customer Success Manager at Tessian, for a Q&A about what threats are top of mind and how Tessian helps PJT Partners keep data secure. While you can watch the full video on-demand, we’ve compiled our notes for a high-level overview of their 30-minute discussion. Want to learn more about Chris or PJT Partners? Skip down to the bottom of the page. And, if you want to be the first to know about future virtual events, subscribe to our newsletter.  4 things we learned from Chris  There are three “types” of threat actors. The outsider with intent, the insider with intent, and the well-intentioned employee. In terms of what keeps Chris up at night, it’s often the well-intentioned employee who sends misdirected emails.  While most of us have fired off an email to the wrong person, that doesn’t mean there aren’t serious consequences. There are. If data is leaked (especially in highly regulated industries like Financial Services, Healthcare, and Legal) organizations could face hefty fines for non-compliance, lose customer trust, and suffer a damaged reputation. But… 90% of emails don’t contain sensitive information. That’s why it’s so important that security and compliance leaders develop a process for classifying data as a part of their larger data loss prevention strategy.  PJT Partners uses Tessian for both inbound and outbound email security to detect and prevent misdirected emails, insider threats, and advanced impersonation attacks.  To find out a bit more about what’s top of mind for Chris and how Tessian fits into his overall security strategy, Robyn asked Chris several questions. We’ve summarized them below. Don’t forget, you can watch the full interview here. Q. Are there certain employees who you view as particularly risky or at-risk? “There are absolutely higher value targets that we have to pay more close attention to… But the controls we put in place are for the firm, right? They’re put in place to help everybody.  The leak can happen at any level. It could be a low-level junior banker, it can be someone in the technology department, it can be a partner of the firm.” Q. How has COVID affected your organization and your approach to cybersecurity? “Bankers and everyone else are using technology more than they’ve ever used it before. That means devices are a key for doing business now, whether it’s pulling up a quick video or sending documents. But email still actually accounts for the lion’s share of their communication. Fortunately, Tessian has some really great tools in place to protect users on devices in the same way they’re protected on desktop.” Want to learn more about how to keep your devices secure? Check out our Remote Worker’s Guide to BYOD Policies. Q. Shifting to inbound, what features make Tessian an especially appealing and effective solution at PJT? “Frankly, Tessian is extraordinarily clever in how it detects advanced impersonation. The amount of suspicious emails that Defender flags for us is quite staggering.” “You can spoof an email address in any way, shape, or form so having a product that basically says, “this one email doesn’t look like the others” or “this email likely isn’t actually coming from this person” is really helpful to the larger firm and individual users. In-the-moment warnings are helping our employees get better at actually recognizing which emails are legit and which aren’t and our administrators can help them work through it.”
For more insights and personal anecdotes, watch the full video now.  About Chris Chris Kovel is the Chief Technology officer at  PJT Partners. Prior to joining PJT Partners, Chris spent the previous 25 years at Morgan Stanley in the technology department. In Chris’ last role at Morgan Stanley, he was primarily focused on Artificial Intelligence, Analytics and Data for the Wealth Management division.  Over the course of the 25 years at Morgan Stanley, Chris developed significant technologies for Investment Banking, Capital Markets, Wealth Management, Research & Sales Distribution. Chris holds two patents for banking and trading technologies. Chris led the project and team that won the 2018 Banking Technology Award for Artificial Intelligence for the Next Best Action implementation. Prior to joining Morgan Stanley, Chris worked for Lotus Development Corporation. Chris received his BA from Skidmore College About PJT Partners PJT Partners is a premier global advisory-focused investment bank headquartered in New York City. Their team of senior professionals deliver a range of services to corporations, financial sponsors, institutional investors, alternative investment managers, and governments around the world. 
Human Layer Security Spear Phishing Customer Stories DLP Data Exfiltration
How Tessian Is Preventing Breaches and Influencing Safer Behavior in Healthcare
By Maddie Rosenthal
28 October 2020
Company: Cordaan Industry: Healthcare Seats: 6,300 Solutions: Guardian, Enforcer, Defender  About Cordaan Cordaan – one of the largest healthcare providers in Amsterdam – provides care to over 20,000 people from 120 locations across Amsterdam. They do this with the help of 6,000 employees and more than 2,500 volunteers. Cordaan also works in association with research institutes and social organizations.  To help protect the organization’s people, sensitive data, and networks, Cordaan has deployed Tessian Guardian, Enforcer, and Defender to protect over 6,300 employees on email.  Tessian solves three key problems for Cordaan, which we explore in detail in the video below. Keep reading for a summary of the discussion. Problem: Healthcare employees are especially vulnerable to inbound attacks  When it comes to inbound attacks like spear phishing and business email compromise, the healthcare industry is among the most targeted. It also has the highest costs associated with data breaches. Why? According to Cas de Bie, the Dutch healthcare provider’s Chief Information Officer, it’s not just because organizations operating in this industry handle highly sensitive data. It also has a lot to do with the very nature of the work: helping people. 
Combine this empathetic approach with the stress of a global pandemic, and you’re left with an incredibly vulnerable workforce. With Tessian, Cas is now confident Tessian will identify spear phishing emails before his employees respond to them and that employees’ workflow won’t be disrupted in the process.  When talking about inbound attacks, Cas said “It’s all about awareness. While people probably do know what they’re supposed to do when it comes to email security, it’s different in real life. It’s hard to decide in the moment. Of course, they don’t do it on purpose. They want to make the right decision. Tessian helps them do that.” Problem: Reactive and rule-based solutions weren’t preventing human error on email in the short or long-term To ensure GDPR-compliance, Cordaan prioritized investment in privacy and security solutions. But, according to Cas, “standard” email security, spam filtering solutions, and encryption alone just weren’t enough. They weren’t keeping malicious emails out of inboxes, and they weren’t preventing data loss from insiders. They also weren’t doing anything to improve employee security reflexes in the long-term. 
So, to level-up Cordaan’s email security, Cas was looking for a solution that was: Technologically advanced User-friendly Proactive With Tessian, he found all three. Powered by contextual machine learning and artificial intelligence, our solutions can detect and prevent threats and risky behavior before they become incidents or breaches. How? With the in-the-moment warnings – triggered by anomalous email activity – that look something like this.
These warnings help nudge well-intentioned employees towards safer behavior and ensure data stays within Cordaan’s perimeter. And, because Tessian works silently in the background and analyzes inbound and outbound emails in milliseconds, it’s invisible to employees until they see a warning.   This was incredibly important to Cas, who said that “The added value of Tessian is that it influences behavior. That really resonated with the board and helped me make a strong business case. While I can’t show how cybersecurity creates revenue, I can show – via a risk management calculation – the potential fines we could avoid because of our investment in Tessian”.  Problem: Cordaan’s security team had limited visibility into – and control over – data loss incidents on email  While Cordaan had invested in other email security solutions, Cas and his team still lacked visibility into the frequency of data loss incidents on email. But, after deploying Tessian for a Proof of Value, the scope of the problem became crystal clear.
The reality is that employees do actually send unauthorized and misdirected emails more frequently than expected. (We explore this in detail in our report, The State of Data Loss Prevention 2020.) But, the good news is that this behavior can be influenced and corrected—all without access restrictions that make it harder (or impossible) for employees to do their jobs.  Cas explained it well, saying that “Of course there are things that we have to police and prohibit. But, most of the time, people aren’t doing things maliciously. So it’s nice that – with Tessian – we can take a more nuanced approach. We can influence behavior and help our employees do the right thing.” Learn more about how Tessian prevents human error on email Powered by machine learning, Tessian’s Human Layer Security technology understands human behavior and relationships. Tessian Guardian automatically detects and prevents misdirected emails Tessian Enforcer automatically detects and prevents data exfiltration attempts Tessian Defender automatically detects and prevents spear phishing attacks Importantly, Tessian’s technology automatically updates its understanding of human behavior and evolving relationships through continuous analysis and learning of an organization’s email network. That means it gets smarter over time to keep you protected, wherever and however your work. Interested in learning more about how Tessian can help prevent email mistakes in your organization? You can read some of our customer stories here or book a demo.
Cordaan Case Study hbspt.cta.load(1670277, '61cef6a6-03b0-4491-a81d-6e751eb924e8', {"region":"na1"});
Human Layer Security Spear Phishing Customer Stories DLP Compliance Data Exfiltration
18 Actionable Insights From Tessian Human Layer Security Summit
By Maddie Rosenthal
09 September 2020
In case you missed it, Tessian hosted its third (and final) Human Layer Security Summit of 2020 on September 9. This time, we welcomed over a dozen security and business leaders from the world’s top institutions to our virtual stage, including: Jeff Hancock from Stanford University David Kennedy, Co-Founder and Chief Hacking Officer at TrustedSec Merritt Baer, Principal Security Architect at AWS Rachel Beard, Principal Security Technical Architect at Salesforce  Tim Fitzgerald, CISO at Arm  Sandeep Amar, CPO at MSCI  Martyn Booth, CISO at Euromoney  Kevin Storli, Global CTO and UK CISO at PwC Elvis M. Chan, Supervisory Special Agent at the FBI  Nina Schick, Author of “Deep Fakes and the Infocalypse: What You Urgently Need to Know” Joseph Blankenship, VP Research, Security & Risk at Forrester Howard Shultz, Former CEO at Starbucks  While you can watch the full event on YouTube below, we’ve identified 18 valuable insights that security, IT, compliance, and business leaders should apply to their strategies as they round out this year and look forward to the next.
Here’s what we learned at Tessian’s most recent Human Layer Security Summit. Not sure what Human Layer Security is? Check out this guide which covers everything you need to know about this new category of protection.  1. Cybersecurity is mission-critical Security incidents – whether it’s a ransomware attack, brute force attack, or data leakage from an insider threat – have serious consequences. Not only can people lose their jobs, but businesses can lose customer trust, revenue, and momentum. While this may seem obvious to security leaders, it may not be so obvious to individual departments, teams, and stakeholders. But it’s essential that this is communicated (and re-communicated).  Why? Because a company that’s breached cannot fulfill its mission. Keep reading for insights and advice around keeping your company secure, all directly from your peers in the security community. 2. Most breaches start with people People control our most sensitive systems and data. It makes sense, then, that most data breaches start with people. But, that doesn’t mean employees are the weakest link. They’re a business’ strongest asset! So, it’s all about empowering them to make better security decisions. That’s why organizations have to adopt people-centric security solutions and strategies.
The good news is, security leaders don’t face an uphill battle when it comes to helping employees understand their responsibility when it comes to cybersecurity… 3. Yes, employees are aware of their duty to protect data Whether it’s because of compliance standards, cybersecurity headlines in mainstream media, or a larger focus on privacy and protection at work, Martyn Booth, CISO at Euromoney reminded us that most employees are actually well aware of the responsibility they bear when it comes to safeguarding data.  This is great news for security leaders. It means the average employee will be more likely to abide by policies and procedures, will pay closer attention during awareness training, and will therefore contribute to a more positive security culture company-wide. Win-win. 4. But, employees are more vulnerable to phishing scams outside of their normal office environment  While – yes – employees are more conscious of cybersecurity, the shift to remote working has also left them more vulnerable to attacks like phishing scams.  “We have three “places”: home, work, and where we have fun. When we combine two places into one, it’s difficult psychologically. When we’re at home sitting at our coffee table, we don’t have the same cues that remind us to think about security that we do in the office. This is a huge disruption,” Jeff Hancock, Professor at Stanford University explained.  Unfortunately, hackers are taking advantage of these psychological vulnerabilities. And, as David Kennedy, Co-Founder and Chief Hacking Officer at TrustedSec pointed out, this isn’t anything new. Cybercriminals have always been opportunistic in their attacks and therefore take advantage of chaos and emotional distress.  To prevent successful opportunistic attacks, he recommends that you: Reassess what the new baseline is for attacks Educate employees on what threats look like today, given recent events Identify which brands, organizations, people, and departments may be impersonated (and targeted) in relation to the pandemic But, it’s not just inbound email attacks we need to be worried about.  5. They’re more likely to make other mistakes that compromise cybersecurity, too This change to our normal environment doesn’t just affect our ability to spot phishing attacks. It also makes us more likely to make other mistakes that compromise cybersecurity. Across nearly every session, our guest speakers said they’ve seen more incidents involving human error and that security leaders should expect this trend to continue. That’s why training, policies, and technology are all essential components of any security strategy. More on this below. 6. Security awareness training has to be ongoing and ever-evolving At our first Human Layer Security Summit back in March, Mark Logsdon, Head of Cyber Assurance and Oversight at Prudential, highlighted three key flaws in security awareness training: It’s boring It’s often irrelevant It’s expensive What he said is still relevant six months on and it’s a bigger problem than ever, especially now that the perimeter has disappeared, security teams are short-handed, and individual employees are working at home and on their own devices. So, what can security leaders do?  Kevin Storli, Global CTO and UK CISO at PwC highlighted the importance of tailoring training to ensure it’s always relevant. That means that instead of just reminding employees about compliance standards and the importance of a strong password, we should also be focusing on educating employees about remote access, endpoints, and BYOD policies. But one training session isn’t enough to make security best practice really stick. These lessons have to be constantly reinforced through gamification, campaigns, and technology.  Tim Fitzgerald, CISO at Arm highlighted how Tessian’s in-the-moment warnings have helped his employees make the right decisions at the right time.  “Warnings help create that trigger in their brain. It makes them pause and gives them that extra breath before taking the next potentially unsafe step. This is especially important when they’re dealing with data or money. Tessian ensures they question what they’re doing,” he said.
7. You have to combine human policies with technical controls to ensure security  It’s clear that technology and training are both valuable. That means your best bet is to combine the two. In discussion with Ed Bishop, Tessian Co-Founder and CTO, Merritt Baer, Principal Security Architect at AWS and Rachel Beard, Principal Security Technical Architect at Salesforce, both highlighted how important it is for organizations to combine policies with technical controls. But security teams don’t have to shoulder the burden alone. When using tools like Salesforce, for example, organizations can really lean on the vendor to understand how to use the platform securely. Whether it’s 2FA, customized policies, or data encryption, many security features will be built-in.  8. But…Zero Trust security models aren’t always the answer While – yes – it’s up to security teams to ensure policies and controls are in place to safeguard data and systems, too many policies and controls could backfire. That means that “Zero Trust” security models aren’t necessarily the best way to prevent breaches.
9. Security shouldn’t distract people from their jobs  Security teams implement policies and procedures, introduce new software, and make training mandatory for good reason. But, if security becomes a distraction for employees, they won’t exercise best practice.  The truth is, they just want to do the job they were hired to do!  Top tip from the event: Whenever possible, make training and policies customized, succinct, and relevant to individual people or departments.  10. It also shouldn’t prevent them from doing their jobs  This insight goes back to the idea that “Zero Trust” security models may not be the best way forward. Why? Because, like Rachel, Merrit, Sandeep, and Martyn all pointed out: if access controls or policies prevent an employee from doing their job, they’ll find a workaround or a shortcut. But, security should stop threats, not flow. That’s why the most secure path should also be the path of least resistance. Security strategies should find a balance between the right controls and the right environment.  This, of course, is a challenge, especially when it comes to rule-based solutions. “If-then” controls are blunt instruments. Solutions powered by machine learning, on the other hand, detect and prevent threats without getting in the way. You can learn more about the limitations of traditional data loss prevention solutions in our report The State of Data Loss Prevention 2020.  11. Showing downtrending risks helps demonstrate the ROI of security solutions  Throughout the event, several speakers mentioned that preemptive controls are just as important as remediation. And it makes sense. Better to detect risky behavior before a security incident happens, especially given the time and resources required in the event of a data breach.  But tracking risky behavior is also important. That way, security leaders can clearly demonstrate the ROI of security solutions. Martyn Booth, CISO at Euromoney, explained how he uses Tessian Human Layer Security Intelligence to monitor user behavior, influence safer behavior, and track risk over time. “We record how many alerts are sent out and how employees interact with those alerts. Do they follow the acceptable use policy or not? Then, through our escalation workflows that ingest Tessian data, we can escalate or reinforce. From that, we’ve seen incidents involving data exfiltration trend downwards over time. This shows a really clear risk reduction,” he said. 12. Targeted attacks are becoming more difficult to spot and hackers are using more sophisticated techniques As we mentioned earlier, hackers take advantage of psychological vulnerabilities. But, social media has turbo-charged cybercrime, enabling cybercriminals to create more sophisticated attacks that can be directed at larger organizations. Yes, even those with strong cybersecurity. Our speakers mentioned several examples, including Garmin and Twitter. So, how do they do it? Research! LinkedIn, company websites, out-of-office messages, press releases, and news articles all provide valuable information that a hacker could use to craft a believable email. But, there are ways to limit open-source recon. See tips from David Kennedy, Co-Founder and Chief Hacking Officer at TrustedSec, below. 
13. Deepfakes are a serious concern Speaking of social media, Elvis M Chan, Supervisory Special Agent at the FBI and Nina Schick, Author of “Deep Fakes and the Infocalypse: What You Urgently Need to Know”,  took a deep dive into deepfakes. And, according to Nina, “This is not an emerging threat. This threat is here. Now.” While we tend to associate deepfakes with election security, it’s important to note that this is a threat that affects businesses, too.  In fact, Tim Fitzgerald, CISO at Arm, cited an incident in which his CEO was impersonated in a deepfake over Whatsapp. The ask? A request to move money. According to Tim, it was quite compelling.  Unfortunately, deepfakes are surprisingly easy to make and generation is outpacing detection. But, clear policies and procedures around authenticating and approving requests can ensure these scams aren’t successful. Not sure what a deepfake is? We cover everything you need to know in this article: Deepfakes: What Are They and Why Are They a Threat? 14. Supply chain attacks are, too  In conversation with Henry Treveleyan Thomas, Head of Customer Success at Tessian, Kevin Storli, Global CTO and UK CISO at PwC discussed how organizations with large supply chains are especially vulnerable to advanced impersonation attacks like spear phishing. “It’s one thing to ensure your own organization is secure. But, what about your supply chain? That’s a big focus for us: ensuring our supply chain has adequate security controls,” he said. Why is this so important? Because hackers know large organizations like PwC will have robust security strategies. So, they’ll look for vulnerabilities elsewhere to gain a foothold. That’s why strong cybersecurity can actually be a competitive differentiator and help businesses attract (and keep) more customers and clients.  15. People will generally make the right decisions if they’re given the right information 88% of data breaches start with people. But, that doesn’t mean people are careless or malicious. They’re just not security experts. That’s why it’s so important security leaders provide their employees with the right information at the right time. Both Sandeep Amar, CPO at MSCI and Tim Fitzgerald, CISO at Arm talked about this in detail.  It could be a guide on how to spot spear phishing attacks or – as we mentioned in point #6 – in-the-moment warnings that reinforce training.   Check out their sessions for more insights.  16. Success comes down to people While we’ve talked a lot about human error and psychological vulnerabilities, one thing was made clear throughout the Human Layer Security Summit. A business’s success is completely reliant on its people. And, we don’t just mean in terms of security. Howard Shultz, Former CEO at Starbucks, offered some incredible advice around leadership which we can all heed, regardless of our role. In particular, he recommended: Creating company values that really guide your organization Ensuring every single person understands how their role is tied to the goals of the organization Leading with truth, transparency, and humility
17. But people are dealing with a lot of anxiety right now Whether you’re a CEO or a CISO, you have to be empathetic towards your employees. And, the fact is, people are dealing with a lot of anxiety right now. Nearly every speaker mentioned this. We’re not just talking about the global pandemic.  We’re talking about racial and social inequality. Political unrest. New working environments. Bigger workloads. Mass lay-offs.  Joseph Blankenship, VP Research, Security & Risk at Forrester, summed it up perfectly, saying “We have an anxiety-ridden user base and an anxiety-ridden security base trying to work out how to secure these new environments. We call them users, but they’re actually human beings and they’re bringing all of that anxiety and stress to their work lives.” That means we all have to be human first. And, with all of this in mind, it’s clear that….. 18. The role of the CISO has changed  Sure, CISOs are – as the name suggests – responsible for security. But, to maintain security company-wide, initiatives have to be perfectly aligned with business objectives, and every individual department, team, and person has to understand the role they play. Kevin Storli, Global CTO and UK CISO at PwC touched on this in his session. “To be successful in implementing security change, you have to bring the larger organization along on the journey. How do you get them to believe in the mission? How do you communicate the criticality? How do you win the hearts and minds of the people? CISOs no longer live in the back office and address just tech aspects. It’s about being a leader and using security to drive value.” That’s a tall order and means that CISOs have to wear many hats. They need to be technology experts while also being laser-focused on the larger business. And, to build a strong security culture, they have to borrow tactics from HR and marketing.  The bottom line: The role of the CISO is more essential now than ever. It makes sense. Security is mission-critical, remember? If you’re looking for even more insights, make sure you watch the full event, which is available on-demand. You can also check out previous Human Layer Security Summits on YouTube.
Human Layer Security Customer Stories DLP
9 Questions That Will Help You Choose The Right Email Security Solution
25 August 2020
When it comes to creating a cybersecurity strategy, security leaders have a lot to consider. There are various threat vectors, dozens of “types” of data to secure, thousands of products on the market, and oftentimes limited budget to work with. But, in this article, we’re going to focus on email security. Why? Because 90% of data breaches start on email. Data could be compromised via a spear phishing attack. Malware contained in one malicious attachment could infect an entire organization’s network. Insider threats could easily exfiltrate data for financial gain simply by emailing spreadsheets to their personal email accounts.   That’s why email is the threat vector security and IT leaders are most concerned about, and it’s why choosing the right email security software is so critically important. Keep reading to learn: What nine questions you should ask when choosing an email security solution  The solutions other security leaders across industries use to protect their people on email Why Tessian may be the right email security software for you How to get buy-in from your CEO after you’ve decided what the best solution is for your organization 1. Is it easy to deploy? Cybersecurity solutions should make life easier for your employees and your IT department. And, the bottom line is, a complicated setup process wastes time and resources. Worse still, it could lead to errors in deployment which may leave your company vulnerable. That’s why email security software must be easy to deploy across your organization and it should seamlessly integrate with a variety of email clients, all without any administrative burden. Before getting too far into the sales process, make sure you find out what support the vendor will provide, how long deployment takes, and – whenever possible – talk to an existing customer to find out how their deployment was.  2. Is it scalable and customizable? As your company grows and changes, your business tools must adapt. This includes email security software, which should work for you consistently, regardless of your company’s size. If you scale up or down, your email security software should change with you. Email security software must also allow customization so that it really aligns with your risk appetite, your employees’ preferences, and your specific business context. Too little flexibility is stifling — but too much choice is overwhelming (and could be resource-intensive).  3. Does it prevent a wide range of threats? Today, cybersecurity solutions must detect and prevent a broader range of threats than ever before. And, when it comes to email security software, you have to consider both inbound and outbound threats, including: Spear phishing: A sophisticated phishing attack in which the attacker emails a specific, named target. Verizon’s 2020 data breach report shows that 96% of social attacks (like spear phishing) occur via email. Check out more statistics related to social engineering attacks on our blog. Misdirected emails: An employee accidentally emails personal or sensitive data to the wrong recipient. This happens more often than you might think. The UK’s privacy regulator cited misdirected emails as the number one cause of data breaches in quarter four of 2019-20 and, according to Tessian platform data, over 800 emails are sent to the wrong person every year in organizations with 1,000 people.  Insider Threats: A trusted employee sends confidential or sensitive data to an unauthorized recipient. This recipient can be a third-party to whom a malicious insider is leaking intellectual property — or merely an employee forwarding correspondence to their personal email. Looking for more examples? We’ve rounded up 7 real-world Insider Threat examples here. 4. Can it keep up with the evolving threat landscape? Online threats are rapidly evolving and email security software is only as good as its ability to keep pace with these threats. Whether it’s vishing, smishing, or a new type of malware, hackers are always looking for new ways to take advantage of security vulnerabilities and unsuspecting (and often untrained) employees.  Can your email security software keep up? Tessian can. Scroll down to learn how Tessian uses machine learning to automatically “learn” and evolve in tandem with the threat landscape.  5. Are employees (and data) protected across devices? Businesses are increasingly reliant on cloud computing, remote working, and home offices — particularly since the outbreak of COVID-19. It’s hard enough to protect a set of company workstations located on company premises. Trying to manage security on any number of desktop, laptop, and mobile devices — located in offices, public places, and your employees’ homes — is even harder. But, unprotected devices represent a critical vulnerability in your company’s security. That’s why the right email security solution will work on any device that employees can use to access company data. 6. Is it easy to see (and communicate) ROI? It can be tough for security leaders to communicate the ROI of cybersecurity solutions. Why? Because it’s hard to put a value on something that hasn’t happened. But, a strong email security solution will make it easy for IT teams to assess risk, review trends over time, and create reports that demonstrate how risk is downtrending over time. This way, key stakeholders can really see the impact.  Unfortunately, a lot of solutions today are a black box when it comes to investigating incidents and garnering insights. So, when choosing an email security solution, consider what reporting tools the solution offers and whether or not any manual investigation is required. Most security teams are already thinly stretched; communicating ROI shouldn’t be an added burden. 7. Is it easy for employees to use? According to new research, 51% of employees say security tools and software impede their productivity. Likewise, 54% of employees say they’ll find a workaround if security software or policies prevent them from doing their job. This proves that the most secure path also has to be the path of least resistance. If the security solution you’re considering has high flag rates, creates extra work for your employees, or isn’t user-friendly, it will go unused. This is a security risk.  In layman’s terms: security shouldn’t get in the way. 8. Does it help ensure compliance?  Increasingly strict data privacy laws are setting new standards for companies handling personal information.  Businesses are accountable for taking a proactive approach to data security. You must take every reasonable step to ensure that the personal information in your control is kept safe and you must be able to demonstrate your security measures to regulators on demand.  That means that, when evaluating potential email security solutions, you should not only understand what data loss incidents they prevent, but also which security certifications they’ve earned.  9. Has it been vetted by relevant customers and industry leaders? Before selecting an email security software provider, you must ensure that it is well-established and has testimonials from previous customers, preferably in your company’s sector. Cybersecurity is a vast industry, and too many players are inexperienced, disreputable, or downright untrustworthy. You cannot afford to take any risks in choosing an email security software provider: reputation is everything in this field. Is Tessian the right email security solution for you?
Tessian is easy to deploy Deploying Tessian couldn’t be simpler. The software integrates with all email environments, including Office 365, Microsoft Exchange, and GSuite. And, plug-and-play intelligent filters make individual customization easy. Setup is also extremely fast. Within 24 hours, Tessian analyzes an entire year’s worth of your organization’s historic email data. Immediately afterward, you’re protected.  No rules are required.  Tessian is scalable and customizable Tessian’s stateful machine learning technology is always evolving, designed to suit your business’s needs as it scales and changes over time. Tessian automatically (and continuously) analyzes each employee’s historic email behavior to learn what is and isn’t “normal” for them. That way, it knows which emails to flag as anomalous.  But, we also understand how important customization is. With Tessian Constructor, you can create and implement security rules specific to your organization. Tessian prevents a wide range of threats Across three solutions, Tessian’s Human Layer Security platform can detect and prevent inbound and outbound threats, including advanced impersonation attacks, Insider Threats, and accidental data loss via misdirected emails. Tessian keeps pace with the evolving threat landscape Tessian doesn’t rely on a list of signatures of known malware and scams. Our machine learning algorithms are actively learning all the time, which enables Tessian Defender, Guardian, and Enforcer to spot unusual activity and discover new threats. And, with Human Layer Security Intelligence, Tessian customers benefit from a sort of “herd immunity”. If a threat is detected in another environment – for example, a never-before-seen social engineering attack – Tessian’s entire community of users will automatically be protected. How? The suspicious domain will automatically be placed on a “denylist” and blocked.  Tessian protects employees and data across devices Tessian is an ideal solution for remote or hybrid work environments. It protects your employees and your company’s data on laptops, desktops, and mobile devices. Tessian makes it easy to see ROI Tessian Human Layer Security Intelligence provides security leaders with detailed, easy-to-understand and – best of all – automated threat reports. In a single click, you’ll be able to see how your risk profile has improved over a certain period of time.
Security and IT teams can also get detailed information about specific incidents. Zero manual investigation required. Want to learn more about how Tessian customers can use HLSI to improve their security posture and communicate ROI? Read this: Introducing Tessian Human Layer Security Intelligence. Tessian is easy for employees to use Tessian is incredibly easy for anyone in your company to use. In fact, Tessian barely requires any “use” at all. The software runs silently in the background without any impediment to your employees’ productivity whatsoever. Flag rates are low, warnings – when triggered – are helpful, not annoying, and our customers see a very low number of false positives. With Tessian, the most secure path is the path of least resistance. It’s one piece of security software your employees will thank you for adopting.
Tessian helps ensure compliance The key to compliance with privacy law is assessing risks to privacy and taking reasonable steps to mitigate these risks. Email represents a critical risk area in any company’s data security architecture. Tessian can assist with compliance in a way that other email security software cannot. Tessian Guardian is unique in its ability to prevent misdirected emails, which are the leading cause of data breach, according to reports by the ICO and the California Attorney-General. Given that misdirected email is such a common cause of data breaches, you must take steps to safeguard against this risk.  But, it’s also important to note that Tessian was designed with security and privacy in mind. You can learn more about our security certifications and how we ensure data privacy and protection here.  Tessian has been vetted by industry leaders Leading organizations across industries rely on Tessian to protect their people and data on email.  Here are just some of the many businesses that endorse Tessian, by sector: Legal Customers Hill Dickinson (case study) Dentons (case study) Caplin and Drysdale (case study) Financial Services Customers Webb Henderson (case study) Man Group (case study) Evercore (case study) Tech Customers Rightmove (case study) Gubra (case study) Com Lauda (case study) Insurance Customers North (case study) Healthcare Customers Laya Healthcare (case study) Tessian has also received recognition and plaudits from industry bodies and tech experts.  In May 2020, Tessian was recognized as a Cool Vendor in the Gartner Cool Vendors in Cloud Office Security report, which recognizes security solutions that “focus specifically upon securing applications, communication and data that occur within cloud office environments.” Tessian has also been independently tested by IT analyst firm 451 Research, which assessed how the software fared against its competitors in data-loss prevention. According to 451 Research’s report, Tessian’s machine learning algorithms allow it to succeed in preventing data loss where rule-based solutions fall short. 
And, most recently, Tessian was included in Forrester’s Now Tech: Report for Enterprise Email Security Providers. You can read more about why Tessian was selected here.  While there is no one-size-fits-all approach to email security, this guide should help you research and vet which solution is right for you. If you’re considering Tessian, why not book a demo to have these questions (and more) answered by one of our experts.
Not ready to book a demo yet? Learn more about your products, our customers, and our Human Layer Security vision via the links below: Why Tessian? Our Technology What is Human Layer Security? Customer Stories  Bonus: If you have decided which email security solution is right for you but you’re struggling to get buy-in from your CEO, read this guide with tips from the world’s most innovative and trusted organizations.
Human Layer Security Customer Stories DLP
Prove the Value of Cybersecurity Solutions: 16 Tips From Security Leaders
By Maddie Rosenthal
18 August 2020
As a security or IT leader, researching and vetting security solutions is step one. What’s step two, then? Convincing key stakeholders like the CEO, CFO, and the board that the product needs to be implemented, that it needs to be implemented now, and that it’s worth the cost.  This is easier said than done, especially now that organizations around the world are facing budget cuts in the wake of COVID-19. But, security is business-critical.   So, how do you communicate risk and make a compelling case to (eventually) get buy-in from executives? We talked to security leaders from some of the world’s most trusted and innovative organizations to find out what they do to get buy-in from CxOs. Here’s a summary of their tips. You can download this infographic with a quick summary of all of the below tips. This is perfect for sharing with peers or colleagues. Or, download this eBook. 1. Familiarize yourself with overall business objectives While cybersecurity has historically been a siloed department, today, it’s an absolutely essential function that supports and enables the overall business. Think about the consequences of a data breach beyond lost data. Organizations experience higher rates of customer churn, reputations are damaged, and, with regulatory fines and the cost of investigation and remediation, there can be significant revenue loss.  The key, then, is to attach cybersecurity initiatives to key business objectives. The security leaders we interviewed recommended starting by reviewing annual reports and strategic roadmaps. Then, build your business case. If customer retention and growth are KPIs for the year, insist that cybersecurity builds customer trust and is a competitive differentiator. If the organization is looking for higher profits, make it clear how much a breach would impact the company’s bottom line. (According to IBM’s latest Cost of a Data Breach, the average cost of a data breach is $3.86 million.) 2. Create specific “what-if” scenarios A lot of security solutions are bought reactively (after an incident occurs), but security leaders need to take a proactive approach. The problem is, it’s more challenging for CxOs and the board to see the value of a solution when they haven’t yet experienced any consequences without it.  As the saying goes, “If it ain’t broke, don’t fix it”.  That’s why security leaders have to preempt push-back to proactive pitches by outlining what the consequences would be if a solution isn’t implemented so that stakeholders can understand both probability and impact. For example, if you’re trying to get buy-in for an outbound email security solution, focus on the “what-ifs” associated with sending misdirected emails  which – by the way- are sent 800 times a year in organizations with 1,000 employees. Ask executives to imagine a situation in which their biggest clients’ most sensitive data lands in the wrong inbox.  What would happen?  Make sure you identify clear, probable consequences. That way, the situation seems possible (if not likely) instead of being an exaggerated “worst-case scenario”.  3. Work closely with the security vendor You know your business. Security vendors know their product. If you combine each of your expertise – and really lean on each other – you’ll have a much better chance of making a compelling case for a particular solution. Ask the vendor for specific resources (if they don’t exist, ask them to create them!), ask for product training, ask if you can speak with an existing customer. Whatever you need to get buy-in, ask for it. Rest assured, they’ll be happy to help.  4. Collaborate and align with other departments It takes a village and cybersecurity is a “people problem”.  That means you should reach out to colleagues in different departments for advice and other input. Talk to the folks from Risk and Compliance, Legal, HR, Operations, and Finance early on.  Get their opinion on the product’s value. Find out how it might be able to help them with their goals and initiatives. In doing so, you might even be able to pool money from other budgets. Win-win! 5. Consider how much the executive(s) really know about security To communicate effectively, you have to speak the same language. And, we don’t just mean English versus French. We mean really getting on the same level as whomever you’re in conversation with. But, to do that, you have to first know how much your audience actually knows about the topic you’re discussing. For example, if you look into your CEO’s background and find out that he or she studied computer science, you’ll be able to get away with some technical jargon. But, if their background is limited to business studies, you’ll want to keep it simple. Avoid security-specific acronyms and – whatever you do – don’t bury the point underneath complex explanations of processes.  In short: Don’t succumb to the Curse of Knowledge. 
6. Use analogies to put costs into perspective  One of the best ways to avoid the Curse of Knowledge and give abstract ideas a bit more context is to use analogies. It could be the ROI of a product or the potential cost of a breach. Either way, analogies can make big, somewhat meaningless numbers more tangible and impactful. For example, imagine you’re trying to convince your CFO that the cost of a solution is worth it. But, the 6-digit, one-time cost is a hard sell. What do you do? Break the overall cost down by the product’s lifespan. Then, divide that number by the number of employees it will protect during that same period.  Suddenly, the cost will seem more manageable and worth the investment. 7. Invite key stakeholders to events or webinars  Before you even start pitching a particular solution, warm-up executives with educational webinars or events that aren’t product-specific. This will give CxOs a chance to better understand the problem, how it might apply to them, and how other people/organizations are finding solutions. Bear in mind: most vendors will have at least 1 (generally 2+) webinars or events during the standard sales cycle. Looking for events to attend? We’ve put together this list of 20 cybersecurity and business events – including Tessian Human Layer Security Summit – perfect for inviting your non-technical colleagues to.  8. Prepare concise and personalized briefing materials Individual stakeholders will be more likely to consider a particular solution if the problem it solves is directly relevant to them. How? Combine tips #1, #2, #3, and #5. After taking some time to understand the business’ overall objectives, take a closer look at individual peoples’ roles and responsibilities in meeting those objectives. Then, dig a bit deeper into how much they know about cybersecurity. Imagine you’re meeting with a COO with some technical experience whose focus is on maintaining relationships with customers. His or her briefing documents should contain minimal technical jargon and should focus on how a data breach affects customer churn.  The bottom line: make it about them. 9. Share these documents in advance of any formal meetings While this may seem obvious, the security leaders we spoke to made it clear that this is an essential step in getting buy-in. No one wants to feel caught off guard, unprepared, or rushed.  To avoid all of the above, make sure you share any documents relevant to the solution well in advance of any formal meetings. But, don’t just dump the documents on their desk or in their inbox. Outline exactly what each document is, why it’s relevant to the meeting, and what the key takeaways are. You want to do whatever you can to help them absorb the information, so make sure you make yourself available after sharing the documents and before the meeting, just in case they have any questions or need additional information. 10. Build a strong security culture Before we dive into why building a strong security culture can help you get buy-in, we want to make it clear that this isn’t something that can happen overnight. This is a long-term goal that requires the help of the entire organization. Yes, everyone. So, how do you build a strong security culture? Start by ensuring that security and IT teams are committed to helping – not blaming – employees. There has to be a certain level of mutual trust and respect.  Beyond that, employees have to accept responsibility for the overall security of the organization. They have to understand that their actions – whether it’s clicking on a phishing email or using a weak password – have consequences.  If they do accept this responsibility, and if they genuinely care about following policies and procedures and helping secure data and networks, high-level executives will care, too. They’ll therefore be more likely to sign-off on solutions. 11. Keep an eye on security trends outside of your industry  Some industries – specifically Healthcare, Financial Services, and Legal – are bound to compliance standards that formalize the need for effective security solutions. That means that, compared to other industries like Retail or Manufacturing, they’ll be required to have more robust strategies in place. What they’re doing now, the rest of us will be doing in 12 months. Keep this in mind. If you notice that organizations operating in the most highly regulated industries are all taking data loss prevention (DLP) seriously, you’ll be able to make a strong case that this is something that should be on your radar, too. 12. Approach non-executive stakeholders early on While – yes – getting buy-in from CxOs and the board is important, security leaders also need to get buy-in from non-executive stakeholders working in IT, infrastructure, etc.  After all, those are the people who will actually be responsible for deploying the solution and maintaining it.By approaching them early on (and assuming they’re interested in the solution, too) you’ll be able to paint a clear picture of the process after the solution has been signed off on.  How long will it take? Who’s involved? Will employees’ workflow be disrupted? These are all important questions to answer.  13. Match like-for-like people from both sides If you’re scheduling a meeting with executives from your side and key people from the vendor’s side, make sure you’re bringing in people that “match” in terms of function and seniority level. For example, if you work at a start-up and the founder of your company wants to be involved in the buying process, ask the vendor’s founders to join, too. Likewise, if the Head of Infrastructure is joining from your side, ask someone in a similar function to join from the other side. Why? Like-for-like people will be best placed to answer one another’s questions.  And, with that in mind…. 14. Preempt questions and prepare answers No one likes to be put on the spot. To avoid being asked a question that you don’t know the answer to, spend a good amount of time considering all the questions different stakeholders may ask and drafting well-thought-out answers. (Better yet, fit the answers into briefing documents or the presentation itself!) Remember, people are generally concerned with how a problem/solution affects them directly. That means the CEO will have different questions than the CFO, who will have different questions than the Head of IT.  15. Get specific customer references from the vendor We mentioned in tip #3 that you should lean on the vendor, especially when it comes to specific resources and customer references. And, we mentioned in tip #11 that you should match like-for-like people in meetings. It should make sense, then, that specific customer references will be more powerful than generic ones. For example, if you’re the CISO at a 4,000-person tech firm in North America, and you’re trying to convince you’re CTO that you need to implement a new solution, you should share a case study (or customer reference) from the vendor that outlines how their product has helped an organization in the same industry, that’s the same size, and in the same region. Ideally, it will also feature quotes from the CTO. Why? Professionals trust and rely on their peers when making difficult decisions. 16. Be conscious (and considerate of) peoples’ time  Decisions about security solutions can involve a lot of different people. That means you’ll have to balance several conflicting schedules and fight for time. Your best bet? Book meetings with all relevant people at once and get the vendor involved at the same time. Ahead of the meeting, share an agenda along with any relevant documents (see tip #8).  Are you a security leader who wants to offer advice to your peers? We’d love to hear from you! Please get in touch with madeline.rosenthal@tessian.com. And, if you’re looking for more advice, check out these blogs: How to Communicate Cybersecurity ROI Advice from Security Leaders for Security Leaders: How to Navigate New Remote-Working Challenges How to Create an Enduring and Flexible Cybersecurity Strategy
Human Layer Security Customer Stories DLP
Data Leakage and Exfiltration: 7 Problems Tessian Helps Solve
03 August 2020
On Wednesday, July 29, Tessian hosted a webinar with two customers: Euromoney Institutional Investor and ERT. The topic? Data exfiltration and reduced visibility while workforces are remote. Martyn Booth, Chief Information Security Officer (CISO) at Euromoney Institutional Investor and Ted Crawford, Chief Information Officer (CIO) at ERT both offered incredible insights about how things have changed from a security perspective over the last four months and how Tessian has helped them lock down email, even before their employees started working from home. And, because Martyn and Ted are two security leaders in different industries (Financial Services and Tech/Healthcare respectively) and are based in different regions (England and The United States), they were able to share diverse opinions and experiences. Keep reading to learn more about how Tessian has helped them solve some of their biggest pain points.  7 Problems Tessian Helps Solve 1. Tessian prevents accidental data loss on email When you hear data exfiltration, what do you think of?  Many of you probably thought immediately about Insider Threats and other malicious activity. But, as our customers pointed out, most incidents involving data loss are accidental. Or, as Martyn put it, are the result of “naive email usage”. It could be an employee sending an email to the wrong person (we call this a misdirected email), it could be someone hitting “reply all”, or it could be someone emailing a spreadsheet to their personal email account to work on over the weekend.  Harmless, right? Not exactly. If these “accidents” involve sensitive information related to employees, customers, clients, or the company itself, it’s considered a breach.  Organizations can prevent all of the above with Tessian Guardian.  This is especially important now that employees are working remotely. Why? Because the lines between peoples’ personal and professional lives are blurred. Beyond that, people are distracted, stressed, and tired which, as we’ve shown in our latest research report The Psychology of Human Error, increases the likelihood that a mistake will happen. 2. Tessian prevents malicious data exfiltration on email While, many data loss incidents are accidental, some employees do intentionally exfiltrate data. There are a number of reasons why, but financial gain and a competitive edge are the most likely motivators.  Unfortunately, with so many people being laid off, made redundant, or furloughed, many organizations have seen a spike in this type of malicious activity. But, with Tessian Enforcer, organizations’ most sensitive data is kept safe.  Employees attempting to email sensitive information to themselves or a suspicious third-party will receive a warning message, explaining why the email has been flagged and asking if they’re sure they want to proceed. At the same time, security teams will get a notification.
Note: Instead of warning the employee and asking if they’d like to send the email anyway, security teams can easily configure Tessian to automatically quarantine emails that look like data exfiltration. Book a demo to see Tessian in action.  3. Tessian makes it easy to report security risks and communicate ROI  Communicating cybersecurity ROI has historically been a real challenge for security leaders. Not with Tessian. Martyn explained how Tessian enables him to share key results with executives and demonstrate the effectiveness of not just the solution, but his overall strategy. “One of the pillars of our infrastructure strategy was to build transparency across the organization. This comes from sharing metrics. With Tessian, we can show how many alerts were picked up and, each month, we can show the risk committee that we’re reducing the number of alerts. Now, are they actually interested in our preventative controls? I don’t think so. But the whole point of the metrics program is to show how well (or badly) our strategy is performing.  Before, they would make their decision based on cost or how much risk they thought we were going to be mitigating. It was quite subjective. We’ve moved that now into something more data-based. We can actually say “Well, actually, we pay x per year and, as a result of that, we’re going in the right direction in terms of our risk mitigations.” 4. Tessian helps organizations stay compliant  Both Healthcare and Financial Services are highly regulated industries that are bound to several compliance standards beyond GDPR.  That’s why, for Ted, protecting sensitive clinical data and ensuring “privacy and security by design” are both paramount. “There’s a lot of data that we need to protect and prevent from getting outside of the four walls of ERT,” he said. “As an offshoot of GDPR in 2018, we had to classify all of the data, determine from a privacy perspective how to treat it from a sensitivity perspective, and then decide how to treat it from a security perspective. Because it’s very easy to pull sensitive data and incur data loss on email, we needed a solution that would help us ensure data isn’t distributed where it shouldn’t go. That’s why we approached Tessian.” For more information about compliance in Financial Services, check out this article: Ultimate Guide to Data Protection and Compliance in Financial Services.
5. Tessian saves security teams time  While essential for compliance, classifying (and re-classifying) data, monitoring movement, investigating incidents, and generating reports all take a lot of time. That’s why 85% of IT leaders say rule-based DLP is admin-intensive.  With Tessian, security teams don’t have to do any of the above manually. This is a big selling point for Martyn, who said, “That’s where we really see the value with Tessian. It takes the burden off of people in my security team.” Tessian is powered by machine learning algorithms that have been trained on billions of data points. That means our solutions automatically understand what is and isn’t normal behavior for individual employees and can, therefore, detect and prevent threats before they turn into incidents or breaches. No rules required.  You can read more about our technology here.  6. Tessian gives security teams clear visibility of risks We’ve talked a lot about how Tessian detects and prevents risks. But for a solution to be really successful, it has to give security teams clear visibility of the risks in their organization. Tessian’s Human Layer Security platform does both.  With Tessian Human Layer Security Intelligence, our customers can easily and automatically get detailed insights into employee’s actions.  For example, imagine that in a single week, Tessian detects 12 different employees attempting to send sensitive information to their personal email accounts. When warned that sending the email is against company policy, nine of the employees opted to not send the email. The other three went ahead. Knowing this, security leaders can focus their efforts on the three that went ahead and offer additional, targeted training or, if necessary, they can escalate the incident to a line manager to issue a more formal warning.  This also helps predict future behavior. For example, if Tessian flags that an employee has sent upwards of 20 attachments – including Intellectual Property that would be valuable to a competitor – to a recipient he or she has no previous email history with soon after being denied a raise or promotion, security teams could infer that the employee is resigning and taking company data with them.  And, to prevent any further data exfiltration attempts, they can create custom filters specifically for that user, including customized warning messages or a filter that automatically blocks future exfiltration attempts. Before Tessian, this wasn’t possible for Martyn.  “Even if we suspected that an employee was going to go to a competitor and take data, we couldn’t check. We couldn’t see anything that was going up to the Cloud. It was all encrypted. The only way we would be able to see what people were emailing would be to actually go through individual emails to find ones that were problematic. We didn’t have time for that,” he said. 
7. Tessian helps reinforce training and improve employee’s security reflexes with in-the-moment warnings In the example above, three employees opted to send an email after being warned that doing so would be against company policy. But, what about the other nine? The warning message changed their behavior! It actually incentivized them to accurately mark emails as confidential or malicious if they were, in fact, confidential or malicious. This is really important. “You can’t take a ‘big bang’ approach to data privacy awareness training. To really see employees empowered, you have to constantly reinforce training,” Ted said.  The bottom line: For training to be effective long-term, employees need to apply what they learn to real-world situations and be reminded of policies in-the-moment. Over time, this will help improve their security reflexes and help build a more positive security culture.  Henry Trevelyan Thomas, the host of the webinar and Tessian’s Head of Customer Success, summarized the benefits of this for both employees and security leaders, “This is a really productive way to help employees take accountability for how they handle data. It democratizes security and takes some of the weight off of the Chief Information Security Officer’s shoulders.” Tessian can help prevent data exfiltration in your organization, too Tessian turns an organization’s email data into its best defense against inbound and outbound email security threats. Powered by machine learning, our Human Layer Security technology understands human behavior and relationships, enabling it to automatically detect and prevent anomalous and dangerous activity. Tessian Enforcer detects and prevents data exfiltration attempts Tessian Guardian detects and prevents misdirected emails Importantly, Tessian’s technology automatically updates its understanding of human behavior and evolving relationships through continuous analysis and learning of the organization’s email network. Oh, and it works silently in the background, meaning employees can do their jobs without security getting in the way.  Interested in learning more about how Tessian can help prevent accidental data loss and data exfiltration in your organization? You can read some of our customer stories here or book a demo.
Page
[if lte IE 8]
[if lte IE 8]