To Protect Its Assets and Its Reputation, a U.S. Bank Chooses Proofpoint Over Abnormal AI

The financial services industry is a prime target for cybercriminals. In fact, it is the most attacked industry, after healthcare. Not only does it appeal to cybercriminals for its potential direct financial gains, but it also has a lot of personally identifiable information (PII), like social security numbers, account numbers, birthdays and addresses. This PII data can be exploited or sold on the black market, which can lead to identity fraud campaigns.

What happens when a bank's email security is not enough to prevent targeted phishing attempts from reaching employees? One banking customer didn't want to find out. They understood the evolving threat landscape and wanted to stay ahead of emerging threats by augmenting their native Microsoft 365 defenses.

So, its security team decided to compare Abnormal AI and Proofpoint. Their goal was to improve the company's overall security posture and reduce the risk of email-based attacks and data loss. In the end, the team chose Proofpoint to boost their existing Microsoft 365 defenses over Abnormal. This is their story.

The goal: a human-centric approach to email security

If a breach occurs in the financial services industry, the cost of the fallout can be severe. As heavily regulated sector, non-compliance can lead to substantial fines. The Securities and Exchange Commission recently fined Flagstar Bank $3.5 million for making misleading statements about a cyberattack.

And the repercussions extend far beyond direct asset losses from non-compliance. Banks rely on long-term client loyalty to drive growth and revenue. A breach risks damaging the bank's reputation and eroding the trust that they've worked hard to build with their clients.

With this in mind, our customer wanted to protect against advanced email-borne threats, like:

• Advanced social engineering attacks. These personalized attacks exploit the victim's trust and trick them into sharing sensitive information or completing a task by pretending to be a known person or vendor. Our customer's employees were seeing an increase in these attacks making their way into email inboxes. In fact, this customer had already lost a half a million dollars through fraudulent wire transfers.
• Misdirected email and exfiltration. Emails that are sent accidentally or even intentionally can expose sensitive information to the wrong people. The IT team found that there were more than 30 cases of unauthorized disclosures over a three-year period. This data loss not only damaged customer trust but also the company's reputation.
• Potential account takeovers. The IT team was concerned about phishing attacks that lead to email account compromise. In fact, more than 99% of organizations experience account takeover attempts. If malicious actors gain access to employees' email accounts, they can cause havoc. Not only can they more easily target others within the company, but they can also steal credentials or escalate privileges.

When our customer evaluated Abnormal, they liked that it could be deployed with an API. Plus, it was positioned as a tool with AI-powered capabilities that could effectively remediate threats. And it looked easy to use.

However, as the team looked into it further, they saw some drawbacks. For starters, Abnormal didn't offer complete human-centric security. Its detection stack seemed to be missing key capabilities, such as URL and attachment sandboxing. And it didn't offer outbound email protection, which is critical for end-to-end email security.

Results: Proofpoint delivers human-centric security where Abnormal falls short

The team was committed to finding the ideal partner to complement their Microsoft email environment. So, they decided to compare Abnormal and Proofpoint. Below are the key areas that interested them.

Detection efficacy for inbound threat detection: Proofpoint wins

The customer was specifically looking for an API-based solution to integrate with their existing Microsoft 365 environment. When they compared Proofpoint to Abnormal, they found that Abnormal had a higher false positive rate. Plus, its classification was not precise.

Compare that to the Proofpoint Core Email Protection API solution. It stops the widest variety of threats. This includes advanced phishing, business email compromise (BEC) and URL based attacks. It does not require customers to buy add-on tools for detecting spam, viruses and graymail.

Proofpoint Nexus is what makes the difference. An unparalleled threat intelligence platform, Nexus is powered by AI, machine learning and behavioral analysis. It delivers in-depth email threat detection, blocking 99.99% of threats.

Landscape of threats that are detected and blocked by Proofpoint Nexus.

Proofpoint works as another layer of defense to help protect our customer's business and its people from both sophisticated threats and unintentional human error. Proofpoint Core Email Protection API is designed to support lean IT teams. It is easy to deploy, seamlessly integrating into Microsoft's 365 Graph API. This enables IT teams to be up and running quickly.

Misdirected email protection: Proofpoint wins

The customer was specifically looking for strong outbound data loss prevention (DLP) capabilities. In the past, employees had accidentally sent emails to the wrong recipients, which had already cost the company half a million dollars in losses. The IT team was determined to stop data leaking in the future, ensure compliance with data protection regulations and prevent brand damage.

Our customer's security team discovered that Abnormal does not have any outbound email protection capabilities. Compare that to Proofpoint. Our solution offers a holistic approach to human-centric security. Not only do we excel at detecting email-borne threats, but we enable organizations to improve their security posture with additional threat mitigation features. This includes preventing data loss, mitigating identity sprawl and stopping account takeovers.

One of the reasons that our DLP solution is so effective is because it's powered by behavioral AI. This enables it to learn about employees' email-sending habits, their trusted relationships and their patterns when it comes to sending sensitive data.

Relationship graphs and deep content inspection enable our solution to understand whether employee behavior is routine or anomalous. As a result, it can identify potential data loss incidents.

When there is an issue, administrators are alerted in real time so that they can respond quickly. Complete visibility into incidents ensures that they can triage, investigate and respond to incidents based on company policies.

Proofpoint dashboard showing internal data loss incidents as well as industry benchmarks.

The advantage of a complete human-centric security platform

In the end, our customer concluded that Proofpoint was the clear winner.

When they implemented the Proofpoint Core Email Protection API-based solution, onboarding took just a few days-not weeks or months. It didn't require any changes to their MX records. And it integrated effortlessly into their existing Microsoft ecosystem. With this proactive solution in place, our customer's sensitive data remains protected even when their employees email the wrong recipient or share the wrong attachment.

Proofpoint significantly enhanced the security team's confidence in the company's email security. Employees now receive real-time guidance through alerts that are integrated into messages, which warn them before they email the wrong person. This helps them to improve their behavior over time. If an employee still sends a risky email after being warned, Proofpoint steps in to protect the company's sensitive data in real time. This prevents data leaks and ensures compliance with strict industry regulations.

Comparing Proofpoint Core Email Protection API with Abnormal's API solution.

Our human-centric approach delivers end-to-end protection. We do this by combining best-in-class defenses with advanced phishing detection that complements an organization's native Microsoft email security capabilities. As a result, Proofpoint stops the widest variety of advanced threats, including phishing, BEC and URL based attacks. Plus, employees get educated on how to identify malicious emails on their own. This, in turn, reduces the burden lean security teams.

Proofpoint also helps boost security team productivity. When teams have enhanced visibility, they can gain a clear view of the attacks that are targeting an organization. This accelerates threat investigation, helping them to respond faster and more effectively. Plus, Proofpoint provides insights into the users that require closer monitoring or access restriction to keep organizations safer.

Learn more

Proofpoint delivers complete human-centric protection in a single solution. To stay one step ahead of threat actors, our AI/ML models are continuously trained on one of the largest, most diverse data sets in cybersecurity. Every year, we analyze more than 3.4 trillion email messages, 21 trillion URLs, 0.8 trillion attachments, 1.4 trillion suspicious SMS and more.

Find out how AI-powered intelligence from Proofpoint delivers unmatched human-centric security. Visit our web page on Core Email Protection.