A commissioned study conducted by Forrester Consulting on behalf of Tessian in July 2022 reveals that a composite enterprise of 10,000 protected inboxes saw 268% Return On Investment (ROI) over three years after deploying Tessian. This amounts to over 29,600 labor hours saved.

In addition to the significant time savings, the benefit of having Tessian deployed focused on reducing email security risk against advanced email threats, as well as preventing email data loss. Additional key benefits included quantifiable improvements to the security culture of customer organizations, leading to lower click-through-rates and a greater awareness of the cyber risks posed on email. 

Tessian commissioned Forrester Consulting to conduct a Total Economic Impact™ study to examine the ROI that a composite enterprise realized by deploying Tessian over a 3 year period. The value of having Tessian deployed was distributed accordingly:

• Savings of  $3.1 million due to inbound email threat prevention, including against advanced malicious emails that upstream solutions failed to detect.

• Savings of $2.6 million from preventing email data loss incidents thanks to Tessian’s advanced email data loss protection capability.

• $2.9 million in savings from preventing accidental email from being sent – this includes preventing misdirected and miss-attached emails from being sent.

For modeling purposes Forrester Consulting used full Tessian Platform implementation for a 10,000 end-user enterprise. The study found total benefits of $8.6m, a net present value (NPV) of $6.2m, and an ROI of 268%.

Risk Reduction

Email remains the preferred delivery mechanism for devastating malware attacks, including ransomware. The FBI notes in its latest IC3 report that Business Email Compromise (BEC) has led to losses of $43 billion in the past 5 years, with 65% of these losses occurring in the period 2019 to 2021.

According to the study, this is supported by Forrester’s own research, finding that email-based phishing attacks are playing an increasingly prominent role in security breaches, rising from 23% in 2020 to 31% in 2021. This represents a 35% year-over-year increase. Of concern are the increasing sophistication of BEC, account takeover attacks (ATO), and the devastating impact that insider threats pose, particularly from a data breach perspective.

An information gap that Forrester Consulting identified in the study is the lack of research available and awareness surrounding email data loss. This was mirrored both in published research and in the enterprise. Only after deploying Tessian, did customers realize the magnitude of the data loss risk they faced.

Challenges before Tessian

Some of the key email security challenges prior to interviewed organizations choosing Tessian, included:

• A lack of detection and prevention capability of existing email security tools against advanced threats. Interviewees noted that advanced email threats are becoming more prevalent and more targeted at senior executives.

• Previous email security tools had limited or no email data loss capabilities. Due to the sensitive nature of data processed by the interviewees’ organizations, they could no longer take the risk of not addressing email data loss risk arising from either exfiltration and misdirected emails.

• Existing email security solutions that relied on rule-based policies resulted in excessive and disruptive banner warnings without context and didn’t offer protection. In this noisy environment every email had to be treated as a threat, the organizations had no trust in the security efficacy of their existing email security solutions.

Solution Requirements

Prior to choosing Tessian, the features interviewees wanted in an advanced email security solution included:

• Definitive and demonstrable AI and ML capabilities.

• High-quality and actionable alerts.

• Advanced protection capabilities for inbound as well as outbound email.

• API-based integrations into the existing security stack and email environments. 

• Fast deployment and low management overhead.

• Ability to scale as well as providing a flexible and strategic partnership.

Impact of Tessian

The enterprise organizations that Forrester evaluated found Tessian delivered the following: 

• Halving the phishing rate for a large healthcare enterprise, while also reducing the time to diagnose and respond to phishing campaigns from 8.5 hours down to 5 hours.

• Blocking 143 malicious emails in 1 month for a financial services company, and significantly reducing the click-through-rate while improving the security awareness of employees to better identify malicious emails.

• Detecting and preventing 901 malicious emails in one month at another financial services company that had gone undetected by other upstream email security tools.

For data exfiltration, Tessian had the following impact:

• Detected and enabled fast and effective protection and response against data exfiltration attempts for a healthcare enterprise.

• Enabled a culture shift in the professional services company, reducing data exfiltration over email due to the proactive warnings provided by Tessian.

For misdirected emails Tessian had the following impact:

• 270 instances of accidental data loss in 90 days were prevented for a professional services firm.

• 243 misdirected emails and 9 incorrect attachments were detected in one month at a financial services firm.

• Significant reduction in misdirected emails at a healthcare company with the director of information security citing an overall improvement of security awareness among end-users, evidenced by fewer accidental data loss instances every month.

Additional benefits

Better security decision-making: The Forrester study also found there was better end-user security decision-making due to contextual prompts end-users receive in real time on likely malicious emails. Security administrators also leveraged the improved risk analytics to better understand how email security risk is trending in their environment.

Greater investigation efficiency and ability to demonstrate ROI to leadership: Another key benefit realized was significantly faster investigations of email security incidents, as well as a low effort in communicating the ROI of Tessian and how it is reducing email risk to the executive leadership. 

Enhanced end-user experience: The user experience and positive feedback from end-users of Tessian were among the notable findings. The positive feedback was tied to the fact that Tessian makes end-users feel more secure and confident on email. This was in large part due to the context driven alerts on likely malicious emails, as well Tessian’s ability to prevent email mistakes from happening. 

Improved security culture: The impact Tessian was having on improving the security culture across the organizations interviewed was significant, with one of the interviewees sharing that thanks to Tessian, their latest phishing-prone score was 10% lower than the industry benchmark.

Tessian for advanced email ecosystem protection 

Although there are numerous cloud email security solutions on the market today, only Tessian  offers the most comprehensive cloud email security protection available. Thanks to our machine learning powered behavioral detection and cloud email security platform approach, Tessian offers protection against advanced email threats as well as prevents email data loss. 

Combined with in-the-moment security awareness coaching, the easy ability to demonstrate ROI, and the strategic and flexible nature of our customer partnerships, leads Tessian to be among the most liked security tools by security leaders and end-users alike.

Want more information on how Tessian can protect your organization? Book a call with one of the team below or try our free email threat assessment.

To see how the Tessian Intelligent Cloud Email Security platform  prevents ransomware attacks, and protects against DLP, watch a product overview video or book a demo.

For the latest cybersecurity news and articles, sign up for our newsletter, and follow us on Twitter and LinkedIn