The Ultimate Guide to Human Layer Security

  • By Tim Sadler
  • 16 October 2020

There’s a big problem in cybersecurity. Despite stricter data compliance standards, incredible technological innovation, and more investment from businesses, data breaches are at an all-time high. 

In fact, businesses are at risk of insider and outsider threats, with a reported 67% increase in the volume of security breaches over the past five years.

Why is this happening? Because, historically, security solutions have focused on securing the machine layer of an organization: networks, endpoints and devices. 

But the majority of these solutions provide blunt protection, rely on retroactive threat detection and remediation, and don’t protect a businesses’ most important asset: its employees 

So, when you can get a firewall to protect your network, and EDR to protect your devices, what do you get to protect your people? Human Layer Security.

What is Human Layer Security?

  • Human Layer Security (HLS)

    Human Layer Security (HLS) automatically detects and prevents threats by understanding human communication patterns and behavior, building a unique security identity for each and every employee, and continuously improving their security reflexes over time.

Tessian’s Human Layer Security technology understands human behavior and relationships, enabling it to detect and prevent dangerous activity. Importantly, Tessian’s technology learns and adapts to how people work without getting in the way or impeding productivity.

We created this category nearly two years ago, and it was the thesis for our Series B fundraise.  Since then, we’ve seamlessly deployed Tessian solutions to customers across industries from SMBs to multi-national enterprises, and are now detecting and preventing millions of inbound and outbound threats on email.

Why do we need Human Layer Security?

Your employees now control both your systems and your data. But people make mistakes, people break the rules, and people can be deceived.

88% of data breaches are caused by human error, with AIG reporting “human errors and behavior continue to be a significant driver of cyber claims.” 

It makes sense. Employees can transfer millions of dollars to a bank account in a few clicks and can share thousands of patient records in an Excel file in a single email.

You can read more about The Psychology of Human Error here.

So, instead of expecting people to do the right thing 100% of the time, we think it’s better to preempt these errors by detecting and preventing them from happening in the first place.

Each of our solutions – Tessian Enforcer, Tessian Guardian, and Tessian Defender – is uniquely positioned to do just that.

People break the rules

Whether done maliciously or accidentally, people in every organization can (and do) break the rules. Those rules can be related to anything, from a password policy to how sensitive information is stored. But, what about rules related to data exfiltration?

Oftentimes, employees are blissfully unaware. They’re not familiar with the policies themselves or the consequences of poor data handling. So, they think nothing of emailing company information to their personal email account to print at home, for example. 

But not all employees are well-intentioned. Case in point: In late-2019, an employee at a cybersecurity and defense company sold 68,000 customer records to scammers.

This isn’t an isolated incident. According to one report, 45% of employees say they’ve taken work-related documents with them after leaving or being dismissed from a job and, according to another, more than half of UK employees admitted to stealing corporate data. A quarter of those would be willing to do so for less than £1,000.

Tessian Enforcer prevents data exfiltration attempts (both malicious and negligent. Looking for more real-world examples of malicious and negligent insiders? Read this article.

  • Tessian Enforcer

    Tessian Enforcer detects and prevents data exfiltration attempts by analyzing historical email data to understand what is and isn’t “normal” for every employee.

People make mistakes

From a simple typo to a misconfigured firewall, mistakes are inevitable at work. To err is human!

In fact, 43% of employees say they’ve made a mistake at work that compromised cybersecurity. 

Unfortunately, though, the consequences of these mistakes can be severe.

Imagine an employee sends a misdirected email. Penalties and fines could be incurred, customer trust could plummet, and reputational damage could be long-lasting. And those are just the consequences to the larger organization. Individuals will likely suffer, too. 

We all know the sinking feeling of making a mistake. But, misdirected emails cause employees more than red-faced embarrassment and anxiety. These accidents put people at risk of losing their jobs.  

Tessian Guardian detects and prevents misdirected emails so that the right email is always shared with the right person.

  • Tessian Guardian

    Tessian Guardian prevents accidental data loss by understanding individual employee’s networks, communication patterns, and evolving relationships.

People can be deceived 

Businesses of all sizes and across industries work with a web of suppliers, contractors, and customers. And, most use email to communicate. That means it’s easy for hackers to impersonate internal and external contacts. 

Business Email Compromise (BEC) attacks increased by over 100% in the last two years. 

Worse still, the odds are against businesses and their employees. While a hacker only has to get it right once, we are expected to get it right every time.

So, what happens if one employee is successfully tricked one time by a spear phishing email and wires money, shares credentials, or otherwise helps a hacker gain access to your network? The average breach costs organizations $3.92 million. But, these costs can be avoided with technology like Tessian Defender that detects and prevents advanced impersonation attacks.

  • Tessian Defender

    Tessian Defender detects and prevents advanced spear phishing attacks like BEC and CEO Fraud in real-time by analyzing hundreds of data points within email headers, body text, and attachments. Employees are alerted, security are notified, and administrators can domains to a denylist with a single-click.

Why focus on email?

At Tessian, our mission is to protect every business’ business by securing the human layer. And we know that to be truly effective, Human Layer Security must protect people whenever and however they handle data. 

But, we’re starting with email. It’s the most popular (we spend 40% of our time on it) and riskiest (most breaches happen here) communication channel. It’s also the threat vector IT leaders are most worried about.

“Tessian’s ability to seamlessly secure against human-centered risks on email with minimum disruption has helped minimize the possibility of data breaches.”
Bill Tanner CIO at Allens Linklaters

You’re probably wondering how Tessian compares to other solutions and how our technology would fit in your larger security framework. We’ll tell you. 

Tessian vs. Rule-Based Technology

Traditional email security solutions are blunt instruments that tend to be disruptive for employees and admin-intensive for security teams who have to continuously create and maintain thousands of rules. 

Don’t believe us? 85% of IT leaders say rule-based DLP is admin-intensive and over half of employees say they’ll find a workaround if security software or policies make it difficult or prevent them from doing their job. 

The fact is, manually classifying emails, tagging emails sent to external contacts, encryption, and pesky pop-ups are roadblocks that slow the pace of business and create friction between security teams and other departments.  

Worse still, these older technologies just can’t be configured to adequately defend against all the ways people make mistakes or cut corners on email.

Tessian doesn’t require any rules and starts preventing threats within 24 hours of deployment. 

Tessian vs. Training

Training is a necessary part of every security strategy. But, the majority of employees aren’t trained frequently enough and lessons don’t always stick. Employees also tend to struggle applying what they’ve learned in training to real-world situations. 

But we can’t blame employees. The average person isn’t a security expert and hackers are crafting more and more sophisticated attacks. It’s hard for even the most security-conscious among us to keep up.

That’s why security leaders need to invest in technology that bolsters training and reinforces policies and procedures. That way, employees can improve their security reflexes over time.  

That’s where Human Layer Security comes in. Tessian warnings act as in-the-moment training for employees. And, because Tessian only flags 1 in 1,000 emails on average, when a pop-up does appear, employees pay attention.

Tessian Human Layer Security Technology

Human Layer Security works by understanding and adapting to human behavior. Our machine learning algorithms analyze historical email data and build a unique security identity for every employee based on relationships and communication patterns.  The best part is: these ML models get smarter and better over time as more data is ingested.

This helps the technology establish what normal (and abnormal) looks like and allows Tessian to automatically predict and prevent security breaches on email across devices.   

For every inbound and outbound email, our ML algorithms analyze millions of data points, including:

  • Relationship History: Analyzing past and real-time email data, Tessian has a historical view on all email communications and relationships. For example, we can determine in real-time if the wrong recipient has been included on an outbound email; if a sensitive attachment is being sent to a personal, non-business email account; if an inbound email with a legitimate-looking domain is a spoof
  • Content & context: Using natural language processing to analyze historical email data, Tessian understands how people normally communicate on email and what topics they normally discuss. That way, our solutions can automatically detect anomalies in subject matter (i.e. project names) or sentiment (i.e. urgency), which might indicate a threat.

Best of all, all of this analysis happens silently in the background and employees won’t know it’s there until they need it. Tessian stops threats, not business. And not flow.

And, with Human Layer Security Intelligence, security and compliance leaders can get greater visibility into the threats prevented, track trends, and benchmark their organization’s security posture against others. This way, they can continuously reduce Human Layer risks over time.

First, you protected our networks. Then, you protected our devices. Now, you can protect your people with Tessian’s Human Layer Security.

Tim Sadler co-founder and Chief Executive Officer