Request a Demo of Tessian Today.
Automatically stop data breaches and security threats caused by employees on email. Powered by machine learning, Tessian detects anomalies in real-time, integrating seamlessly with your email environment within minutes and starting protection in a day. Provides you with unparalleled visibility into human security risks to remediate threats and ensure compliance.

Live Webinar | Ready to Supercharge Your Microsoft Environment? Yes, sign me up!

Human Layer Security

90% of data breaches are caused by human error. Stay up to date on the latest tips, guides, and industry news on Human Layer Security.

Customer Stories
Reducing the Risk of Human Error on Email
11 April 2019
Forming part of the NEX Group, Traiana operates the leading market infrastructure for post-trade processing and risk management across asset classes, and provides client service and risk management technology across the financial sector. Global banks, broker/dealers, buyside firms and trading platforms use their cross asset class services to automate risk management and pre-trade/post-trade processing of listed and over the counter transactions. Triana is protecting employees with Tessian Guardian and Tessian Constructor.
The problem Due to sensitivity of the information that Traiana deal with on a regular basis, they set out to find a tool that could prevent misdirected emails without warning the user every time they sent an external email. They found that Tessian’s machine learning approach provided them with the intelligent solution they needed. The solution Tessian was rolled out firm-wide at Traiana. After an initial period, Tessian presented a detailed report containing email statistics and misdirected emails caught by Guardian. As well as preventing several emails from being sent the wrong recipient, Tessian also provided Traiana with a valuable insight into their email traffic and common sending behaviors. Tessian is now used by Traiana to prevent multiple potential data leaks every day. Learn more about how Tessian prevents human error on email Tessian is building the world’s first Human Layer Security platform to automatically secure all human-digital interactions within the enterprise. Today, our filters use stateful machine learning to protect people using email and to prevent threats like spear phishing, accidental data loss, data exfiltration and other non-compliant email activity. To book a demo and learn more about how we can help your organization, click here.
Traiana Case Study hbspt.cta.load(1670277, '4af529a0-d88d-478a-8ef2-f5ec8879b7f8', {"region":"na1"});
Customer Stories
Keeping Research and Development Secured from Human Error
11 April 2019
Vernalis Plc is a commercial stage pharmaceutical company with three marketed products, four additional products under development and a broad pipeline of research and development programs. Vernalis is protecting 125 employees with Tessian Guardian and Tessian Constructor.
The problem Given the highly sensitive nature of the R&D performed, securing their email environment from human error is a key priority for the company. The company had heard of incidents in the past where project related information had been sent to the wrong person and wanted to proactively address this step. The management team is acutely aware of the potential risks from misaddressed emails, and had spent some time looking at various vendors before choosing to work with Tessian because of the way in which the machine learning approach solves the problem. The solution Tessian was rolled out to 125 users across three Vernalis sites, including the UK and US. Vernalis now use Guardian and Constructor to detect and prevent email threats in the form of misaddressed emails and to implement their own custom compliance policy rules. Tessian’s machine intelligent platform has better equipped Vernalis to protect their firm from human error-related incidents over email. Learn more about how Tessian prevents human error on email Tessian is building the world’s first Human Layer Security platform to automatically secure all human-digital interactions within the enterprise. Today, our filters use stateful machine learning to protect people using email and to prevent threats like spear phishing, accidental data loss, data exfiltration and other non-compliant email activity. To book a demo and learn more about how we can help your organization, click here.
Vernalis Case Study hbspt.cta.load(1670277, '1d9bb10d-1e20-45cd-bd92-d15d5b8b9064', {"region":"na1"});
Human Layer Security
Tessian Wins Best Cybersecurity Service at Prestigious Hedge Fund Awards
29 March 2019
Tessian was named the Best Cybersecurity Service at the HMF European Hedge Fund Services Awards, in light of our innovative work to secure the human layer and prevent data breaches in hedge funds. Hosted at the Natural History Museum, the spectacular awards ceremony celebrated hedge fund service providers that have demonstrated exceptional client service, innovative product development and strong and sustainable business growth over the past 12 months. Tessian was shortlisted along with six other cybersecurity comapnies that provide solutions to protect hedge funds from cyber attacks.
We were thrilled to be rewarded by the judges – a panel of leading hedge fund COOs, CFOs, GCs and CTOs – as the best-in-class cybersecurity solution for this industry. The award recognized how Tessian has fundamentally changed the way hedge funds approach cybersecurity – focusing on protecting the human layer, rather than just securing a company’s networks and devices. This is incredibly important because 86% of data breaches can be attributed to human error, whether that’s accidentally sending an email containing sensitive data to the wrong person or falling victim to a phishing attack. When you consider that 60% of the organizations hit with phishing attacks during Q4 of 2017 were financial institutions, the threat in this particular industry is not one to be ignored. By using machine learning to analyze historical email data – the leading indicator of human behavior in the enterprise – our technology can automatically understand relationships, context and communication patterns of people. By understanding normal communication, we can automatically identify and prevent email threats before they occur.  
Customer Stories
Safeguarding a Reputation with Intelligent Data Loss Prevention
12 March 2019
Boult Wade Tennant is a leading patent and trademark attorneys firm with offices in London, Madrid, Munich, Cambridge, Reading and Oxford, specializing in intellectual property law. Their patent, trademark, and design teams specialise in advising clients over the full life-cycle of brands, products or systems; from acquisition, exploitation and protection to commercial use, infringement or contentious issues. Boult Wade Tenannt is protecting employees with Tessian Guardian.
Working with their clients’ proprietary information and other confidential data as a matter of course, the firm wanted to augment the protection they provide their clients, and further safeguard any confidential information they may process on clients’ behalf. Boult Wade Tennant picked Tessian because it was easy to install, required minimal configuration, and is unobtrusive to employees. Tessian has allowed Boult Wade Tennant to mitigate the risk of misaddressed emails and inadvertent IP loss, safeguarding their reputation as one of the best in the business. Learn more about how Tessian prevents human error on email Tessian is building the world’s first Human Layer Security platform to automatically secure all human-digital interactions within the enterprise. Today, our filters use stateful machine learning to protect people using email and to prevent threats like spear phishing, accidental data loss, data exfiltration and other non-compliant email activity. To book a demo and learn more about how we can help your organization, click here.
Customer Stories
Ensuring Data Loss Protection
12 March 2019
Com Laude, an ICANN accredited registrar, is a specialist domain name management company that helps businesses manage their domain name portfolios throughout the full life cycle. Com Laude is protecting employees with Tessian Guardian, Tessian Enforcer and Tessian Constructor.
The problem As a trusted strategic partner of leading global brands, Com Laude recognized that there was a direct correlation between the security of their clients’ information and the security of their business – something that they were keen not only to protect but enhance, so as to facilitate further growth. Having identified the significance of the threat at hand, they were keen to find a solution – and with misdirected emails being the most common type of data security incident, there was no time to waste. Attracted by the intelligence of our AI and machine learning based software, the Com Laude team actively sought out Tessian Guardian, combining this with the additional protection provided by Tessian Constructor to implement an effective regulatory framework for their internal communication policies. The solution Tessian was rolled out to 30 employees across a number of departments at Com Laude. After an initial period of time exploring Tessian’s functionality, Com Laude built a variety of rules specifically for their organisation using Constructor and had Guardian successfully running in the background. Soon after, Com Laude were presented with a detailed threat report from Tessian, including a high-level overview of their email statistics along with a deep-dive analysis of the specific threats identified via the Guardian – specifically, flagged misdirected emails. The results from this report provided Com Laude with “proof” not only of the value of their investment, but of the scale of the problem. Having indicated that Guardian was able to detect and prevent email threats in the form of misdirected emails, the report also provided the company with some significant insights via these email statistics. This had a direct impact on Com Laude’s business model, allowing the firm to use these findings to set key rules designed to further protect their customers. Learn more about how Tessian prevents human error on email Tessian is building the world’s first Human Layer Security platform to automatically secure all human-digital interactions within the enterprise. Today, our filters use stateful machine learning to protect people using email and to prevent threats like spear phishing, accidental data loss, data exfiltration and other non-compliant email activity. To book a demo and learn more about how we can help your organization, click here.
Customer Stories
Securing the Email Environment from Human Error
12 March 2019
Travers Smith is a leading corporate law firm headquartered in London. It advises national and multinational companies across the full range of corporate and commercial matters. Travers Smith is protecting employees with Tessian Guardian and Tessian Constructor.
Given the highly sensitive nature of the work performed and the client confidentiality requirements outlined by the Solicitors Regulation Authority, securing their email environment from human error was a key priority for the firm. Risk and IT teams were acutely aware of the potential risks from misdirected emails and chose Tessian Guardian because of the admin – free nature of the product and minimal disruption and effort that it requires from end users at the organization. Travers Smith successfully deployed Tessian firm wide with minimal effort from the firm’s IT team. After a set period of time using the software, Travers Smith was presented with a comprehensive report containing details of Tessian’s performance and examples of misdirected emails that had been prevented. Thanks to Tessian, Travers Smith is now better equipped to protect clients’ sensitive information and avoid the scenario of confidential information accidentally being sent to the wrong people. Moreover, Tessian allows the firm to demonstrate diligence to clients and regulators by showing that the risk is being measured and managed appropriately. Learn more about how Tessian prevents human error on email Tessian is building the world’s first Human Layer Security platform to automatically secure all human-digital interactions within the enterprise. Today, our filters use stateful machine learning to protect people using email and to prevent threats like spear phishing, accidental data loss, data exfiltration and other non-compliant email activity. To book a demo and learn more about how we can help your organization, click here.
Customer Stories
Seamlessly Implementing Email Security
12 March 2019
Grosvenor Law is a specialist personal and business dispute resolution firm based in Mayfair, London. They work on significant and complex disputes worldwide across a range of business sectors, on behalf of corporate clients and high net worth individuals. Grosvenor Law is protecting employees with Tessian Guardian and Tessian Constructor.
Given the highly sensitive nature of the work performed and the client confidentiality requirements outlined by the Solicitors Regulation Authority, securing their email environment from human error is a key priority for the firm. There has been an increasing number of high profile losses of confidential data in the legal sector in recent years and months. The Chief Executive of Grosvenor Law had already taken a number of measures to reduce the risk of inadvertent data loss over email, but chose to add to their existing risk management measures by working with Tessian given the unique machine learning intelligence of the system. The firm opted to use Guardian to prevent and detect misdirected emails, as well as Constructor to implement some of their own custom communication policies. After some time, Tessian issued the Chief Executive with a report detailing the findings of how the software had successfully prevented misaddressed emails for Grosvenor Law. It also showed how Tessian’s machine learning algorithms had developed an understanding of the organization’s regular email patterns and behavior in order to accurately detect anomalies. By having outgoing email content from their organization automatically checked by Tessian software, Grosvenor Law is able to protect their client data from one of the most common causes of data loss. They are also able to demonstrate diligence to clients and regulators that this risk is being measured and controlled. Learn more about how Tessian prevents human error on email Tessian is building the world’s first Human Layer Security platform to automatically secure all human-digital interactions within the enterprise. Today, our filters use stateful machine learning to protect people using email and to prevent threats like spear phishing, accidental data loss, data exfiltration and other non-compliant email activity. To book a demo and learn more about how we can help your organization, click here.
Human Layer Security
Human Error is Incredibly Difficult to Understand, Let Alone Predict
04 March 2019
Email still remains the main communication channel for enterprises. Despite its incredible efficiencies and economies of scale, email as a communication tool is reliant on human interaction and judgement. This makes human error particularly prevalent on email. One example of a mistake that can occur over email due to human error is an email being directed to the wrong person. A misdirected email might happen for any number of reasons, just a few of which include stress, alertness, being in a hurry or simply bad luck. For example, staff members at a major Australian bank mistakenly sent emails that contained data from over 10,000 customers to the wrong recipient due to an error that changed the email’s domain name. Over the past few years the workforce has become more mobile, meaning that more data now exits organizations’ premises and networks. Many employees manage their inbox on the move, replying to an urgent email after work while commuting or messaging international clients in the early hours of the morning. While this flexibility is advantageous for employees and businesses, different diligence levels outside working hours and on mobile devices raise the chance of a misdirected email being sent. Let’s take a small-scale example. Even for a small organization where each employee sends a moderate number of emails per day, Tessian data shows that the likelihood of a misdirected email leaving the organization in a given month is high. That risk increases dramatically with the size of an organization. No matter how many Secure Email Gateways and firewalls you employ, failing to address this risk could mean your organization’s data being compromised. Mistakes due to human error are not limited only to outbound email. Over the past few years, inbound attacks such as spear phishing have become more frequent and more sophisticated. For example, someone may receive an email from an attacker impersonating a supplier requesting a transfer for an outstanding payment. The degree of urgency included in the email and the fact that the attacker utilizes a legitimate relationship makes the likelihood of the recipient falling for the attack more likely. In order to stay vigilant in this changing environment, security officers and business leaders should focus on two simple questions: 1. What’s the most likely cause of data loss for our organization? 2. What’s the maximum damage that a human error could cause? This awareness can help security leaders gain a better understanding of the risks they need to manage on an ongoing basis. Ultimately, this awareness could help mitigate the likelihood of data loss, and associated consequences like financial penalties or reputational damage. Mistakes due to human error are inevitable, but the negative consequences are not. Tessian’s machine-intelligent email filters use machine learning to understand relationships and behaviors on email, identifying in real time when people are about to make a mistake – whether it’s entering the wrong reply-to address or potentially falling for a spear phishing attack. Thoughtful, intelligent notifications located within the email client stop the threat before it can cause damage to your organization. Take action against misdirected emails and spear phishing today.  
Human Layer Security
Announcing our Partnership with Sequoia and a New Era of Cybersecurity
By Tim Sadler
27 February 2019
I’m delighted to officially share with the world today that Tessian’s raised $42m in Series B funding led by Sequoia and partner Matt Miller is joining the board. I got to properly know Sequoia and Matt last year after a destiny-crafting introduction from the legendary CyLon. We’ve been fortunate to have a lot of interest from investors, but I try not to take meetings unless we’re actually fundraising. Sequoia was different. Instead of spending time talking about ARR and our metrics, Matt was interested in our vision, founding story, team and challenges. Sequoia call themselves company-builders, and that’s exactly how it felt from day one. We couldn’t be more excited to welcome Matt to the Tessian board and to work with him to create a new category of enterprise cybersecurity. When Tom, Ed and I started Tessian in our apartment in 2013, we started with a grand vision but laser focus on trying to execute one thing extremely well—preventing sensitive data loss caused by human error. Over the past three years, we’ve been quietly expanding the capabilities of our machine learning engine to address other gaping holes in enterprise security. Today, we’re also delighted to share our vision with the world for the very first Human Layer Security platform for the enterprise. Enterprises have spent the past two decades protecting their networks with firewalls, their devices with endpoint security but have completely neglected the most important data processors of all—their people. The new capital raised in our Series B will allow us to leverage the technology we’ve applied to email security and expand this to provide automatic protection for the myriad platforms and applications in use everyday by people in global organizations. Of course, none of this would have been possible without our most important allies. First, I’d like to thank all of our customers for their incredible support and belief in us over the years. Cybersecurity, by definition, is a risk-averse industry. It’s been inspiring to see how many enterprises are willing to adopt new technology to solve their greatest problems. Second, and to whom we owe the greatest thanks—the employees of Tessian. It’s because of your brilliance, creativity and relentless grit that we’ve achieved what we have today. As I’m sure any founder will attest, fundraising is a necessary part of company building but not the ultimate goal. We now have a huge amount of work ahead as we execute against our plans for 2019—a year that’s shaping up to be our biggest yet.
Email DLP Human Layer Security Data Exfiltration
What is an Insider Threat? Insider Threat Definition, Examples, and Solutions
By Maddie Rosenthal
29 June 0201
Organizations often focus their security efforts on threats from outside. But increasingly, it’s people inside the organization who cause data breaches. There was a 47% increase in Insider Threat incidents between 2018 and 2020, including via malicious data exfiltration and accidental data loss. And the comprehensive Verizon 2021 Data Breach Investigations Report suggests that Insiders are directly responsible for around 22% of security incidents. So, what is an insider threat and how can organizations protect themselves from their own people?
Importantly, there are two distinct types of insider threats, and understanding different motives and methods of exfiltration is key for detection and prevention. Types of Insider Threats The Malicious Insider
Malicious Insiders knowingly and intentionally steal data, money, or other assets. For example, an employee or contractor exfiltrating intellectual property, personal information, or financial information for personal gain.  What’s in it for the insider? It depends. Financial Incentives Data is extremely valuable. Malicious insiders can sell customer’s information on the dark web. There’s a huge market for personal information—research suggests you can steal a person’s identity for around $1,010. Malicious Insiders can steal leads, intellectual property, or other confidential information for their own financial gain—causing serious damage to an organization in the process. Competitive Edge Malicious Insiders can steal company data to get a competitive edge in a new venture. This is more common than you might think.  For example, a General Electric employee was imprisoned in 2020 for stealing thousands of proprietary files for use in a rival business. Unsurprisingly, stealing data to gain a competitive edge is most common in competitive industries, like finance and entertainment. The Negligent (or Unaware) Insider 
Negligent Insiders are just “average” employees doing their jobs. Unfortunately, “to err is human”… which means people can—and do—make mistakes. Sending a misdirected email Sending an email to the wrong person is one of the most common ways a negligent insider can lose control of company data. Indeed, the UK’s Information Commissioner’s Office reports misdirected emails as the number one cause of data breaches.  And according to Tessian platform data, organizations with over 1,000 employees send around 800 misdirected emails every year. We’ve put together 11 Examples of Data Breaches Caused By Misdirected Emails if you want to see how bad this type of Insider Threat can get. Phishing attacks Last year, 66% of organizations worldwide experienced spear phishing attacks. Like all social engineering attacks, phishing involves tricking a person into clicking a link, downloading malware, or taking some other action to compromise a company’s security. A successful phishing attack requires an employee to fall for it. And practically any of your employees could fall for a sophisticated spear phishing attack. Want to know more about this type of Negligent Insider threat? Read Who Are the Most Likely Targets of Spear Phishing Attacks? Physical data loss  Whether it’s a phone, laptop, or a paper file, losing devices or hard-copy data can constitute a data breach. Indeed, in June 2021, a member of the public top-secret British military documents in a “soggy heap” behind a bus stop. Looking for more examples of Insider Threats (both malicious and negligent?) Check out this article: 17 Real-World Examples of Insider Threats How can I protect against Insider Threats? As we’ve seen, common Insider Threats are common. So why is so hard to prevent them? Detecting and preventing Insider Threats is such a challenge because it requires full visibility over your data—including who has access to it. This means fully mapping your company’s data, finding all entry and exit points, and identifying all the employees, contractors, and third parties who have access to it. From there, it comes down to training, monitoring, and security. Training While security awareness training isn’t the only measure you need to take to improve security, it is important. Security awareness training can help you work towards legal compliance, build threat awareness, and foster a security culture among your employees. Looking for resources to help train your employees? Check out this blog with a shareable PDF. Monitoring Insider Threats can be difficult to detect because insiders normally leverage their legitimate access to data. That’s why it’s important to monitor data for signs of potentially suspicious activity. Telltale signs of an insider threat include: Large data or file transfers Multiple failed logins (or other unusual login activity) Incorrect software access requests Machine’s take over Abuse by Service Accounts Email Security The vast majority of data exfiltration attempts, accidental data loss incidents, and phishing attacks take place via email. Therefore, the best action you can take to prevent insider threats is to implement an email security solution. Tessian is a machine learning-powered email security solution that uses anomaly detection, behavioral analysis, and natural language processing to detect data loss. Tessian Enforcer detects data exfiltration attempts and non-compliant emails Tessian Guardian detects misdirected emails and misattached files Tessian Defender detects and prevents spear phishing attacks How does Tessian detect and prevent Insider Threats? Tessian’s machine learning algorithms analyze your company’s email data. The software learns every employee’s normal communication patterns and maps their trusted email relationships — both inside and outside your organization. Tessian inspects the content and metadata of inbound emails for any signals suggestive of phishing—like suspicious payloads, geophysical locations, IP addresses, email clients—or data exfiltration—like anomalous attachments, content, or sending patterns. Once it detects a threat, Tessian alerts employees and administrators with clear, concise, contextual warnings that reinforce security awareness training
Page