Request a Demo of Tessian Today.
Automatically stop data breaches and security threats caused by employees on email. Powered by machine learning, Tessian detects anomalies in real-time, integrating seamlessly with your email environment within minutes and starting protection in a day. Provides you with unparalleled visibility into human security risks to remediate threats and ensure compliance.

October 27 | Fwd:Thinking. The Intelligent Security Summit (Powered by Tessian). Save Your Seat →

guide icon

Tessian Blog

See All Posts
ATO/BEC, Data Exfiltration, Email DLP, Integrated Cloud Email Security
Research Shows How To Prevent Mistakes Before They Become Breaches
By Maddie Rosenthal
Wednesday, July 22nd, 2020
We all make mistakes. But with over two-fifths of employees saying they’ve made mistakes at work that have had security repercussions, businesses need to find a way to stop mistakes from happening before they compromise cybersecurity.  That’s why we developed our report The Psychology of Human Error, with the help of Jeff Hancock, a professor at Stanford University and expert in social dynamics online.  We wanted to understand why these mistakes are happening, rather than simply dismissing incidents of human error as people acting carelessly or labeling people the ‘weakest link’ when it comes to security. By doing so, we hope businesses can better understand how to protect their people, and the data they control.  Key findings: 43% of employees have made mistakes that have compromised cybersecurity A third of workers (33%) rarely or never think about cybersecurity when at work 52% of employees make more mistakes when they’re stressed, while 43% are more error-prone when tired 58% have sent an email to the wrong person at work and 1 in 5 companies lost customers after an employee sent a misdirected email  Read on to learn why this matters. You can also register for our webinar on August 19 here. We’ll be exploring key findings from the report with Jeff Hancock. You’ll walk away with a better understanding of how hacker’s are manipulating employees and what you can do to stop them. What mistakes are people making?  The majority of our survey respondents said they had sent an email to the wrong person, with nearly one-fifth of these misdirected emails ending up in the wrong external person’s inbox.  Far from just red-faced embarrassment, this simple mistake has devastating consequences. Not only do companies face the wrath of data protection regulators for flouting the rules of regulations like GDPR, our research reveals that one in five companies lost customers as a result of a misdirected email, because the trust they once had with their clients was broken. What’s more, one in 10 workers said they lost their job.  !function(e,i,n,s){var t="InfogramEmbeds",d=e.getElementsByTagName("script")[0];if(window[t]&&window[t].initialized)window[t].process&&window[t].process();else if(!e.getElementById(n)){var o=e.createElement("script");o.async=1,o.id=n,o.src="https://e.infogram.com/js/dist/embed-loader-min.js",d.parentNode.insertBefore(o,d)}}(document,0,"infogram-async"); Another mistake was clicking on links in phishing emails, something a quarter of respondents (25%) said they had done at work. This figure was significantly higher in the Technology industry however, with 47% of workers in this sector saying they’d fallen for phishing scams. It goes to show that even the most cybersecurity savvy people can make mistakes.  Interestingly, men were twice as likely as women to fall for phishing scams. While researchers aren’t 100% sure as to why gender differences play a factor in phishing susceptibility, our report does show that demographics play a role in people’s cybersecurity behaviors at work.  What’s causing these mistakes to happen?  1. Younger employees are 5x more likely to make mistakes 50% aged 18-30 years olds said they had made such mistakes with security repercussions for themselves or their organization. Just 10% of workers over 51 said the same.  This disparity, our report suggests, is not because younger workers are more careless. Rather, it may be because younger workers are actually more aware that they have made a mistake and are also more willing to admit their errors. For older generations, Professor Hancock explains, self-presentation and respect in the workplace are hugely important. They may be more reluctant to admit they’ve made a mistake because they feel ashamed due to preconceived notions about their generations and technology. Businesses, therefore, need to not only acknowledge how age affects cybersecurity behaviors but also find ways to deshame the reporting of mistakes in their organization. 2. 93% of employees are stressed and tired Employees told us they make more mistakes at work when they are stressed (52%), tired (43%), distracted (41%) and working quickly (36%).  This is concerning when you consider that an overwhelming 93% of employees surveyed said they were either tired or stressed at some point during the working week. This isn’t helped by the fact that nearly two-thirds of employees feel chained to their desks, with 61% saying there is a culture of presenteeism in their organization that makes them work longer hours than they need to.  The Covid-19 pandemic has put people under huge amounts of stress and change. In light of the events of 2020, our findings call for businesses to empathize with people’s positions and understand the impact stress and working cultures have on cybersecurity.
3. 57% of employees are being driven to distraction 47% of employees surveyed cited distraction as a top reason for falling for a phishing scam, while two-fifths said they sent an email to the wrong person because they were distracted.  With over half of workers (57%) admitting they’re more distracted when working from home, the sudden shift to remote-working could open businesses up to even more risks caused by human error. It’s hardly surprising. We suddenly had to set-up offices in the homes we share with our young children, pets and our housemates. There’s a lot going on, and mistakes are likely to happen. 
4. 41% thought phishing emails were from someone they trusted Over two-fifths of people (43%) mistakenly clicked on phishing emails because they thought the request was legitimate, while 41% said the email appeared to have come from either a senior executive or a well-known brand.  Over the past few months, we’ve seen hackers impersonating well-known brands and trusted authorities in their phishing scams, taking advantage of people’s desire to seek guidance and information on the pandemic. Impersonating someone in a position of trust or authority is a common and effective tactic used by hackers in phishing campaigns. Why? Because they know how difficult or unlikely it is to ignore a request from someone you like, respect or report into.  Businesses need to protect their people from these phishing scams. Educate staff on the ways hackers could take advantage of their circumstances and invest in solutions that can detect the impersonations, when your distracted and overworked employees can’t. !function(e,i,n,s){var t="InfogramEmbeds",d=e.getElementsByTagName("script")[0];if(window[t]&&window[t].initialized)window[t].process&&window[t].process();else if(!e.getElementById(n)){var o=e.createElement("script");o.async=1,o.id=n,o.src="https://e.infogram.com/js/dist/embed-loader-min.js",d.parentNode.insertBefore(o,d)}}(document,0,"infogram-async"); But how can businesses prevent these mistakes from happening in the first place?  To successfully prevent mistakes from turning into serious security incidents, businesses have to take a more human approach.  It’s all too easy to place the blame of data breaches on people’s mistakes. But businesses have to remember that not every employee is an expert in cybersecurity. In fact, a third of our survey respondents (33%) said they rarely or never think about cybersecurity when at work. They are focused on getting the jobs they were hired to do, done. !function(e,i,n,s){var t="InfogramEmbeds",d=e.getElementsByTagName("script")[0];if(window[t]&&window[t].initialized)window[t].process&&window[t].process();else if(!e.getElementById(n)){var o=e.createElement("script");o.async=1,o.id=n,o.src="https://e.infogram.com/js/dist/embed-loader-min.js",d.parentNode.insertBefore(o,d)}}(document,0,"infogram-async"); Training and policies help. However, combining this with machine intelligent security solutions – like Tessian – that automatically alert individuals of potential threats in real-time is a much more powerful tool in preventing mistakes before they turn into breaches.  Alerting employees to the threat in-the-moment helps override impulsive and dangerous decision-making that could compromise cybersecurity. By using explainable machine learning, we arm employees with the information they need to apply conscious reasoning to their actions over email, making them think twice before doing something they might regret. 
And with greater visibility into the behaviors of your riskiest and most at-risk employees, your teams can tailor security training and policies to influence and improve staff’s cybersecurity behaviors. Only by protecting people and preventing their mistakes can you ensure data and systems remain secure, and help your people do their best work. Read the full Psychology of Human Error report here.
Read Blog Post
Life at Tessian
Our First Growth Framework – How Did We Get Here?
By Jade Jarvis
Tuesday, July 21st, 2020
Tessian has just finished building our first-ever Growth Framework for our Engineering team. At the same time, we’ve also introduced Internal Levels to represent different stages of progression and identify key milestones as our Engineers develop and grow.  We see this framework as a guiding North Star for Tessians to trail blaze their own career. Tessian’s values ensure we achieve against the expectations outlined in the framework in the right way, and they are embedded throughout.  Why did we do it?   We’ve had feedback in the past about not having clear progression paths for our current team and – at the same time – it’s critical we understand what “good” looks like at each level for new team members. So, what problems is this new framework going to solve for us?  Our Engineers know what their career at Tessian could look like.  Introducing levels means we can celebrate promotion more formally.  It will support future hiring so we can find the best people to join us.  What does it look like?  There are levels which show the milestones of development at Tessian. As our engineers develop and grow, they progress through these levels.  How do they know what it takes to get to the next level? Well, that’s where our Growth Framework comes in! The framework defines competency clusters which are then broken down into further competencies that outline the  key behaviors expected at each level.  Let us introduce you to our Competency Clusters (and Competencies)
How did we do it?  Our Engineering and People team partnered on this and garnered insights not only from Tessians, but also by exploring best practice in our industry.  We have a culture of collaboration so it was important for us to hear directly from our Engineering team to learn more about their perspectives. We spoke to as many engineers as possible to find out what makes a great engineer and a great framework.  We also reviewed successful frameworks in other tech companies to get a strong sense of what has and hasn’t worked for others.  Here’s a step-by-step of our actions:  Information-gathering  We researched open sources and, by comparing and coding, we found that there are similar core competencies that appear in the majority of frameworks. We whittled it down to seven possible competencies; Craft, Impact, Execution, Leadership, Advocacy, Continuously Improves, and Communication.  Explore workshops  We ran a series of workshops with our Eng leaders to really dig into what’s important for them. In the first workshop, we shared the seven possible competencies and, in breakout groups, we discussed the competencies. We asked ourselves two key questions:  For Tessian: How important is this in helping us achieve our business goals?  For our Tessians: How meaningful is this for individuals in their careers?  We then brought everyone back for a group discussion and shared our thoughts from the breakout groups. As expected, we found there was a lot of cross-over amongst the competencies and what they mean to us.  From this first session, we had two main takeaways:  We needed to ensure that we created clear competency cluster definitions that describe exactly what that competency means to Tessian.  We could chop and merge some of the 7 possible competencies clusters to identify our core competencies.  In our second workshop, we shared our findings and introduced the rescoped and refined competencies. This was where the idea of Competency Clusters with Competencies within them were born.  Our four clusters became: Craft, Impact, Delivery, and Communication.  From this session, we gained better understanding about our competencies, but had feedback that perhaps the names of the clusters didn’t feel quite right.  We wanted our clusters to be action statements, so:  Craft became “Master your Craft” – broken down into Technical Skills, Continuous Improvement and Security.  Impact became “Make an Impact”– broken down into Teamwork, Influence, Accountability and Customer-Centricity.  Delivery became “Get Stuff Done” – broken down into Delivery and Autonomy.  Communication became “Communicate” – broken down into Information and Feedback.  Building the behaviors  At this point, we were in a good place with our competency clusters, competencies, and definitions. It was time to build the specific behavioral indicators that sit under each competency and each level.  We knew from our previous workshops that – while we were getting some really useful comments – it was sometimes quite difficult to capture them all verbally. So, we tried out a live commenting activity. It worked brilliantly and captured the diversity of thought amongst all of our engineering leaders.  We shared the draft framework with our managers before the session. Then, during the session, we asked managers to spend the first 20 minutes making live comments on our Google sheet. Afterwards, and as a group, we went through each of the comments, discussed further, and made notes for action.  Iterations  But, we didn’t stop there. We had a few more manager workshops where we had cycles of gaining feedback > making amends > sharing back.  When we got to what we’d call a ‘final draft’, we asked the wider Engineering team for volunteers to join a focus group to get their feedback. This was an energizing session and was the first time the wider team was able to see the framework and overall, the response was really positive. People really cared about understanding how this tool could be used to support their growth at Tessian. One nugget of feedback that came from this group was that our Competency Framework sounded very formal and not very inspiring, and so, this became our Growth Framework. This really felt like it was more representative of what we want to use it for.  Defining our levels  While we were finalzing our Growth Framework, we were also identifying what levels and job titles would make sense for Tessian. Again, we looked at what our peers were doing (using progression.fyi), so that whatever we landed on spoke the same language as the rest of tech. This also ensures that it’s on par with appropriate expectations in the market so it’s easily comparable with other companies. Testing, testing!  This is arguably the most important part. We had to see if the framework actually worked in practice. We had meetings with individual managers to work through what level each of their team members were currently delivering to. And, to ensure a fair and transparent process, we had a group calibration session to discuss the larger team. In an effort to ensure the same approach was being applied to every assessment, we asked managers to use a traffic light system to review their direct reports against each competency. The traffic light colors indicate: “They are consistently demonstrating this behavior” (green) “They demonstrate this behavior from time to time, but not all the time” (yellow) “They are currently not demonstrating this behavior” (red) Go Live The final tweaks were done, wordsmithing complete, and design decisions made. Finally, our framework was published on our internal Wiki for everyone to view.  All managers had discussions with their direct reports to understand where they think they currently sit against the framework, and we will finalize trial levels over the coming weeks. The word “trial” here is important. We’ll explain more below. What comes next?  Collaboration and shared accountability are critical to our engineering culture at Tessian. So, for the next few months, our team will have what we’re calling “trial levels”. This means that we won’t confirm final levels until we’ve used the framework in practice for a couple of months, and our team has really had the opportunity to see how this works for them before providing feedback. It’s a process! We’re beyond excited to see how this framework will continue to support Tessian to create a world class engineering organization that not only builds amazing products, but that enables engineers to thrive and grow in their careers. Watch this space as we share more news about how this has worked for us in practice and key insights gained!   And, if you’re interested in joining our team, see our open roles here.
Read Blog Post
ATO/BEC, Email DLP
Why Political Campaigns Need Chief Information Security Officers
Monday, July 20th, 2020
On July 10th, Joe Biden’s US presidential campaign announced it was hiring a Chief Information Security Officer (CISO) and a Chief Technology Officer (CTO). Biden’s campaign team told The Hill that these security professionals would help “mitigate cyber threats, bolster… voter protection efforts, and enhance the overall efficiency and security of the entire campaign.” This development confirms what cybersecurity experts have long understood — that, just like businesses, political campaigns require a CISO. We’ll tell you why. Are political campaigns likely targets of cybercrime? Rates of cybercrime — and the sophistication of cybercriminals — continue to increase across all sectors. Whether it’s phishing attacks, malware, ransomware, or brute force attacks, incidents are on the rise.  And, when you consider which industries are the most targeted (Healthcare, Financial Services, Manufacturing) It’s easy to understand why political campaigns are also targets of hackers and scammers: Political campaigns are a cornerstone of the democratic process They process the personal information of thousands of voters  They handle confidential and security-sensitive information These aren’t anecdotal reasons. Political campaigns have been targeted by cybercriminals before. For example, in 2016, Hillary Clinton’s campaign manager, John Podesta, received a spear phishing email disguised as a Google security alert. Podesta followed a link, entered his login credentials, and exposed over 50,000 emails to malicious actors. This is a great example of how human error can lead to data breaches and goes to show that anyone can make a mistake.  That’s why cybersecurity is so important. Learn how Tessian prevents spear phishing attacks.  How can a CISO help a political campaign? Hiring a CISO — and thus improving the cybersecurity of political campaigns — has three main benefits: Safeguarding the democratic process Protecting voter privacy Maintaining national security Let’s explore each of these in a bit more detail. You can also check out our CISO Spotlight Series to get a better idea of what role a CISO plays across different sectors.  Safeguarding the Democratic Process Whatever your political persuasion, it’s hard to ignore headlines that detail the role cybercriminals played in the 2016 US election, including: Cyberattacks occurred against politicians Electoral meddling undermined voters’ faith in the democratic process Better cybersecurity could have mitigated the impact of electoral cyberattacks A CISO ensures better coordination of a political campaign’s IT security program. This can involve: Mandating security software on all campaign devices  Setting up DMARC records for domains used in campaigning Assessing risk and responding to threats Increasing staff awareness of good cybersecurity practices Of course, these functions aren’t specific to political campaigns. A CISO’s job, whether at a big bank or a law firm, is to safeguard systems, data, and devices by implementing policies, procedures, and technology and to help build a positive security culture. The difference, though, is that while a CISO at your “average” organization helps prevent data breaches and other security incidents, the CISO of a political campaign does all of this while also helping maintain faith in the process among voters.  Keep reading to find out how. Protecting voter privacy Political campaigns must communicate directly with individual voters which means those working on the campaign have access to highly sensitive information. And, we’re not just talking about names and addresses. Even a person’s intention to vote is highly sensitive personal information.  While – yes – many people publicly proclaim their ideology and voting intention via social media, those people don’t expect their information to be mined by data-harvesting software, combined with other personal information, and shared with unauthorized third parties. They simply want to share their views with friends, family, and followers.
Like hacking, data mining operations can affect the outcome of elections. They also represent a gross invasion of individual privacy.  How valuable an asset is voter data? A few recent high-profile examples will give you an idea. (Click the links to learn more about each individual incident.) The UK pro-Brexit Vote Leave campaign’s involvement in the Cambridge Analytica scandal Rand Paul and Ted Cruz’s campaigns allegedly selling their voters’ contact information to the Trump campaign Rick Santorum’s campaign selling voters’ data to a “doomsday prepper” firm These examples prove that voter data can be used to raise funds or create a political advantage. But what are the consequences? To start, voter trust is lost which – as we’ve discussed – can impact the democratic process. Beyond that, there are also legal ramifications. Under state and federal privacy laws, selling personal information is a legally-regulated activity. Any allegation that a campaign has violated privacy law would be extremely damaging not just reputationally, but financially.  A CISO can help ensure that a political campaign is less likely to engage in risky behavior with voters’ personal information and assist the campaign to comply with privacy law.  But it’s not just personal information that political campaigns handle. Maintaining National Security Political campaigns also handle security-sensitive information which must be carefully safeguarded. Robert Deitz, former senior counselor to the CIA, told Washington Post that a Russian cyberattack on the Trump campaign could reveal information about Trump’s foreign investments and negotiating style. Having access to this data could help Russia understand “where it can get away with foreign adventurism.” A CISO has overall responsibility for information safeguarding within an organization. They understand:  What types of data exist about the candidate  How and where the information is processed, stored, and transferred Who can access the data All of this information helps CISOs implement data loss prevention (DLP) strategies in order to keep sensitive information out of the hands of bad actors.  Why does this matter?  Data privacy – and therefore cybersecurity – is essential for the modern world.  In fact, in business, a strong security posture fosters trust with customers and prospects and is therefore considered a competitive edge. Why? Because data is valuable currency. Customers and prospects expect the organizations they interact with to safeguard the information shared with them. Shouldn’t politicians foster trust with voters in the same way? 
Read Blog Post
Integrated Cloud Email Security
Tessian included in Forrester Now Tech: Enterprise Email Security Providers, Q3 2020 report
Tuesday, July 14th, 2020
We are thrilled to announce that Forrester Research has recognized Tessian as one of the vendors in the Now Tech: Enterprise Email Security Providers, Q3, 2020 report. Inclusion in this report is based on Forrester’s independent analysis of vendors’ capabilities and market presence and was created to help security leaders identify which solutions will provide the most value for their particular organization. Before we dive into why Tessian was recognized, let’s look at Forrester’s definition of Enterprise Email Security.
In order provide an overview of solutions, Forrester identifies four Enterprise Email Security Functionality Segments, including: Secure email gateway (SEG) Email infrastructure provider Cloud-native API-enabled email security (CAPES) Email authentication provider Tessian is recognized as one of the players among the cloud native API- enabled email security (CAPES) solutions. Importantly, this segment has high functionality in both email cloud integration and phishing protection. Why does this matter? Not only do phishing and social engineering attacks cause the majority of breaches today, but according to Forrester, rapid adoption of cloud email infrastructure like Microsoft O365 and Google G Suite is forcing enterprises to move away from traditional secure email gateways and on-premises hardware. Organizations now often use the native capabilities of their email infrastructure provider, then augment those protections with CAPES or cloud-based email filtering. Security pros know that despite best efforts, malicious emails will inevitably get through, so they need a layered approach that includes both prevention and response measures. It’s important to note that detecting and preventing threats isn’t enough. Forrester recommends that security professionals protect against email-bound security threats by empowering employees with phishing education and being prepared for the worst with incident response. Why was Tessian recognized? From our standpoint, it is because this is exactly what Tessian does. Tessian provides a layered approach to email security by seamlessly integrating with Microsoft O365 and Google G Suite email infrastructure providers, extending their native capabilities, and protecting against phishing attacks and other inbound and outbound threats. Tessian’s Key Features Tessian automatically safeguards against accidental data loss, data exfiltration, and insider threats, in addition to automatically defending against advanced inbound threats like business email compromise (BEC), spear phishing, and other targeted impersonation attacks. How? Powered by machine learning, Tessian – the world’s first Human Layer Security platform – turns an organization’s email data into their best defense against human error on email. Tessian is uniquely positioned to do both, offering organizations: In-situ real world phishing training with educational warnings. Tessian’s warnings come with simple, clear messages including precise reasons as to why an email was classified as unsafe. The educational warning not only alerts employees about unsafe emails, but also educates them in the moment. Think of it as training. But, instead of generic phishing simulations, employees learn from real phishing emails that land in their inbox.
Robust investigation and remediation tools. With email quarantine and post-delivery protection like bulk email removal, single-click denylist, and clawback, it’s easier than ever for security teams to take action and move swiftly from investigation to remediation.
Automated threat intelligence. Tessian’s Human Layer Security Intelligence offers security leaders crystal clear visibility into their security threats, including their riskiest and most at-risk employees. This way, they can offer targeted training to reinforce policies and best practice before a security incident occurs.
Learn more about Tessian Tessian can be deployed within minutes and automatically starts preventing threats within 24 hours of deployment. Our solutions are trusted by world-leading businesses like Arm, Man Group, Evercore, and Schroders to protect their people on email. Book a demo to learn how Tessian can help secure your Microsoft O365, G Suite, MS Exchange email environments.  
Read Blog Post
Compliance
US Data Privacy Laws 2020: What Security Leaders Need to Know
Monday, July 13th, 2020
When it comes to privacy and data security, the United States has a less strict regulatory environment than many other major economies, such as the European Union. However, several states have passed laws in recent years that impose significant requirements on businesses handling the personal information of US residents.There are also some tough sector-specific federal privacy laws that you might not realize you need to comply with. This guide will help you understand: Which US state and federal privacy laws apply to your business What the laws require The consequences of a violation Let’s start with state laws.  State Laws While these are “US state privacy laws”, they actually apply to businesses around the world. Why? Because it doesn’t matter where your business is located, it matters whose personal information you’re handling. We’ll give examples below, with a focus on the three broadest and strictest US state privacy laws.  California Consumer Privacy Act (CCPA) The California Consumer Privacy Act (CCPA) came into full force in 2020 and is California’s state law that many people are (justifiably) comparing to the European Union’s world-leading General Data Protection Regulation (GDPR). If you’re interested, you can read the full text here.  Important Note: The California Privacy Rights Act (CPRA) – also known as Proposition 24 – passed on November 3, 2020. The CPRA amends the CCPA, pushing the state statute closer to the GDPR. The CPRA creates a general purpose limitation on personal information use, limiting a business’s use and sharing of personal information to the purposes for which it was collected and for purposes of which the consumer has been informed. While – yes- the CCPA already contains similar notice requirements with respect to the purposes for which personal information will be processed, the CPRA offers California regulators additional enforcement options. What does this mean for you? Organizations must ensure compliance with the CPPA – integrating the demands of the CPRA – before it takes effect on January 1, 2023. Who Does the CCPA Apply to? Although the CCPA was written with big tech companies in mind, it affects businesses across sectors.  The CCPA covers any business handling the personal information of California residents (regardless of whether the business has any physical presence in the state) that meets one of the following three thresholds: It has gross revenues in excess of $25 million per year, It buys, sells, receives or shares for commercial purposes the personal information of at least 50,000 California consumers or households per year, OR It derives 50 percent or more of its annual revenues from selling consumers’ personal information Note that, due to the CCPA’s broad definition “personal information” — and of what constitutes “selling” personal information — a company may fall under threshold “B” if: It operates a website or app that uses third-party cookies for advertising or analytics, and  The website or app attracts at least 50,000 California visitors or users per year. 
What Are the Main Requirements Under the CCPA? The CCPA’s main obligations include: Notice: Businesses must provide consumers with notice of how they collect, use, and share personal information. This necessitates a comprehensive Privacy Policy. Control: Businesses must allow consumers to access and delete their personal information. How? By allowing consumers to opt out of the sale of their personal information. Security: Businesses must apply reasonable security procedures and practices to safeguard the personal information they store. This may include malware protection, staff training, and email security.  Violating any part of the CCPA can lead to civil penalties of: Up to $2,500 per unintentional incident (such as failing to implement proper security protections, leading to a data breach). Up to $7,500 per intentional incident (such as deliberately selling the personal information of consumers who have “opted out”). Data breaches can be particularly heavily penalized under the CCPA’s private right of action, with statutory damages of up to $750 per consumer, per incident.  Failing to implement proper data security practices could, therefore, lead to class action lawsuits in the billions of dollars, depending on the severity and extent of the breach. That’s why it’s so important organization’s level-up their cybersecurity. Still have questions? We answered 13 FAQs about the CCPA in this article. We also outline the 5 Things CISOS Should Know About The CCPA here.  New York SHIELD Act The New York Stop Hacks and Improve Electronic Data Security Act (NY SHIELD Act) is a New York State Act that came into full force in 2020. Again, if you want to read the full text, you can find it here. In a sentence, it’s a data breach notification law that imposes data security standards on covered businesses. Who Does the NY SHIELD Act Apply to? The NY SHIELD Act applies to “any person or business that owns or licenses computerized data which includes private information of a resident of New York.”  This includes businesses with no physical presence in the state. So, what’s “private information”? The Act’s definition is complex, but, broadly, it includes: A person’s full name, or first initial and last name, plus  At least one of the following unencrypted (or compromised) data elements: Social security number,  Driver’s license or other ID number,  Bank account or credit card number (plus security code or PIN),  Biometric data. OR: An email address or username, plus  A password, “secret question” answer, or any other means of access. It’s important to note that gaining access to these data points is easier than you might think. Just look at your mailing list. What Are the Main Requirements Under the NY SHIELD Act? The NY SHIELD Act consists of two parts: Data breach notification: Businesses must report any breach of the private information of New York residents to the affected persons and to various New York authorities “in the most expedient time possible and without unreasonable delay.” Data security program: Businesses must implement reasonable administrative, technical, and physical security measures to safeguard the private information of New York residents. This must include: Risk assessment of how employees transfer and communicate private information,  Appropriate software protection such as email security, Staff training on privacy and data security. Violating the SHIELD Act’s data breach notification requirements can lead to a civil penalty of up to $250,000. Oregon Consumer Identity Theft Protection Act (OCIPA) The Oregon Consumer Identity Theft Protection Act (OCIPA) (previously the Oregon Consumer Identity Theft Protection Act) is an Oregon state law that received significant amendments in 2019 (available here). It is a data breach notification law that imposes data security standards on covered businesses. Who Does OCIPA Apply to? OCIPA law applies to “any person that owns, maintains or otherwise possesses” the personal information of Oregon residents. OCIPA defines “personal information” in much the same way as the NY SHIELD Act, with two additional types of information included: Health insurance policy numbers and other health-related identifiers, Information about a person’s physical or mental diagnoses or history. This means that those working in healthcare have to be especially careful. You can read more about the frequency of data loss incidents in this specific sector in our blog: Data Loss Prevention in Healthcare.  What Are the Main Requirements Under the OCIPA? Like the NY SHIELD Act, OCIPA requires businesses to implement a “data security program” to maintain administrative, technical, and physical safeguards over the personal information they possess.  An OCIPA data security program must include measures such as: Designating an employee to oversee the program, Safeguarding against and and responding to cyberattacks Implementing anti-malware and email protection software Any data breach must be reported to the individuals affected “without unreasonable delay, but not later than 45 days” after discovering the breach. If the breach affects 250 or more Oregon residents, it must be reported to the Oregon Department of Justice. The maximum fine for failing to properly report a breach is $25,000 per violation. Next up: three of the most important US federal privacy laws. These are sector-specific, but they each apply more broadly than you might expect. Federal Laws Children’s Online Privacy Protection Act (COPPA) The Children’s Online Privacy Protection Act (COPPA) is a federal law first passed in 1998 and it covers the provision of goods and services to children. You can read the full text here, but we’ve answered key questions below.  Who Does COPPA Apply to? COPPA applies to anyone who operates a commercial website, online service, or mobile app that is: Directed at minors under the age of 13, or  Knowingly collecting the personal information of minors under the age of 13. While we can’t write an extensive list of all the different websites, services, or apps that meet these requirements, think of brands like Disney, Hasbro, and Mattel. Importantly, COPPA applies to non-US companies and content creators using platforms such as YouTube and TikTok.  Personalized advertising is a big target of COPPA enforcement. IP addresses and device IDs qualify as “personal information” under the Act. Most websites and apps collect this type of information. What Are the Main Requirements Under COPPA? Under COPPA, businesses are required to: Provide privacy notices to parents, Obtain parental consent before collecting, using, or sharing children’s personal information, Allow parents to opt out of the processing of children’s personal information, Allow parents to access their children’s personal information, Collect the minimum personal information necessary from children, Protect the confidentiality, security, and integrity of children’s personal information by maintaining reasonable security practices.  Violating COPPA can lead to fines of up to $43,280 per incident. In 2019, Google settled an alleged COPPA violation with the FTC for $170 million Health Insurance Portability and Accountability Act (HIPAA) The Health Insurance Portability and Accountability Act (HIPAA) is a federal law first passed in 1996. As the name suggests, it covers the healthcare sector. Who Does HIPAA Apply to? HIPAA applies to “covered entities,” including: Healthcare providers (e.g. doctors, physiotherapists, nursing homes, pharmacists, dentists, etc.) Health plans (e.g. health insurance companies, employee-sponsored health plans) Healthcare clearinghouses (e.g. billing services, community health information systems) Covered entities process “protected health information” (PHI), which covers 18 categories of personal information including: Names Email addresses IP addresses Medical record numbers IP addresses While “covered entities” deal directly with health information, HIPAA also applies to subcontractors of covered entities that require access to PHI. Such subcontractors are known as “business associates.” Some common types of companies that act as “business associates” include: Third-party claims management administrators Lawyers Medical transcriptionists Data analysts What Are the Main Requirements Under HIPAA? HIPAA places strict obligations on how covered entities and business associates process PHI, with rules covering: Privacy: Providing access to PHI to individuals (this is optional, unlike “the right to access” under the CCPA) Providing Privacy Notices when collecting or disclosing PHI, Training employees on matters of patient privacy. Security:  Assessing the risk to PHI from cybersecurity threats, Implementing anti-malware and email protection software, Reporting actual or suspected cyberattacks to the Office for Civil Rights as soon as possible, and within 60 days. Remember that privacy and security threats can come from outside or inside your organization.  In 2017, the Department for Health and Human Services settled an investigation with a HIPAA covered entity for $5.5 million after a trusted employee leaked the PHI of 80,000 individuals. You can read more about incidents involving Insider Threats (including two instances involving the NHS) in this blog: Insider Threat Types and Real-World Examples.) Penalties under HIPAA can range from $100 to $50,000 per violation. Gramm-Leach-Bliley Act (GLBA) The Gramm-Leach-Bliley Act (GLBA) is a federal law first passed in 1999 (available here). It covers the financial sector. Who Does the GLBA Apply to? The GLBA covers “financial institutions,” but this definition is broader than you might expect. The FTC defines a “financial institutional” as any business that is “significantly engaged in providing financial products or services.” So, alongside banks and investment firms, the GLBA covers following types of businesses: Check-cashing businesses  Payday and other non-bank lenders Mortgage brokers Real estate appraisers Professional tax preparers Certain courier services What Are the Main Requirements Under the GLBA? One of the chief obligations under the GLBA is to develop a written security program explaining how your business safeguards consumer information.  When it comes to creating a security program, GLBA’s requirements are fairly flexible, and include: Designating an employee to oversee the program, Identifying risks in each area of operation, and assessing the security safeguards relevant to that area, Adjusting the program in light of relevant risk factors and technological developments. While the GLBA’s security program requirement leaves plenty of room for maneuver, covered businesses would be expected to implement basic cybersecurity protections such as the encryption of consumer information and company-wide installation of security software, including data loss prevention solutions. GLBA violations incur particularly heavy penalties, including fines of up to $100,000 per violation and/or up to five years in prison. But, that isn’t deterring professionals working in Financial Services from mishandling data. According to Tessian research, the majority of employees have accidentally or intentionally exfiltrated data. How can I stay compliant? 
While every data privacy law is slightly different, each is consistent in saying that businesses must implement and maintain a cybersecurity program.  Tessian helps organizations across sectors stay compliant by protecting data on email.  Powered by machine learning, our Human Layer Security technology understands human behavior and relationships, enabling it to automatically detect and prevent anomalous and dangerous activity. Tessian Enforcer detects and prevents data exfiltration attempts Tessian Guardian detects and prevents misdirected emails Tessian Defender detects and prevents spear phishing attacks Learn more by booking a demo. Or, you can read through our customer stories, including those operating in Healthcare and Financial Services.
Read Blog Post
ATO/BEC
Look Out for “Back to School” Scams
By Maddie Rosenthal
Wednesday, July 8th, 2020
It’s the time of year where universities are sending more emails than normal as they make preparations to welcome students back in the fall and relay updates on their plans to transition to remote learning. Staff and students need to be aware though; hackers will use this ‘back to school’ momentum and will likely be impersonating trusted universities in phishing attacks to try and steal intellectual property as well as students’ valuable personal and financial information. It is, therefore, worrying that nearly all of the top 20 universities in the US and the UK are potentially at risk of having their institution’s domain impersonated by scammers in phishing emails.
In fact, Tessian’s researchers reveal that 40% of the top 20 US universities and 30% of the top 20 UK universities are not using Domain-based Message Authentication, Reporting & Conformance (DMARC) records. And while the other universities we analyzed have published a DMARC record, the DMARC policies had not been set up to ‘quarantine’ or ‘reject’ any emails from unauthorized senders using its domains. Just 10% of the top 20 UK universities had DMARC set to the strictest settings to prevent domain abuse. Why does this matter? Without DMARC records in place, or without having DMARC policies set at the strictest settings, hackers can easily impersonate a university’s email domain in phishing campaigns, convincing their targets that they are opening a legitimate email from a fellow student, professor or administrator at their university. From that phishing email, hackers could lure staff or students to a fake website that has been set up to steal account credentials or request that their targets send personal or financial information. Against the backdrop of “back to school” and the shift to hybrid learning environments (with some universities restricting access to campuses), it wouldn’t seem out of the ordinary for a university to request this information. Students, therefore, may not realise they are being scammed – especially if the email domain looks legitimate. Configuring email authentication records like DMARC, and setting policies to the strictest settings, are necessary measures for preventing attackers from directly impersonating your company’s email domain. However, organizations also need to be aware that DMARC is not a silver bullet and hackers will find ways around it.
Why isn’t DMARC enough to prevent impersonation? Firstly, DMARC records are inherently public, and an attacker can use this information to select their targets and attack methods, simply by identifying organizations without an effective DMARC record. If your company has a strict email policy in place, the attacker can still carry out an advanced spear phishing attack by registering look-a-like domains, betting on the fact that a busy employee or distracted student may miss the slight deviation from the original domain. Secondly, while your organization might have DMARC in place, your external contacts may not. This means that while your company domain is protected against direct impersonation, your employees may be vulnerable to impersonation of external contacts like partners, suppliers or government bodies. What can you do to avoid being targeted by these scams? As universities plan to welcome students back next month – and inundate inboxes with updates between now and then — it’s critical that they take action to build robust security measures that can protect their staff and students against email scams. Here are some top tips to help you avoid the back to school scams. Cybersecurity tips for universities: Assess email security policies and solutions: Are they robust enough to spot sophisticated spear phishing attacks? Enable multi-factor authentication: This easy-to-implement security precaution helps prevent unauthorized individuals from accessing systems and data in the event a password is compromised. Increase awareness: Make staff and students aware of potential scams and provide advice on what they should look out for (for example, carefully inspect deviations in the email domain and inspect URLs). Ask staff and students to report incidents: Security and IT teams have a better chance of remediating new threats and preventing future ones. Cybersecurity tips for faculty staff and students: Think before you share: Never share direct deposit details or your personal information like your Social Security number on an unfamiliar website. Think before you click: If anything seems unusual, do not follow or click links or download attachments. Verify the request: If you receive an email from your university asking for urgent action, question its legitimacy and if you’re not sure, contact the university directly to verify the request. Report threats to the university: Security and IT teams will be able to investigate incidents and take action to prevent similar threats in the future.
Read Blog Post
Life at Tessian
Launching Plus, A Tessian LGBTQ+ Network
By Leon Brown
Tuesday, June 30th, 2020
Across continents, the Tessian community is formed of diverse and intersectional people collectively working to secure the Human Layer. But, this month we’re proud to honor the contributions of LGBTQ+ Tessians and the importance of freedom of sexual orientation and gender expression in the workplace. With Human First as a core value at Tessian, we approach everything with empathy and we look out for each other alongside our own wellbeing. Respect, kindness, and inclusion are at the core of our company because our humanity is what makes us who we are. That’s why we’re launching Tessian Plus. And, we’re thrilled that within one month of launching the initiative, the group already holds more than 10% of the company — a significant minority and higher than the expected average. The Plus mission Plus is formed around a core mission to:  Ensure an inclusive and respectful environment for all employees Raise awareness of, and represent the views and issues of, LGBTQ+ employees Provide a support network for LGBTQ+ employees Create opportunities to socialize with other LGBTQ+ employees Offer confidential support when needed Provide guidance to Tessian as an employer on policy and how to enhance its diversity strategy What is Plus? Plus is an employee-led LGBTQ+ resource group for anybody identifying as LGBTQ+. The group operates as a “safe space” for all Tessian LGBTQ+ employees to network, socialize, and share experiences behind closed doors. With Plus, we’re proud to create a private community for employees to express their sexual orientation and gender identity. And, by building from the ground-up, we will form a vocal committee of LGBTQ+ employees who can advise Tessian’s leadership on policies+, diversity initiatives, and how to operate as a point of contact for employees experiencing homophobic, biphobic, or transphobic bullying and harassment. It’s important that these channels are private. Why? Because even though we enjoy a culture of general acceptance of LGBTQ+ professionals in the workforce both in the UK and US, keeping the community private and confidential ensures it’s a safe space – especially for those individuals who aren’t as comfortable wearing their identity on their sleeve. That’s why it’s essential that we always work to preserve peoples’ right to decide when it is right for them to publicly disclose their identity.
Why are we launching Plus now? Last year marked the 50th anniversary of the New York Stonewall Riots — a pivotal event in the modern fight for LGBTQ+ rights in the US and worldwide — during which black and latinx trans women led days of riots against police in response to an unlawful police raid on The Stonewall Inn, a bar primarily serving the marginalized LGBTQ+ community in New York’s Greenwich Village. Globally – from the UK Gay Liberation Front, to the Lavender Menace, and to Black Power groups – Stonewall was a symbol of struggle against systemic oppression. In the months that followed, and frustrated with discrimination in the justice system and public harassment from police, LGBTQ+ figures and people of color led the frontline in protests that created an intersectional movement across activist groups that exists today in the form of The Stonewall Foundation. From the following June, in commemoration of Stonewall and for the continued fight for LGBTQ+ rights, a Christopher Street Day Parade was held to celebrate the LGBTQ+ figures and people of color who dedicated their lives to furthering the rights of humans worldwide. This has continued every year since and is why we celebrate Pride Month in June. Though we have made huge strides towards equality for LGBTQ+ communities in the last fifty years, particularly in the UK, with same-sex marriage equality and employment equality — for true equality to be eternally ours, we must use our privilege and right to protest to continue the tradition of Pride Month. This year, of course, is different than years before. Our remote “new normal” has presented a challenge to the typical vehicles for LGBTQ+ visibility. Pride floats are digital, and events are canceled, leaving people isolated from their usual support networks. We must therefore work harder than ever to bring the LGBTQ+ community together, around a core mission of inclusivity and family. So, this June – and as a proud Tessian LGBTQ+ community – we are coming together to celebrate the contributions of LGBTQ+ Tessians and support freedom of sexual orientation and gender expression worldwide and form the Plus employee resource group. We’re providing LGBTQ+ Tessians with a safe space to socialize, celebrating LGBTQ+ history, and sharing experiences within the LGBTQ+ community.
Read Blog Post
Data Exfiltration, Email DLP, Integrated Cloud Email Security
Research Shows Employees Are Less Likely To Follow Safe Data Practices At Home
Friday, June 26th, 2020
While organizations may have struggled initially to get their employees set-up to work securely outside of their normal office environment, by now, most have introduced new software, policies, and procedures to accommodate their new distributed teams.  Problem solved, right? Not quite. While 91% of IT leaders trust their employees to follow security best practice while out of the office, almost half (48%) of employees say they’re less likely to follow safe data practices when working remotely and a further 52% say they feel as though they can get away with riskier behavior when working from home.   In our latest research report, The State of Data Loss Prevention 2020, we explore the reasons why.  Key findings include: 50% of employees say they’re less likely to follow safe data practices when working from home because they’re not working on their usual devices. 48% of employees say they’re less likely to follow safe data practices when working from home because they feel as though they’re not being watched by their IT teams. 47% of employees say they’re less likely to follow safe data practices when working from home because they’re distracted. Read on to learn why this matters and what you can do to promote safer security practices in your organization.
Why is data loss prevention (DLP) harder when workforces are remote? 84% of IT leaders say that DLP is more challenging when employees are working remotely. It makes sense. One or two offices have become thousands of virtual offices which means maintaining visibility over data flow is more difficult than ever.  People are relying more heavily on email and other communication tools and are therefore sending data more frequently. Security and IT teams have limited control over how employees handle physical data (for example how they print, store, and dispose of documents). And there’s been a spike in inbound attacks like phishing since the outbreak of COVID-19.  This is to say that organizations are more vulnerable across email security, physical security, and network security. While there are tools to detect and prevent incidents, data loss prevention ultimately relies on people. After all, it’s people who control our systems and data. They’re the gatekeepers of an organization’s most sensitive information. But, despite IT leaders’ confidence and optimism (91% say they trust their employees to follow security best practice while out of the office), nearly half (48%) of employees say they’re less likely to.   !function(e,t,s,i){var n="InfogramEmbeds",o=e.getElementsByTagName("script"),d=o[0],r=/^http:/.test(e.location)?"http:":"https:";if(/^\/{2}/.test(i)&&(i=r+i),window[n]&&window[n].initialized)window[n].process&&window[n].process();else if(!e.getElementById(s)){var a=e.createElement("script");a.async=1,a.id=s,a.src=i,d.parentNode.insertBefore(a,d)}}(document,0,"infogram-async","//e.infogram.com/js/dist/embed-loader-min.js"); The question is: Why?
1. 50% of employees say they’re less likely to follow safe data practices when working from home because they’re not working on their usual devices. Most of us have dedicated workstations in the office and have grown accustomed to certain equipment. Whether it’s multiple monitors, a desktop, a keyboard, a printer, or a trackpad, we’re comfortable working on our usual devices.  At home, not all of us are so lucky. And, while security and IT teams around the world have worked hard to get their teams set-up at home, there have been delays and even cancellations in global supply chains providing laptops, cell phones, and other technology.  What to do about it: If you’re unable to get your employees the equipment they need, you should consider BYOD policies. We’ve covered the benefits, potential security risks, and tips for employers and employees in this blog: Remote Worker’s Guide To: BYOD Policies.  You can also implement training sessions for new devices to ensure your employees feel comfortable using them. (Be sure to also train your employees on any new applications or software!) 2. 48% of employees say they’re less likely to follow safe data practices when working from home because they feel as though they’re not being watched by their IT teams. While we can say with confidence that the average employee wants to do the right thing when it comes to security, it’s important to remember that first and foremost, they want to get their jobs done. And, if security policies, procedures, or software makes that difficult or prevents them from doing it all together, they’ll find a workaround.  In fact, 54% of employees say exactly that. !function(e,t,s,i){var n="InfogramEmbeds",o=e.getElementsByTagName("script"),d=o[0],r=/^http:/.test(e.location)?"http:":"https:";if(/^\/{2}/.test(i)&&(i=r+i),window[n]&&window[n].initialized)window[n].process&&window[n].process();else if(!e.getElementById(s)){var a=e.createElement("script");a.async=1,a.id=s,a.src=i,d.parentNode.insertBefore(a,d)}}(document,0,"infogram-async","//e.infogram.com/js/dist/embed-loader-min.js"); In an office environment, it’s easier for IT and security teams to maintain visibility of employee behavior. They can see if someone isn’t locking their laptop. They can see if someone is using a USB stick when they shouldn’t. They can see if someone has skipped security training. But, IT and security teams aren’t just there to enforce rules. They’re also there to educate employees and build a strong security culture. That’s harder with distributed workforces.
What to do about it: Communicate, communicate, communicate. Whether it’s sharing information about new threats, reminding employees of security do’s and don’ts, or offering an individual or team kudos for secure behavior, you need to consistently remind your team not only that you’re there, but that you’re there to help. But, you shouldn’t over-communicate. That means you should ensure there’s one point of contact (or source of truth) who shares updates at a regular, defined time and cadence as opposed to different people sharing updates as and when they happen. 3. 47% of employees say they’re less likely to follow safe data practices when working from home because they’re distracted. We’re not just working from home. We’re working from home during a crisis. It’s essential that security and business leaders keep this in mind. While most of us are trying to conduct “business as usual”, most of us are also dealing with a range of challenges. Parents have suddenly taken on the roles of teachers. Living rooms have been turned into makeshift coworking spaces for partners and roommates. Employees are navigating mass lay-offs and furlough schemes. Current social and political unrest is triggering emotional stress and anxiety. The bottom line: There’s a lot going on.  That means people are more likely to make mistakes. They may send an email to the wrong person. They may misconfigure a firewall. They may make sensitive documents public instead of private on a Google Drive. While these are “small” mishaps, they can have big consequences. In fact, each of the above incidents has caused a data breach.   What to do about it: Start by being empathetic and compassionate. Take the mental wellbeing of your employees seriously and give them the tools, resources, and support they need to thrive. We’ve put together some tips in this blog: 3 Practical Ways to Support Mental Wellbeing in the Workplace. Beyond that, though, you have to implement solutions that prevent human error. Why? Because it’s simply not fair (or realistic) to rely on people to do the right thing 100% of the time.  Tessian does this across three solutions: Tessian Enforcer detects and prevents data exfiltration attempts Tessian Guardian detects and prevents misdirected emails Tessian Defender detects and prevents spear phishing attacks Curious how frequently these incidents are happening in your organization? Click here for a free threat report. How does Tessian support employees and security leaders working remotely? Tessian turns an organization’s email data into its best defense against inbound and outbound email security threats. Powered by machine learning, our Human Layer Security technology understands evolvong human behavior and relationships, enabling it to automatically detect and prevent anomalous and dangerous activity. 
Best of all: It works silently in the background across devices. That means employees can do their job without security getting in the way and they’re protected, wherever they work. Tessian bolsters training, reinforces policies and procedures, and enables employees to do their best work.  And, with Human Layer Security Intelligence, security, IT, and compliance leaders get clear visibility into employee behavior with visualized insights and automated threat intelligence. That means detecting and preventing human error is easier than ever and organizations can continuously lower the risks of misdirected emails, data exfiltration, and impersonation attacks.
To learn more about Tessian’s solutions, book a demo. And, for more insights around data loss on email (including the most and least effective solutions) read the report: The State of Data Loss Prevention 2020.
Read Blog Post
ATO/BEC, Email DLP, Integrated Cloud Email Security
Tessian Human Layer Security Summit: Your Questions, Answered
Wednesday, June 24th, 2020
Last week, Tessian hosted the world’s first Virtual Human Layer Security Summit and, over the course of three hours, thought leaders from some of the world’s leading organizations shared insights and advice around business continuity, cybersecurity, and what the future looks like. Throughout the Summit, we asked the audience to submit questions but, with over 1,000 people tuning in, we weren’t able to address them all. Better late than never! Here are answers to some of your most pressing questions.  Did you miss the Human Layer Security Summit? You can view each session in the playlist below and you can read the key learnings from the day here: 13 Things We Learned at Tessian Virtual Human Layer Security Summit. You can also sign-up for our newsletter to ensure you’re the first to hear about upcoming events and other relevant industry and company news. 1. What is Human Layer Security? Human Layer Security (HLS) a new category of technology that secures all human-digital interactions in the workplace. Instead of protecting networks or devices, Human Layer Security protects people (employees, contractors, customers, suppliers). Why? Because people control our most sensitive systems and data. They’re the gatekeepers of information.  Tessian’s Human Layer Security technology understands human behavior and relationships, enabling it to detect and prevent dangerous activity like data exfiltration, accidental data loss, and spear phishing attacks. Importantly, Tessian’s technology learns and adapts to how people work without getting in the way or impeding productivity. You can learn more about this new category of security in our Ultimate Guide to Human Layer Security.  2. What are some of the key risk indicators used to measure human fallibility?  In the context of email security, Tessian looks at three key human vulnerabilities:  People break the rules  People make mistakes People can be easily tricked While risk indicators vary based on the vulnerability, monitoring data handling (both physical and digital) and assessing employee’s understanding of cybersecurity best practices should help you understand how risky or at-risk a particular employee is. Read: Insider Threat Indicators: 11 Ways to Recognize an Insider Threat  For example, if someone in your HR department consistently falls for phishing scams during simulations, they’re at risk of falling for one in real-life. Likewise, if someone in your finance department doesn’t change their passwords as requested, they may be more likely to break other security rules. But, keeping track of every employee and their attitudes towards security is nearly impossible, especially in large companies. That’s why solutions like Tessian are essential.  With Tessian Human Layer Security Intelligence, you’ll be able to see at a glance which employees are breaking the rules, making mistakes, and getting hacked. You’ll also be able to review historical data to see how behaviors have changed (for better or worse) in order to correct or reward individuals.  Want to learn more about how Tessian Human Layer Security Intelligence helps security teams maintain visibility of the Human Layer risks in their organizations? Read our blog, which outlines use cases, benefits, and more.
3. In the context of remote-working, how does decreased focus impact security? Over the last several months, we’ve been talking a lot about remote-working and how these new set-ups can impact cybersecurity. And, while there are a lot of technical challenges to overcome – from setting up VPNs to onboarding and offboarding employees while out of the office – we can’t ignore the more human challenges. Tessian actually took a closer look at these challenges in our latest research report, The State of Data Loss Prevention 2020, and found that 91% of employees are less likely to follow safe security practices when working from home. But why?  47% said it’s because they’re distracted. And, it makes sense. When working from home, people have other responsibilities like childcare, roommates and, more often than note, they don’t have dedicated workstations like they do in their normal office environment. That means it’s easier to make mistakes. This isn’t trivial. One misdirected email could cause a data breach. It only takes one click of a mouse.  4. Does Tessian believe that employees are always trying to “get away” with something?  The short answer: absolutely not. We believe that the average employee is just trying to do their job and, if you give people the opportunity to make smart security decisions, they will. But, too often, security policies, procedures, and tech get in the way. And that’s where you run into problems.  51% of employees say security tools or software impede their productivity and a further 54% say they’ll find a workaround if security software or policies prevent them from doing their job. So, what do you do? Find a better way! Make the easiest path the most secure path.  This is a part of Tessian’s ethos. That’s why our solutions work silently in the background, have low flag rates for false positives, and reinforce security policies with contextual warnings.   5. What are some effective ways to change human behavior?  Training, a strong security culture, and tech. Importantly, you have to have all three. You have to first educate employees on why security matters for the larger organization and then explain how individual behaviors can impact its overall security posture. Of course, one training session isn’t enough to make the message stick. Security awareness training should be ongoing.  In fact, security should be baked into the overall business. That way, you create a strong security culture (which should start from the top-down) that really values and rewards secure behavior. But, even reinforcing security best practices isn’t enough. (Read our report: Why the Threat of Phishing Can’t be ‘Trained Away’.) To err is human.  Whether accidental or malicious, data loss incidents happen – even with regular training – which means your people shouldn’t be the last line of defense. Tech should be. Ideally, that tech will bolster training by reinforcing policies and procedures.  Tessian does this via contextual warnings that empower the employee to make his or her own decision, while also giving security teams full oversight.
6. How can you teach people outside of the cybersecurity team how to spot phishing emails and other social engineering attacks?  As we’ve said, the average employee just wants to do their job. They don’t want to be a security expert. That’s why it’s so important to teach people about security risks in terms they understand and care about. We’ve found that one of the best ways to teach employees how to spot phishing emails is to use consumer examples. For example, stimulus check scams, Tax Day scams, and Census scams.  Once you have several examples, make sure you point out what’s suspicious about the email and what to do if and when an employee receives one. If you work in a highly-targeted industry, make sure you reinforce frequent training with posters, PDFs, and other resources. We put together a guide – including examples – for COVID-19 attacks, which you can download at the bottom of this blog: Coronavirus and Cybersecurity: how to Stay Safe From Phishing Attacks. Feel free to share it with your employees!  7. What is your advice for a Cybersecurity Master’s student looking to explore the job sector? There is no right (or wrong) way to break into the industry. Cybersecurity is incredibly diverse and no one job, company, or project is the same. While you’re in school, get as much work experience as you can to find out what really ignites your passion. But, don’t take our word for it! Check out the profiles of over a dozen cybersecurity professionals on our blog. Or, read our report, Opportunity in Cybersecurity 2020, for an overview of the industry and what it has to offer new entrants.  Oh, and be sure to check out our open roles, too. Do you have more questions about Tessian or cybersecurity? Email madeline.rosenthal@tessian.com and we’ll get back to you. You can also book a demo to see how Tessian’s solutions can help prevent data loss incidents in your organization.
Read Blog Post
Integrated Cloud Email Security
How to Adapt: 7 Tips from Upwork’s Former CEO
By Maddie Rosenthal
Monday, June 22nd, 2020
In case you missed it, Tessian hosted the world’s first Virtual Human Layer Security Summit on June 18. While the majority of presentations, panel discussions, and fireside chats were focused specifically on how the sudden transition from office to home impacts cybersecurity, a few speakers touched on the new world of work more broadly. One of those speakers was Stephane Kasriel, Former CEO of Upwork. For context, Upwork has maintained a hybrid remote-working structure across 500 cities for 20 years. It’s a part of the company’s DNA. The point? He’s in a better position than most to offer advice on how to adapt and overcome the challenges that come with distributed workforces. While you can watch his interview with Tessian Co-founder and CEO Tim Sadler below, we’ve summarized his top 7 tips. 
1. Lead with empathy. The Golden Rule. Above all else, Stephane recommends leaders treat others the way they want to be treated. While it may seem obvious, it’s an excellent reminder, especially now as our employees are grappling with so much fear, anxiety, and stress around the pandemic and other triggering social and political issues. Put yourself in their shoes and identify the tools, resources, and support they need to thrive. 
2. Err on the side of over-communication. Let’s face it, communicating is often easier in-person. That’s why it’s so important we over-communicate when working remotely.  How? Repeat yourself, touch base frequently over Zoom or Slack, share minutes post-meeting, schedule frequent catch-ups with people outside of your immediate team, and never assume people know what you’re thinking.  3. Take advantage of a global talent pool. One of the most compelling arguments in favor of remote-working is the diverse talent pool recruiters suddenly have access to. Whereas traditionally, we’re forced to employ people who live near offices or headquarters, remote-working structures allow organizations to find people who are truly passionate about their work and who are aligned with company values.  Importantly, this isn’t just a benefit for employers. It’s a huge bonus for employees, too. Many of us opt to live in major cities because, well, that’s where the jobs are. If given the choice, we’d forgo higher-than-average costs of living and relocate to work online and out of the office. Win-win! 4. Be considerate of time zones and working hours. Whether your entire team is based in the same region or you have employees dotted across continents, business and security leaders must be considerate of time zones and working hours.  We simply can’t expect people to be available and online 24 (or even 12!) hours a day, especially now when people are working hard to balance the needs of children, roommates, partners, and even parents.  That means switching from a very synchronous model where everybody’s online at the same time to something that’s more asynchronous. Take advantage of tools like Loom, encourage employees to use email, Slack, and other channels, and implement sign-off processes that are smooth, regardless of where and when people are working.  Looking for more collaboration tools? Check out this blog: 11 Tools to Help You Stay Secure and Productive While Working Remotely. 5. Measure success based on facts specific to your organization, not headline statistics. Most of us have read at least one headline around how employee productivity is lower when they’re working from home. If you ask Stephane, this simply isn’t true. At least not in Upwork’s case. “There is no data that shows that worker productivity goes down when people are working remotely. In fact, there’s tons of data that shows the opposite,” he said. Remote working doesn’t just improve productivity. It boosts retention. Stephane says that people who work remotely stay with the company twice as long as the people who are based in the HQ locale The bottom line: what works for some may not work for others, and vice versa. Measure success within your own organization to see what works for you and your people, not for everyone else. 6. Ask for, listen to, and document feedback. It takes a village to be successful and diverse opinions are needed for businesses to thrive.  Ask your employees how they feel about company culture, policies, procedures, and their workloads and heed their advice. While you may not be able to action all of their feedback, ensuring that they feel heard will help bolster a sense of community. At Tessian, we use Peakon to track and document employee satisfaction. What do you use? 7. Stay agile. The outbreak of COVID-19 has catapulted us into the future.
Adopt new technologies. Embrace new ways of working. Lean on peers and professional networks for advice.  Fortunately, there are plenty of trailblazers who have done some of the hard work for us. Upwork, of course, is one and they’ve put together an incredible content hub for business leaders with advice around building and managing remote teams.  Looking for more resources? Tessian has also created content hub with advice for security, IT, and compliance leaders. This includes information about BYOD policies, Data Loss Prevention (DLP), and how to spot COVID-themed phishing attacks. Check it out!
Read Blog Post
Customer Stories, ATO/BEC, Email DLP, Integrated Cloud Email Security
13 Things We Learned at Tessian Virtual Human Layer Security Summit
Thursday, June 18th, 2020
Tessian’s Virtual Human Layer Security Summit was an incredible success thanks to our partners, speakers, and – of course – all of those who attended. Over 1,000 security, IT, compliance, business, and HR professionals watched as we explored how business models have changed, what these changes mean for all of us, and what to expect over the next several months. If you weren’t able to tune into the Summit yesterday, don’t worry! You can watch the full video below or access it on-demand. We’ve summarized some of the key points into relevant and actionable advice. Share these with your co-workers, share them on social media, or bookmark this blog for yourself. Here’s what we learned at Tessian Virtual Human Layer Security Summit.
1. We must treat our employees with empathy and compassion.  While the event was focused on cybersecurity and tech, one of the most important takeaways from the day is about being human. The Summit kicked off with an important reminder from Bobby Ford, Vice President and Global CISO at Unilever: “We’re not just working from home, we’re working from home during a crisis.” While – yes – we’re all trying to conduct “business as usual”, all of us are dealing with unique challenges. Many parents have suddenly taken on the roles of teachers, and living rooms have been transformed into makeshift co-working spaces for partners and roommates. And this doesn’t even account for the emotional stress of a global pandemic and current social and political unrest.  There’s a lot to navigate, process, and overcome, and many of us are distracted, stressed, and anxious. And that’s okay. As leaders and as humans, we have to be empathetic and compassionate. We have to take the mental wellbeing of our employees seriously and give them the tools, resources, and support they need to thrive, wherever they’re working.
2. The secure thing to do should be the easiest thing to do.  Let’s face it. Security isn’t the average employee’s top priority. They just want to do their job. Over half (54%) of employees say they’ll find a workaround if security software or policies make it difficult or prevent them from doing their job.  That’s why it’s so important that we implement policies, procedures, and tech that’s frictionless.  Bobby put this into perspective with an example from his own life.  When you’re a parent helping your son or daughter learn how to walk, what do you do? Child-proof the house and get outta the way! That’s what we need to be doing as security leaders. Make sure the most secure path is the path of least resistance, whether that’s ensuring your employees have a secure way to print and dispose of documents or implementing flexible BYOD policies.  3. Detection and prevention alone aren’t enough.  We all work hard to detect and prevent both inbound and outbound threats. And, while even that isn’t always easy, that’s not our only job. We also have to have to maintain visibility of risks, manage teams that are often thinly stretched, move quickly from investigation to remediation, and communicate threats to executive teams.  Almost impossible, right? Not anymore.  Tessian’s Group Product Manager, Harry Wetherald and Product Marketing Manager, Shanthi Shambathkumar, announced some very exciting news during the Summit: the launch of Human Layer Security Intelligence. With HLS Intelligence, security leaders can now predict, prevent, and protect against threats with zero manual investigation. That means you can continuously and proactively downtrend risks in your organization. Want to learn more? We outline all the benefits of Human Layer Security Intelligence and explore use cases on our blog: Introducing Tessian Human Layer Security Intelligence. 4. Executive teams must invest in security now.  While cybersecurity has historically been a siloed department, it’s becoming more and more integrated with overall business functions. In fact, it can actually be a business enabler and a unique selling point for customers and prospects.  But, only if your organization is secure. And, as Clive Novis, Chief IT Risk Officer at Investec pointed out, it takes a village to ensure data is protected which means cybersecurity initiatives must get support from senior executives first. During the customer panel discussion, he said “The tone is set from the top in terms of the security culture. They help ensure not only that controls are effective, but that those controls are consistent across the globe.” Needless to say, this is more important now than ever. As we continue to adapt to new remote and hybrid working structures, many of us are introducing new policies and solutions and we need buy-in across departments for these policies and solutions to work. 5. Email is the #1 threat vector.  Over the last few months, we’ve heard a lot about the dangers of Zoombombing. But, we’ve heard even more about COVID-19 themed phishing attacks, Tax Day scams, and 2020 Census scams. (Jump to #7 for more information.) With that said, email is the threat vector most security and IT leaders are concerned about.
It makes sense. Over 124 billion business emails are sent and received every day and employees spend 40% of their time on email sharing memos, spreadsheets, invoices, and other sensitive information and unstructured data. It’s a gold mine. The bottom line: We need to be leveling up our DLP efforts on email. 6. Security incidents are happening up to 38x more than IT leaders currently estimate.  During the Summit, Tessian Co-founder and CEO Tim Sadler presented some of the key findings from our most recent report The State of Data Loss Prevention 2020. Our research reveals that data loss on email is a bigger problem than most realize, that remote-working brings new challenges around DLP, and that the solutions currently deemed most effective may actually be the least. While we addressed the frequency of misdirected emails and malicious data exfiltration, one of the most startling facts involves employees sending company data to personal email accounts.  At Tessian, we call these unauthorized emails, and according to our platform data, they’re being sent 27,500 times a year in organizations with 1,000 employees. Meanwhile, IT leaders estimate just 720 are sent. That’s a big difference and highlights the need for effective data loss prevention solutions.  Follow the links to learn more about how Tessian detects and prevents accidental data loss and data exfiltration attempts.  7. Phishing is still a big problem.  While phishing has always been a problem for organizations, we’ve seen a marked spike in incidents over the last few months. And it’s not just Tessian who has taken note. Elvis Chan, Supervisory Special Agent, National Security at the FBI has, too.  For him, phishing is the biggest risk.
What does this mean for you? Continue educating your employees about the risks associated with phishing and how to spot these attacks and ensure they’re protected with tech.  8. Security policies don’t stick unless they’re continuously reinforced.  We’ve said it before, but we’ll say it again: The average employee doesn’t care about security as much as you do. They just want to do their job. That means we have to continuously reinforce security policies, especially now that workforces are distributed.  But, repetition isn’t enough.  We have to communicate in terms our employees understand. Angela Henry, Business Information Security Officer at Rand Merchant Bank, recommends educating employees on business data privacy best practice alongside consumer data privacy best practice. Share tips that are relevant to their personal lives. Offer advice on how to keep their children secure online. Prepare resources around how to stay safe on e-commerce sites. Not only does this help foster a positive security culture in the office, but it also helps employees stay safe and secure at home.  9. …And policies aren’t effective unless they’re bolstered by technology.  While educating employees about policies is a vital part of any security strategy, it isn’t enough to prevent inbound and outbound threats and subsequent data breaches.  After all, we’re only human. We break the rules, make mistakes, and can be easily tricked. In fact, 44% of breaches are caused by human error. Elvis summed it up nicely when he said, “Even if we’re at technology 5.0, we’re still at human being 1.0.”  So, what do we do? Garrett recommends bolstering training with technology to ensure that people aren’t the last line of defense, saying “My ultimate view is that user awareness training is fine but – in mathematical terms – it’s necessary but not sufficient. I think it needs to be used in conjunction with other tools.” 10. Security needs diversity to thrive.  Throughout the Human Layer Security Summit, we talked a lot about security pre- and post-pandemic. But, Merrit Baer, Principal Security Architect at Amazon Web Services pointed out something else we shouldn’t forget.
She’s right. Cybersecurity needs diversity to thrive.  This diversity isn’t limited to gender or ethnic diversity. The field is wide open for a range of educational and professional backgrounds, from psychology majors to business analysts and just about everything in between.  You can read more about the opportunities available in cybersecurity in our report Opportunity in Cybersecurity 2020. 11. Remote working isn’t temporary. According to a recent poll by 451 Research, 38% of businesses expect work-from-home strategies will continue post-pandemic. And, when you consider companies like Facebook have already announced they’re permanently embracing remote-work, we should expect more to follow. The point? We should equip our workforces to thrive at home and ensure that we’re maintaining a strong security culture company-wide while also supporting our employees mentally and emotionally. (See #1.)  12. …And that doesn’t have to be a bad thing.  There are new and perennial challenges we must overcome in order to support a full-time remote workforce, but there are a number of benefits, too. Don’t take our word for it. Stephane Kasriel, Former CEO of Upwork – a company that has maintained a hybrid remote-working structure across 500 cities for nearly a decade – offered attendees of the Summit several reasons why this is something to look forward to, not dread.  To start, remote-working enables companies to find and work with the best talent, not just local talent. Beyond that, employees have more freedom to design their lives. They can more easily balance work and life, relocate as and when they need or want to, and create environments in which they can really thrive.  13. The Secret? Adapt, adopt, evolve. Repeat.  If there’s one thing that was made clear throughout every panel discussion, fireside chat, and interview, it’s that things have changed and will continue to change. The only way to succeed is to adapt and evolve. Adopt new technologies. Embrace new ways of working. Lean on peers and professional networks for advice.  In the spirit of change, we’ve put together a list of resources that will help you navigate security and business challenges of the present and future.  Security During Uncertainty: 6 Steps Security Leaders Can Take to Reduce Risk Cyber Culture in the Time of COVID COVID-19 and the Digital Pandemic Upwork Remote Work Resources COVID-19: Real-Life Examples of Phishing Emails 13 Cybersecurity Sins When Working Remotely Advice From Security Leaders for Security Leaders: How to Navigate New Remote-Working Challenges Remote-Worker’s Guide To: Preventing Data Loss 11 Tools to Help You Stay Secure and Productive While Working Remotely Did we miss anything? Feel free to email madeline.rosenthal@tessian.com with your key learnings.
Read Blog Post
ATO/BEC, Data Exfiltration, Email DLP, Integrated Cloud Email Security
Insider Threat Indicators: 11 Ways to Recognize an Insider Threat
By Maddie Rosenthal
Friday, June 12th, 2020
Detecting and preventing Insider Threats isn’t easy. Why? Because unlike external bad actors, Insiders – whether a disgruntled employee, a distracted freelancer, or a rogue business partner – have legitimate access to systems and data. That means they’re in an ideal position to exfiltrate data. So, how do you spot one? To start, you have to know what an Insider threat is and understand the different methods and motives behind these data exfiltration attempts. What is an Insider Threat? We’ve covered this in detail in this article: What is an Insider Threat? Insider Threat Definition, Examples, and Solutions. But, to summarize:
Insider Threats can be malicious or the result of negligence.  Malicious Insiders knowingly and intentionally steal data and generally do so for one of three reasons: financial incentives, a competitive edge, or because they’re dissatisfied at work. Negligent Insiders are just your average employees who have made a mistake. For example, they could send an email to the wrong person, misconfigure a system, fall for a phishing email, or lose their work device.   How often do incidents involving Insider Threats happen? More often than you might think. In fact, there’s been a 47% increase in incidents over the last two years. We discuss seven recent examples in this blog: Insider Threats: Types and Real-World Examples.   While every incident is different, there are some tell-tale signs of an Insider Threat.  Insider Threat indicators: Malicious Insiders Malicious Insiders may act suspiciously well before they actually exfiltrate any data. For example: 1. Declining performance or other signs of dissatisfaction As we’ve said, one reason why Insiders exfiltrate data is that they’re dissatisfied at work. It could be because of a poor performance appraisal, because they were denied a promotion or raise, or because of a disagreement with a co-worker or manager.  Whatever the reason, 1 in 10 Insider Threats is motivated by a grudge. Look out for a consistent or sudden decline in performance or attitude and for employees who become angry or combative. Employees who are actively looking for other jobs should also be on your radar. While they could simply be moving on to a new opportunity, they may be inclined to steal data in order to impress or bribe a new or potential employer.  Don’t believe us? 45% of employees download, save, send, or otherwise exfiltrate work-related documents before leaving a job or after being dismissed. This number nearly doubles in highly competitive industries like Financial Services and Business, Consulting, & Management.  !function(e,t,s,i){var n="InfogramEmbeds",o=e.getElementsByTagName("script"),d=o[0],r=/^http:/.test(e.location)?"http:":"https:";if(/^\/{2}/.test(i)&&(i=r+i),window[n]&&window[n].initialized)window[n].process&&window[n].process();else if(!e.getElementById(s)){var a=e.createElement("script");a.async=1,a.id=s,a.src=i,d.parentNode.insertBefore(a,d)}}(document,0,"infogram-async","//e.infogram.com/js/dist/embed-loader-min.js"); 2. Unusual working hours While passion and enthusiasm are generally considered positive attributes when talking about an employee, these can occasionally be early signs of bad intent. For example, if an employee consistently volunteers for extra work, regularly works in the office late, comes in early, or attempts to perform work that’s outside of the scope of their normal duties, they could be trying to gain access to sensitive systems or data.  Then, of course, there are signs of the data exfiltration attempt itself. For example: 3. Large data transfers or downloads There are a number of ways to exfiltrate data, including email, Cloud Storage, USB sticks. In fact, 23% of insiders exfiltrate data via USBs and 24% exfiltrate data via laptops/tablets. Nevertheless email is the threat vector most IT leaders are concerned about. After all, it only takes one click to transfer dozens of files.  But, monitoring data movement is a challenge. How can you realistically monitor every email sent and received within your organization? With Tessian Human Layer Security Intelligence, it’s easy.  Security, IT, and compliance leaders can get detailed insights around employee behavior in a single click. No manual investigation required. 
4. Multiple failed logins (or other abnormal login activity) Whether it’s an employee trying to access networks or systems they don’t have access to or an employee with legitimate access logging in more frequently than usual, login activity can offer security teams clues about Malicious Insiders. Certainly the employee could simply be curious and may even be going above and beyond to get their job done, but these behaviors could also be indicative of nefarious intent and should be investigated.  5. Upgraded privileges or sharing access When someone is promoted or there’s some other shift in the structure of an organization, it makes sense that access to systems and data might change. But, what about when someone’s privileges or access are escalated without a clear reason why? It could be an administrator granting him or herself more privileged access or it could be a team effort. For example, an administrator could be bribed to upgrade another employee’s access. Both are signs of a Malicious Insider. Finally, there are signs that the Insider has successfully exfiltrated data or is still successfully exfiltrating data. For example: 6. Unexpected changes in financial circumstances 86% of breaches are financially motivated.  Whether it’s a list of customer email addresses being sold on the Dark Web or trade secrets being sold to a competitor, data is valuable currency. So, if you hear of or notice an employee suddenly and unexpectedly paying off debt or making expensive purchases, you may need to investigate the source of the additional income. It could be a sign that they’re profiting from company or customer data. 7. Consistent (and unusual) overseas travel Like many of the other indicators on this list, there could be a perfectly good reason why an employee travels overseas. He or she could be going on vacation, visiting friends or family, or may be traveling for work. But, as we’ve seen, it could also be a sign of corporate or foreign espionage. Case in point: A former engineer at a massive aerospace company frequently traveled to China, claiming he was lecturing. In reality, he was acting as an agent of the People’s Republic of China and was selling trade secrets. This went on for nearly 30 years before he was caught and later convicted.  Insider Threat indicators: Negligent Insiders While certain behaviors exhibited by Malicious Insiders may set off alarm bells for security teams before exfiltration attempts occur, Negligent Insiders can be harder to preempt.  Nonetheless, there are four key things to look out for. 8. Failure to comply with basic security policies Whether it’s consistently using weak passwords, refusing to enable 2FA, or frequently downloading tools or software that haven’t been approved by security teams, an employee who disregards security policies could be more likely to accidentally exfiltrate data than one who consistently plays by the book.  That’s why reminding employees of existing policies and procedures is so important. 9. Low engagement in security awareness training Most employees (and even some security leaders!) would agree that security awareness training is “boring”. And, while that may be the case, training is absolutely essential. It could be training around how to spot a phish (see below) or training around new and existing compliance standards or data privacy laws. Employees who either don’t attend training at all or who perform poorly on assessments related to that training should be closely monitored and be re-targeted with tailored programs. You can read more about how to up-level your training and create a positive security culture here. 10. History of falling for phishing attacks Phishing and other social engineering attacks are designed for one of three reasons: to extract sensitive information or credentials, to install malware onto a network, or to initiate a wire transfer. If the attack is successful – meaning the target (an employee) falls for the scam – there could be serious consequences.  That means any employee who falls for a scam should be reminded of phishing tools and techniques and may need to be more closely monitored. 11. General carelessness or haste Accidents happen. Whether it’s firing off an email to the wrong person or accidentally leaving a computer unblocked, we all make mistakes. Nonetheless, they aren’t trivial and any employee who consistently makes mistakes will need to be reminded of security best practices and may, in some cases, need to be monitored with more stringent policies.  How can you detect and prevent Insider Threats?  When it comes to detecting and preventing Insider Threats, there are a number of solutions, including: Training Physical and Digital Monitoring  DLP tools and software  Importantly, all of these have a place in security strategies. Training should be used to reinforce existing policies, especially for those employees who consistently break the rules or make mistakes.  Security teams should be diligent in their physical and digital data monitoring and should always look out for the above warning signs. And DLP tools like rule-based solutions, endpoint scanning, firewalls, and anti-phishing software do, in some instances, help curb the problem of data loss. But, as we’ve said, incidents involving Insider Threats are on the rise which means security stacks are missing something. What they’re missing is protection for their people and at Tessian, we call it Human Layer Security. How does Tessian prevent Insider Threats? Tessian turns an organization’s email data into its best defense against inbound and outbound email security threats. Powered by machine learning, our Human Layer Security technology understands human behavior and relationships, enabling it to automatically detect and prevent anomalous and dangerous activity. Tessian Enforcer detects and prevents data exfiltration attempts Tessian Guardian detects and prevents misdirected emails Tessian Defender detects and prevents spear phishing attacks Importantly, Tessian’s technology automatically updates its understanding of human behavior and evolving relationships through continuous analysis and learning of the organization’s email network. Oh, and it works silently in the background, meaning employees can do their jobs without security getting in the way.  Interested in learning more about how Tessian can help prevent Insider Threats in your organization? You can read some of our customer stories here or book a demo. 
Read Blog Post
Page