Request a Demo of Tessian Today.
Automatically stop data breaches and security threats caused by employees on email. Powered by machine learning, Tessian detects anomalies in real-time, integrating seamlessly with your email environment within minutes and starting protection in a day. Provides you with unparalleled visibility into human security risks to remediate threats and ensure compliance.

Tessian Named Representative Vendor in the 2022 Gartner® Market Guide for Data Loss Prevention. Download →

Integrated Cloud Email Security

Integrated Cloud Email Security solutions were introduced as a new category, and positioned as the best defense against advanced phishing threats that evade traditional email security controls.  Learn more about what they are, the benefits of using them, and how you can best evaluate those on offer.

ATO/BEC Email DLP Integrated Cloud Email Security
A Year in Review: 2019 Product Updates
By Harry Wetherald
01 January 2020
2019 was a big year for email security. While the world did see a record number of data breaches (up 33% from 2018) we also saw tighter security-related policies and regulations drafted and implemented, and, in general, an increased awareness amongst businesses about the importance of proactive security strategies. While we may be biased, it seems note-worthy that human error became more and more of a talking point in the cybersecurity space. In fact, human error and the importance of machine learning and artificial intelligence in protecting people has been one of the most talked about trends by analysts going into the new year. Similarly, companies are waking up to the fact that humans are their biggest risk. It’s about time. After all, misdirected emails – emails accidentally sent to the wrong person – have been one of the top data security incidents reported under GDPR according to the Information Commissioner’s Office. We believe it’s unreasonable to expect employees to do the right thing 100% of the time when it comes to making security-related decisions; people break the rules, people make mistakes, and people can be hacked. To err is human! What’s more, we have seen how quickly the threat landscape continues to evolve, which is why throughout 2019, we rolled out a series of important product updates that have kept our user base – which saw triple digit growth over the last 12 months – safe. Here are the most important product updates to Tessian’s Human Layer Security platform for 2019.
1. Human error, quantified. The new Tessian Dashboard gives customers an at-a-glance view of breaches and near-misses on email Keen to discover trends related to the number of breaches that were prevented by Tessian over the last 30 days? Our easy-to-navigate dashboard gives administrators a complete overview of activity, including any malicious and anomalous emails detected, misdirected emails prevented, and unauthorized email attempts thwarted. Module performance for Tessian Defender, Guardian, Enforcer, and Constructor are all visible on one page, and visual representations of data make it easy to monitor and drill down on activity day-by-day. If suspicious activity is spotted, you can quickly and easily generate a report without navigating off the page. The Tessian Dashboard also allows administrators to view user health at a glance, including the percentage of users active on the Add-in and Gateway and any connection issues across the network. This will help in-house security teams ensure every employee within their organization is protected by Tessian’s modules at all times. 2. Evolving algorithms. Tessian Defender can now detect and prevent more spear phishing attempts than ever Throughout 2019, Tessian Defender was improved through a series of subtle but impactful tweaks to our algorithms to be even more adept at detecting spear phishing attempts, including advanced, difficult-to-detect direct spoof attacks. The fact is, bad actors are using increasingly sophisticated techniques to trick unsuspecting people into handing over sensitive information or granting access to controlled networks. It’s imperative that we stay ahead of the curve, hence the regular updates. Tessian Defender has improved over time – and will continue to improve – enabling the detection and prevention of even the most advanced spear phishing attempts.
3. Thwarted first-attempts. It’s now even more difficult for employees to exfiltrate sensitive data Tessian Enforcer can now detect the first attempt an employee makes to exfiltrate data over email. How? By inferring what is and isn’t likely to be authorized communication based on the vast amount of data Tessian’s ML algorithm was trained on, which doesn’t necessarily rely on prior email history of a particular email address. For example, if an employee attempts to send an email to their personal, freemail account and that email address contains the employee’s first name or surname, Tessian Enforcer presents a warning to the user advising them that the behavior is potentially unsafe and prompting them to reconsider the action. Data exfiltration remains an incredibly unwieldy problem for businesses. Tessian gives businesses much-needed oversight of the problem over email.
4. In-situ learning opportunities. Employees have an opportunity to understand why an email is unsafe with contextual warnings While Tessian prides itself on low flag rates so that security doesn’t impede productivity, we wanted to maximize the opportunity to educate users through our warnings. This way, when users do see a notification, they understand why. Improved warnings across all four modules were designed for a more user-friendly experience that seamlessly reinforces any previous or ongoing security training. With more context included, employees can now see exactly why an email is being flagged as suspicious and – importantly – they can make their own decision on how to proceed. This is at the core of Tessian’s mission. Employees should be empowered by security solutions instead of burdened by them. 5. New detection capabilities. Customers can create rules that are specific to their environment Every business or enterprise is different and IT and Infosec security leaders need some flexibility in creating filter conditions that are applicable specifically to their operations. Because we’ve introduced new detection capabilities, users can now combine more conditions to create filters for their individual use cases; for example, scanning attachment content, identifying hidden fields in spreadsheets, and reading Azure Information Protect and other DLP labels. At the most basic level, these rules look something like this: If A and B, then C, except when D or E. These variables can apply to a number of elements contained in an email, from the recipient(s) to language patterns. One way an administrator might use these new detection capabilities would be to configure a filter which only allows the finance team, for example, to share spreadsheets with people outside of their organization if the recipient’s email address is recognized as a customer, except when the attachment contains a hidden row titled “social security numbers”. Protect your most valuable asset: your people Tessian is committed to creating the world’s first Human Layer Security platform and exciting developments lie ahead as we build out a holistic platform to protect people using email and, eventually, other interfaces frequently used in the workplace. Not yet a Tessian customer? Across four modules, Tessian protects the human layer by detecting and preventing both inbound and outbound threats. This includes advanced spear phishing attacks, accidental data loss, and data exfiltration. Tessian is quickly and easily deployed to Office 365, Exchange, and G-Suite, product updates are seamlessly rolled out for users and administrators, and the technology – which doesn’t disrupt workflow – was built with productivity in mind. To understand how Tessian can fit into your existing security framework, request a demo now.
Integrated Cloud Email Security
Tessian Attends New Statesman’s Cybersecurity in Financial Services Conference
03 December 2019
Last week, the Tessian team was delighted to attend New Statesman’s second annual Cyber Security in Financial Services conference hosted in London. New Statesman is a leading British political and cultural publication that was founded/started in 1913. The conference was attended by security executives from leading financial institutions. Attendees shared their experiences and best practices on how to secure the industry throughout a series of keynote speeches, panel discussions and networking sessions. Topics included digital transformation, open banking and threat intelligence. Tessian’s Head of EMEA and APAC, Abhirukt Sapru joined GlobalData’s Ed Thomas on a panel to discuss the risks and opportunities of smart machines, artificial intelligence, and IoT in finance. Chaired by New Statesman’s Managing Editor, Will Dunn, the conversation started off by looking at the current threat landscape within the industry and examining the weak points that continue to make financial institutions vulnerable. The panel discussed that many organizations continue to use security solutions with pre-programmed rules, which are limited in their ability to detect and prevent evolving threats. Abhirukt went on to address the prevailing problem within the industry: people. “The threat landscape is more about the person than the machine.” He continued by talking about how humans are bound to make mistakes and break the rules, both accidentally and maliciously. Abhirukt recounted the regrettable time during his days as a banker when he misdirected an email containing sensitive data to the wrong person. He went on to say that organizations can invest a lot of money into security solutions, but if they don’t account for the human factor, then one mistake can cause substantial damage. Ed also added that from his experience that “issues with security really start with people and processes.” The discussion continued to the topic of awareness and education. Both Abhirukt and Ed agreed that if education and cybersecurity awareness isn’t adopted at the top, then it is highly unlikely that it will trickle down throughout an organization. This aligned with one of the key themes of the conference: cybersecurity needs to be a board issue. The discussion concluded with a Q&A session where questions focused on what financial institutions can do to discover the best solutions to invest in. The key takeaway? When it comes to securing data, financial institutions will continue to be at risk unless they get proactive with their security strategy. To learn more about how Tessian is helping financial institutions like Evercore, speak to an expert today.
Customer Stories
Ensuring Data Security under GDPR
02 December 2019
Coastal Housing Group is a not-for-profit social housing provider specializing in community residential properties. The business predominantly operates in South Wales, United Kingdom. In addition to residential properties, Coastal Housing has a robust commercial portfolio that focuses on mixed-use town center regeneration projects. Coastal Housing is protecting 250 employees with Tessian Defender and Tessian Guardian.
Protecting a bustling business Coastal Housing has provided housing opportunities to communities across South Wales since 2008. Mark Elias is Coastal Housing’s IT Infrastructure Manager. He understands how important data security is in the housing sector.  Coastal Housing handles and processes a considerable amount of sensitive information and utilizes multiple, complementary technologies to help keep this information protected. While the organization goes to great lengths to provide staff with the reassurance that they are conscientious about security, the IT team recognized that they could do more. With a growing mobile workforce and data regularly exiting the organization’s directly controlled network, the IT team wanted to see how machine learning could fortify their security stack. Tessian’s offering was exactly what Coastal Housing was looking for.
Staying vigilant under GDPR Tessian integrated seamlessly into Coastal Housing’s layered infrastructure. Tessian was up and running in a short period of time and was very easy for the IT team to understand. Having implemented Tessian Guardian, Coastal Housing can now prevent accidental data loss from misdirected emails, mitigating the impact of human error and helping IT teams control an unwieldy problem. Coastal Housing’s IT team deployed Tessian and educated employees about how the product works quietly in the background. With a low false positive rate, Coastal Housing’s employees liked the fact that when a warning did appear, it provided context on what had happened. Guardian accurately flags mistakes without disrupting their day-to-day workflow. Coastal Housing employees now feel assured that they won’t accidentally send sensitive information to the wrong destinations. In addition to the problem of accidental data loss, Coastal Housing’s IT team are acutely aware of how sophisticated spear phishing attacks are becoming. While employees are being as vigilant as they can be, it’s unrealistic to assume they will be able to spot a threat 100% of the time. Armed with Tessian Defender, Coastal Housing has secured their system from inbound spear phishing threats, protecting the organization from data being pilfered and systems being compromised.
Maintaining security while growing Coastal Housing understands that for security to be effective it cannot be static. As threats evolve, so must the technology designed to protect against them. Being a bustling business, Coastal Housing will continue to adapt and to respond to the ever-changing landscape. The organization will continue to focus on investing in platforms that are capable of doing the same.
Learn more about how Tessian prevents human error on email Tessian is building the world’s first Human Layer Security platform to automatically secure all human-digital interactions within the enterprise. Today, our filters use stateful machine learning to protect people using email and to prevent threats like spear phishing, accidental data loss, data exfiltration and other non-compliant email activity. To book a demo and learn more about how we can help your organization, click here.
Coastal Housing Case Study hbspt.cta.load(1670277, '880a4a55-f9d1-4c59-ba27-5cf49853b297', {"region":"na1"});
ATO/BEC Integrated Cloud Email Security
It’s the Most Fraudulent Time of the Year
30 November 2019
With Black Friday just around the corner, the holiday shopping season is upon us and retailers will face their busiest time of the year. In the last six weeks of 2018, for example, UK retailers and US retailers saw sales of £79.7bn and $719.2bn, respectively, as shoppers rushed to scoop up the best deals. No wonder, this window is often referred to as the “Golden Quarter”. But retailers and their customers may get more than they bargained for as this surge of shoppers makes the “Golden Quarter” a golden time for cybercriminals to launch phishing campaigns. We often think about consumers as the main victims of retail-related phishing attacks in the holiday shopping season. And quite rightly; shoppers receive hundreds of emails from retailers promoting their latest deals around peak shopping days like Black Friday and Cyber Monday. It’s a ripe opportunity for cybercriminals, who are looking to steal personal data and payment details, to “hide” in the noise, pose as legitimate brands and prey on individuals who are not necessarily security savvy. However, it’s also important to remember that retailers themselves are at greater risk of phishing attacks during this time, as well. In fact, our latest report reveals that nearly two thirds of UK and US retailers (64%) receive more phishing attacks in the three months leading up to Christmas, compared to the rest of the year. Black Friday, in particular, is a prime time for seasonal scammers as UK retailers (56%) and US retailers (57%) saw an increase in the number of phishing attacks during the Black Friday / Cyber Monday weekend last year. Given that phishing attacks have only grown in frequency and severity since then, there is no doubt that phishing will continue to be a persistent threat for retailers this year too. It’s also concerning to see that 70% of IT decision makers at UK retailers and 65% at US retailers believe their staff are more likely to click on phishing emails during the holiday shopping season. The reason? Employees are at their busiest and working at a much faster pace, meaning they are less likely to check the legitimacy of the emails they are receiving. Hackers will take full advantage of the fact that security won’t be at the front of mind for busy and stressed retail workers, and will craft sophisticated spear phishing campaigns to encourage individuals to click on malicious links, download harmful attachments or wire huge sums of money. On top of this, staff will also receive more emails at this time. Consider how many colleagues, temporary workers, customers and third party suppliers retail workers engage with during the holiday shopping season. Knowing inboxes will be filling up with timely requests and orders, hackers can easily deceive employees and get them to comply with their requests via spear phishing emails that convincingly impersonate colleagues, senior executives or trusted suppliers. With the average phishing attack now costing a company $1.6 million, there are significant financial consequences for a retail worker being duped by a phishing attack. It’s understandable, then, that the IT decision makers we surveyed said that “data breaches caused by human error” are the number one threat to their business in the final quarter of the year. Phishing came in a close second, with one in five IT decision makers in retailers believing phishing is the greatest threat to their organization during the holiday shopping season. Given the people-heavy nature of the industry, retailers are, sadly, an easy target for cybercriminals. Our report clearly shows that retailers need to do everything they can to build robust defenses and minimize incidents of human error that could lead hackers to steal data and compromise systems this holiday season.  
Customer Stories
Securing Systems Amid Tight Regulation
24 November 2019
Hill Dickinson is a leading commercial law firm with offices across the UK, Europe and Asia. With 850 employees worldwide, Hill Dickinson delivers advice and strategic guidance to businesses, organizations and individuals, advising on non-contentious advisory and transactional work for all forms of commercial litigation and arbitration. Hill Dickinson’s clients include multinational companies, major corporations, UK and foreign banks and financial institutions, public sector organizations, private individuals and professional bodies. Hill Dickinson is protecting 850 employees with Tessian Guardian and Tessian Enforcer. 
Improving client service with new technology As Director of IT and Operations at Hill Dickinson, Keith Feeny recognizes that the focus on security across the legal sector has increased dramatically over the past five years. Heightened client requirements and a tougher regulatory climate have made it necessary for law firms to take a more proactive approach to security. In particular, Hill Dickinson’s health practice works with some of the largest healthcare providers in the United Kingdom. Ensuring the security of sensitive data like patient records is a top priority. As Keith says, “Having big directories of sometimes quite similar names can increase the chance of an email being accidentally sent to the wrong person.” The need to mitigate these risks led Hill Dickinson to look for security products that wouldn’t restrict normal business, but which could effectively deal with the dangers of human error on email. With that goal in mind, Keith began to consider Tessian as a more intelligent solution.
Facilitating business as usual Hill Dickinson’s main priority when looking for an email security solution was finding a tool that would pose minimal interruption to business as usual. Keith was able to deploy Tessian firm-wide with minimal involvement from his IT team. Keith was particularly impressed with Tessian’s lack of false positives. Unlike other solutions which place a warning on every external outbound email, with Tessian “you’re getting 10 warnings out of 1,000 emails. The advantage of that is when people actually receive the warning, it gets their attention.” After deploying Tessian, Hill Dickinson now has indepth visibility on email security. As a result, Keith can easily surface intelligence on how many potential breaches have been avoided to the Executive and main LLP Boards, which enables strategic decisions to be taken with security in mind. Building a security culture for a mobile workforce Tessian has become a core part of Hill Dickinson’s security infrastructure. With more employees working from home and using personal devices, Hill Dickinson takes the risks of data loss and exfiltration seriously. Integrating with Tessian’s Gateway means that Hill Dickinson emails are covered on mobile devices as well as desktop computers, giving Keith additional peace of mind. Armed with Tessian’s Guardian and Enforcer filters, Keith is confident that Hill Dickinson is in a strong position to mitigate the risk of regulatory, financial and reputational damage caused by human failure on email. Learn more about how Tessian prevents human error on email Tessian is building the world’s first Human Layer Security platform to automatically secure all human-digital interactions within the enterprise. Today, our filters use stateful machine learning to protect people using email and to prevent threats like spear phishing, accidental data loss, data exfiltration and other non-compliant email activity. To book a demo and learn more about how we can help your organization, click here.  
Hill Dickinson Case Study hbspt.cta.load(1670277, 'f7c13b7c-6ceb-4b9b-b173-d2d308ed646e', {"region":"na1"});
Customer Stories
Defining Customer-First Culture with Email Security
10 November 2019
Webb Henderson are trusted legal and regulatory advisors, delivering intelligent advice and business solutions throughout the Asia-Pacific region and beyond. The firm provides specialist legal advice in the areas of telecoms and media, competition law and regulation, corporate and finance, and disputes. Webb Henderson operates through its offices in Sydney and Auckland, serving clients domestically and globally from these locations. Webb Henderson is protecting 100 employees with Tessian Guardian, and Tessian Enforcer.
Securing data and protecting customers As the partner responsible for Webb Henderson’s technology and security strategy, Ara Margossian believes that staying ahead of constantly changing threats is a principal security challenge for the firm: “Supply chain security has become a fundamental requirement for our clients, particularly those operating in sensitive industries and highly regulated sectors. Our clients are having very specific discussions with us about our security posture and data protection strategies. It’s never been more important that the work that we undertake for our clients is kept confidential and secure.” With clients increasingly seeing security as a top priority, it was important for Webb Henderson to ensure that their own security strategy was taking advantage of market-leading solutions. One of the biggest security risks that law firms like Webb Henderson face is the possibility of sensitive client information being exfiltrated to unauthorized recipients. Law firms primarily deal with unstructured data, making it difficult to solve the problem with rules-based Data Loss Prevention (DLP) solutions. The firm needed a product that would ensure Webb Henderson’s clients’ confidential data remained secure, which is what led the firm to Tessian.
Seamless integration into a layered system One of the firm’s top considerations when deciding to move forward was the intuitive nature of Tessian’s notifications and a positive user experience for employees. For Webb Henderson, it was important that any new technology was integrated smoothly so that the firm’s lawyers could focus on their work, rather than being distracted by new workflows and unfamiliar systems. With a low false-positive rate and minimal maintenance requirements, Tessian was a good fit with Webb Henderson’s firm’s objective of balancing the need for user education and visibility with the need for security to be robust and as unobtrusive as possible. An evolving partnership Tessian now forms part of Webb Henderson’s multi-layered approach to security and provides greater insight and control in relation to the risks faced by the firm from email communications. Using machine learning to anticipate and react to risky behaviors in real time has made a real difference for Webb Henderson. Tessian’s Guardian and Enforcer filters now play a critical role in the firm’s security stack, while Tessian Constructor is being used to add a further layer of protection. With clients increasingly challenging the legal sector on data protection and cybersecurity, Tessian and Webb Henderson plan to continue to work together to mitigate risks that arise from human error to ensure the security and safety of Webb Henderson’s data and its reputation. Learn more about how Tessian prevents human error on email Tessian is building the world’s first Human Layer Security platform to automatically secure all human-digital interactions within the enterprise. Today, our filters use stateful machine learning to protect people using email and to prevent threats like spear phishing, accidental data loss, data exfiltration and other non-compliant email activity. To book a demo and learn more about how we can help your organization, click here.  
Webb Henderson Case Study hbspt.cta.load(1670277, '1647bef9-e950-47a1-ba25-8a953aa163fd', {"region":"na1"});
Email DLP Integrated Cloud Email Security
The Dark Side of Sending Work Emails “Home”
By Cai Thomas
11 October 2019
This article was originally published on TechRadar Pro. In the last four years, the number of remote working jobs has more than doubled, as employers acknowledge the need to change traditional working practices. In fact, it’s expected that 50% of the UK workforce will work remotely by 2020, further blurring the lines between home and the office. This shift has huge benefits; improving people’s work-life balance, increasing employee productivity and boosting employee retention rates. However, it does also pose a problem for one very important aspect of business: data security. Data security is at a greater risk as staff are more likely to send important and, even, confidential company information to personal email accounts, with the usual intention of working on documents at home. Worryingly, many are completely unaware how risky these actions are. According to tech firm Probrand, nearly two-thirds of UK employees have forwarded customer emails to their personal email accounts and 84% of them did not feel they were doing anything wrong. So what are the risks with sending work home? And who are the workers you need to be wary of? 1. The 24/7 worker While a number of the emails sent ‘home’ contain non-sensitive information, like travel arrangements, cinema tickets or food recipes, we’ve seen that around 10-15% of emails sent to personal accounts contain company sensitive information. We’ve all been there; it’s late on a Friday, that Monday deadline is looming, and the employee thinks to themselves, “I’ll just have to finish this document at home over the weekend”. So they send the document to their, or their partner’s, personal freemail account. However, this can have devastating consequences for the company’s reputation and it could destroy customers’ trust in the business. The problem is that by sending emails ‘home’, the information the messages contain now sits in an environment that is not secured by the company, leaving the data vulnerable to cybercriminals. It’s also important to note that this simple act of sending work home means your company is now at risk of breaching data protection regulations, like GDPR, due to the fact that you, as the Data Controller, no longer have oversight as to where the data is held. Boeing, for example, faced scrutiny after an employee shared a spreadsheet containing the personal information of 36,000 co-workers with his spouse, simply because she was better at Excel formatting than him. The incident sparked an internal security investigation and was brought to the attention of the Washington state Attorney General and other officials in California because employee data had left the control of the company. 2. The leaver We often see a spike in data exfiltration during an employee’s notice period. Workers know they’re not supposed to, but the temptation to take information that will give them an advantage in their new role is hard to ignore. As such, we see people sending company IP and client data to personal accounts prior to moving to another employer. This happens most frequently in industries such as financial services, legal, healthcare and recruitment, where a person’s client base and network is king. The task of manually monitoring suspicious ‘leaver’ behaviour over email has become incredibly challenging for IT staff, due to the increased employee churn rate year on year. A study by LinkedIn found that young workers now switch jobs four times in their first 10 years after graduation. However, by not putting a stop to this act, companies could face losing their competitive advantage as well as their clients’ business due to leaked secrets, strategy and IP. 3. The malicious insider This is where employees steal data from their company for personal or financial gain. Despite being less common, the threat of the ‘malicious insider’ is something businesses have come up against more frequently in the past few years. Employees will typically steal confidential company secrets and/or client data with the intention of selling it on the dark web or handing it over to a competitor to damage their current company. Just last year, Bupa fell victim to this crime after the personal data of 500,000 customers was sold on the dark web while audit firm SRBC and Co.’s reputation was tarnished after its client’s earnings estimation was maliciously leaked over email. An intelligent solution for a flexible workforce There can be no denying that monitoring all employee email behavior is an arduous task for IT and compliance teams to undertake. With the average employee sending and receiving 124 emails a day, and with daily email traffic increasing 5% year on year, deciphering data exfiltration within email logs is like finding a needle in a haystack. To help tackle the problem of data being leaked to unauthorized accounts, some organizations opt to simply blacklist all freemail domains. However, this can impede productivity and is usually ineffective given that many clients, small businesses and contractors use freemail accounts, as do prospective applicants looking for jobs at the company. Businesses need a more intelligent approach to data exfiltration – one that can look at the emails each employee has sent and received in the past, in order to identify non-business contacts with whom each employee interacts with. Machine learning, for example, can evolve to understand the differences between authorized and unauthorized freemail accounts, and it can analyze email content to determine whether it is sensitive or non-sensitive. By doing so, machine learning can make an accurate prediction as to whether an employee is exfiltrating data and acting against company policies. There will always be reasons for people to bend the rules and leak data outside of their organization – maliciously or for convenience. The consequences for doing so, though, could be devastating for any company; huge fines, loss of competitive advantage and a damaged reputation. So as more businesses adopt remote working practices, it’s important that technologies are place to ensure company sensitive data is secure and not at risk of ‘being sent home’.
Customer Stories
Australia’s Oldest Law Firm Invests in Human Layer Security
28 September 2019
Allens is one of Australia’s leading commercial law firms with offices throughout Australia and 28 international locations through a global alliance with Linklaters. For almost 200 years, Allens has prided itself on providing excellent client service. The firm has worked with many of the world’s leading organizations both within Australia and abroad. Allens is protecting 1,100 employees with Tessian Defender, Tessian Guardian, and Tessian Enforcer. 
Looking for better data security oversight Allens is the oldest law firm in Australia, and has a proud heritage of supporting its clients through important matters. Bill Tanner is the Chief Information Officer at Allens and looks after endto-end IT delivery for the firm across Australia and South East Asian territories. Law firms like Allens receive sensitive company and client data on a daily basis. For Bill, ensuring the firm’s technical stack remains up to date and secure is a top priority. As Bill says, “Allens wants to help our people identify potential threats but also ensure our people don’t inadvertently expose our systems.” Searching for a solution that could simultaneously protect their people from security threats, while building awareness within the workforce as to how threats manifest on email, Allens turned to Tessian.
Mitigating inbound and outbound threats Tessian’s Guardian, Enforcer and Defender filters were seamlessly integrated into Allens’ security stack. After deployment, Bill and his team were able to immediately see the filters’ success in eliminating threats from both inbound and outbound emails. The high accuracy of the Tessian platform meant employees could still be protected while continuing their day to day business without interruption. Mail being sent to the firm has increased 57% over the past six months. Whilst there has been a 74% increase in the volume of mail rejections, this correlated with an 8% improvement in rejection rate. Mail-based attacks continue to rise, and attackers are getting more sophisticated with their techniques. Allens was looking to bolster its existing defences by providing additional context around the potential threats landing in employees’ inboxes. Tessian’s Defender module detects anomalous incoming emails in real time, delivering warnings to employees that both prevent the attack having any impact and educate them as to why the email looks suspicious. To Bill, Defender’s intelligent notifications “provide that context in the moment that is so important for our people.”
Creating a conscious security culture As data security threats continue to threaten the legal sector, it will be vital for firms like Allens to invest in cutting-edge technology to mitigate the risk of data loss and spear phishing attacks, and the potentially disastrous repercussions of data breaches. With Tessian’s filters protecting Allens employees in multiple territories, Allens has increased the protection of the sensitive data held by the firm as it continues to deliver the high standard of service the firm has provided for almost 200 years.
Learn more about how Tessian prevents human error on email Tessian is building the world’s first Human Layer Security platform to automatically secure all human-digital interactions within the enterprise. Today, our filters use stateful machine learning to protect people using email and to prevent threats like spear phishing, accidental data loss, data exfiltration and other non-compliant email activity. To book a demo and learn more about how we can help your organization, click here.
Allens Linklaters Case Study hbspt.cta.load(1670277, '088f48a8-3560-405c-810b-d0cc67fef572', {"region":"na1"});
Customer Stories Integrated Cloud Email Security
Hill Dickinson Adopts Tessian to Prevent Sensitive Client Data from Falling into the Wrong Hands
17 September 2019
London, UK. 17 September, 2019 – International law firm Hill Dickinson has selected cybersecurity company Tessian to prevent accidental data loss caused by misdirected emails and data exfiltration to non-business email accounts, in order to protect sensitive client data. With a number of clients in the financial services and healthcare sectors, data security is a number one priority for Hill Dickinson. The firm’s health practice works with some of the UK’s largest healthcare providers, and the team proactively sought out an email security solution that could ensure the safety and privacy of sensitive data, such as patient records, while not impairing productivity. Keith Feeny, Director of IT and Operations at Hill Dickinson said, “Data breaches are a huge concern from a client perspective. Having big directories of contacts with similar names can increase the chance of an email containing sensitive data being accidentally sent to the wrong person. This could have serious consequences. We wanted a solution that could stop people making a potentially costly mistake without restricting business as usual.” Using machine learning technology, Tessian is able to predict whether an outgoing email is about to go to the wrong person. The solution sits quietly in the background and automatically alerts an individual only when a mistake is about to be made. Hill Dickinson is also working with Tessian to stop sensitive information from being exfiltrated to unauthorized, non-business accounts. The firm’s IT team found that, despite each employee being issued with a company laptop, staff were still sending documents to personal email accounts in order to work on them at home. While some companies opt to blacklist all freemail domains to solve this problem, this approach can impede productivity and stop the firm engaging with private clients, small businesses or contractors that use freemail domains. Hill Dickinson, therefore, required a solution that would pose minimal disruption to business as usual but that could automatically prevent unauthorized emails. Feeny added, “We needed our staff to understand that data was at greater risk if sent outside the network. With Tessian in place, we are able to better control the flow of data in the firm and we can ask people to think twice before sending potentially sensitive information to their personal accounts.” Tim Sadler, CEO at Tessian, said, “With high client expectations and a stricter regulatory landscape, there is no margin for error in law firms when it comes to securing the data they hold and process. But that doesn’t mean security should restrict the way partners and employees want to work. Hill Dickinson can ensure its people are able to work effectively and efficiently, without putting client data at risk.”
Integrated Cloud Email Security
Email Security Tips for an Enterprise
16 September 2019
In today’s changing business environment, 70% of organizations believe their security risk has increased significantly. The idea of data breaches being more a question of “when” rather than “if” has become mainstream. That being said, there are a number of ways for enterprises to mitigate the security risks that they could be exposed to. 1. Educate your employees The main cause of security failure within an organization is often employees, as they are responsible for handling and sending sensitive data. Educating employees on the risks that they could be exposed to through training programs is a common strategy that organizations adopt in order to try and mitigate some of these risks. While they can be beneficial, one issue with training programs is the dangerous assumption that once training is completed, all employees retain information equally well. This is an unrealistic expectation, as even the most advanced training programs have gaps that do not account for human error. Having technology that can prevent security issues before they happen – while educating your employees in real time – is potentially a more nuanced and intelligent solution for your enterprise. With Tessian’s Guardian and Defender filters, users are shown a pop-up if an inbound email looks suspicious. The pop up explains why the email could represent a threat, leaving the employee to make the final decision on which action to take, with the benefit of having all the salient information to hand. tEmployees are educated as to the threats they face, while the industry-leading technology prevents threatening emails from causing damage to your organization. 2. Be proactive Of course, data loss over email becomes becomes much more difficult to handle once it’s already happened. Having a plan in place for what to do in the event that an employee does leak data over email is important, and having a strategy for preventing the leak from occurring in the first place is even better. Invest in technologies and platforms that will enable your organization to better understand how your employees communicate with each other, and people outside the organization. 3. Get the basics right Getting the basics right is a critical step, as it will allow you to build an information security infrastructure on a great foundation. Best security practices include utilizing encryption, being careful when using a corporate email account from public and or a shared computer, and not opening emails from unknown sources. That being said, don’t let these steps lull you into a false sense of security. Research suggests that 30% of cybersecurity incidents are caused by current employees Confidence comes hand in hand with the capability of your security stack. If you’re still using legacy security software, the extent to which your organization can guard itself against internal and external attacks is already inherently limited. With this in mind, it is no surprise that confident IT security professionals are more than twice as likely to think that C-suite involvement in email security strategy as “very appropriate” and 1.4x more likely to actually obtain that engagement. Therefore, why wait until something goes wrong to implement much-needed change? Arm’s, CISO Tim Fitzgerald wanted to perfect the firm’s email security basics and find a platform that would complement the security culture that he wanted to create. Tessian helps thousands of Arm employees get the basics right on email while ensuring that their systems remain secure. (Read the case study.) 4. Don’t forget about mobile devices Email communication has become more mobile. Using email on the go and on various devices (laptops, tablets, smartphones) greatly increases the potential for mistakes. A data breach caused by a misdirected email could very easily occur on your daily commute by accidentally picking the wrong recipient from a “helpful” autocomplete list. Many email DLP platforms can only ensure protection on desktop computers, or only for Microsoft email environments. It’s important that you find a way to secure your email network, regardless of how employees might be accessing it. It’s more difficult than ever for security leaders to feel like they’re on top of everything. Fortunately, Tessian’s solutions help organizations get the basics right, while stopping even the most sophisticated outbound and inbound email threats. To learn more about Tessian, contact us here.
Customer Stories
Preventing Data Exfiltration at a FTSE 100 Tech Company
12 August 2019
Rightmove is the UK’s largest online real estate portal and property website. For over 15 years, the organization’s aim has been to empower the UK’s decisions around property. Rightmove is listed on the London Stock Exchange and is a constituent of the FTSE 100 Index. Rightmove is protecting 530 employees with Tessian Guardian and Tessian Enforcer.
Seeking a seamless security system For David Cray, Rightmove’s Head of Customer Experience and Product Development, making sure the UK’s number one property portal has a proactive cybersecurity strategy is vitally important. Rightmove was searching for a flexible solution to the problem of accidental data loss and unauthorized email activity. David needed a product would work across all systems and devices. Rightmove turned to Tessian for answers. Prompt deployment and threat detection Rightmove was able to quickly and easily deploy Tessian’s Guardian and Enforcer filters across all UK team members. Tessian’s machine learning enabled Rightmove to benefit from minimal disruption to staff and their day-to-day work, while still equipping the organization with best-in-class email security technology. The Guardian filter’s machine intelligence prevents emails being sent from Rightmove employees to the wrong person as a result of human error, while Enforcer identifies and stops sensitive emails from being deliberately sent to unauthorized email accounts. Building an agile security culture Email will continue to remain one of the biggest security concerns for many organizations. By deploying Tessian across the organization, David has taken the necessary steps to ensure that Rightmove is prepared to combat the most advanced email security challenges. Learn more about how Tessian prevents human error on email Tessian is building the world’s first Human Layer Security platform to automatically secure all human-digital interactions within the enterprise. Today, our filters use stateful machine learning to protect people using email and to prevent threats like spear phishing, accidental data loss, data exfiltration and other non-compliant email activity. To book a demo and learn more about how we can help your organization, click here.
Rightmove Case Study    hbspt.cta.load(1670277, '98a11710-15e1-45d6-aeae-9c7dbb3cb1bd', {"region":"na1"});
Customer Stories
Solidifying Security in Investment Management
06 August 2019
Man Group is one of the world’s largest independent alternative investment management groups with $114.4bn of client capital in liquid and private markets. Man Group’s managers (Man AHL, Man FRM, Man GLG, Man Numeric and Man GPM) have diverse long/short and long only strategies spanning equity, credit, managed futures, convertibles, emerging markets and multi-managers. Man Group is protecting 1,700 employees with Tessian Guardian, Tessian Enforcer and Tessian Constructor.
Evolving beyond data loss prevention Financial organization like Man Group encounter large quantities of highly sensitive information on a daily basis. Neil Wellard, Man Group’s Head of Information Security, recognizes that in large, complex organizations the risk of inadvertent data loss is high. The repercussions could undermine organizations’ reputations within their industries. Email is the most used communication tool within enterprises. To Neil, it was vital for Man Group to continue looking beyond its existing security technologies like Data Loss Prevention. Aware of the potential risks and the limitations of legacy email security products, Neil and his team progressed with Tessian. Best-in-class security, without disrupting business After successfully deploying Tessian across the entire firm, Man Group’s information security professionals were quickly able to familiarize themselves with Tessian’s products and access detailed organizationwide security analytics through the Tessian dashboard. Tessian’s machine learning helped Man Group automatically identify and prevent inadvertent data loss over email while ensuring minimum disruption to employees at the organization. With a low false positive rate, Tessian’s warnings effectively minimized unauthorized emails and accidental data loss without disrupting people’s regular workflows. Staying vigilant in a changing environment With Man Group and other multinational investment managers having to deal with constantly changing regulatory and commercial environments, the need to invest in agile and customizable security solutions will only grow over time. With Tessian in place, Man Group can mitigate the risk of misaddressed and unauthorized emails without disrupting business as usual. Learn more about how Tessian prevents human error on email Tessian is building the world’s first Human Layer Security platform to automatically secure all human-digital interactions within the enterprise. Today, our filters use stateful machine learning to protect people using email and to prevent threats like spear phishing, accidental data loss, data exfiltration and other non-compliant email activity. To book a demo and learn more about how we can help your organization, click here.