The Challenge
- Help secure interaction with vendors and customers
- Optimise use of staff and resources
- Protect critical energy infrastructure
The Solution
- Proofpoint Email Protection
- Proofpoint Targeted Attack Protection
- Proofpoint Email Fraud Defense
- Proofpoint Supplier Threat Protection
- Proofpoint Security Awareness
The Results
- Helps keep infrastructure secure and compliant
- Protects organisation from business email compromise threats
- Automated solution helps company do more with less
The Challenge
Keeping Reliable, Affordable Energy Flowing
The energy provider has electric operating companies, natural gas distribution companies, a competitive generation company, a leading distributed energy distribution company, a fibre optics network, and telecommunications services.
“Over the past two to three years, we’ve seen an increase in some type of compromise to the network infrastructure of our vendors and customers,” said the security manager, information technology at the company. “We have a lot of relationships with a vast array of companies, and not all of them have the same ability to protect themselves against cyberthreats.”
The threat landscape is constantly evolving, and for the security manager and his team, business email compromise (BEC) attacks have been a rising concern in recent years.
The company needed a solution that could not only safeguard its domain and email correspondence, but do it in an efficient, automated way.
Security manager, information technology
The Solution
Toward More Proactive Protection
The company evaluated several products, then chose a complete solution that includes Proofpoint Targeted Attack Protection (TAP) and its Proofpoint Supplier Threat Protection add-on component. The company also deployed Proofpoint Email Fraud Defense (EFD). This solution helps protect the company and its customers through stronger email authentication, and helps organisations set DMARC policies to protect against impersonation.
Built specifically for supply chain threats, Proofpoint Supplier Threat Protection uses behavioural artificial intelligence (AI) together with threat intelligence to proactively defend the company. It detects and prioritises which compromised supplier accounts the security manager and his teams should look into.
“Proofpoint provides a more automated process that helps us investigate issues,” he said. “We can rely on Proofpoint alerts to let us know that someone else’s email is compromised. For example, if a supplier is sending us an email that contains malware or other issues, it can alert us that something is wrong with the account. In the past, we had to wait for the supplier to call us or learn about these issues in other ways. Proofpoint provides an automated alert mechanism.”
The security manager is especially impressed by the behavioural insights that Proofpoint Supplier Threat Protection provides.
“Today’s threats are not just limited to links and attachments,” he said. “Proofpoint provides visibility into heuristic or anomalous behaviour that occurs in the background that we couldn’t see before. It can tell us that we may want to look at a specific account, because it may be compromised—and we don’t want our users talking to a compromised account.” The company was also seeking to protect its organisation and customers from malicious emails spoofing domains.
“We’ve seen many attacks based on impersonating domains,” said the security manager. “Increasingly, bad actors are reaching out to our vendors and other folks we communicate with, pretending to be us to solicit fraudulent products. As we started picking up on those types of abuses, we had to figure out a mechanism to identify it, alert the targeted companies, and mitigate the issue.”
Proofpoint EFD lets the company monitor all inbound and outbound emails from its domains and those of third parties. It provides full visibility into lookalike domains and emails sent using the company’s trusted domains.
The Results
Improved Efficiency and Stronger Relationships
By improving the efficiency of its security practices, the company is not only minimising threats, but strengthening its business relationships—all while freeing up staff time.
“Proofpoint is saving us time, while reducing our risk,” said the security manager. “It allows us to accelerate containment and mitigating actions to protect trusted relationships with vendors. It definitely saves time on detection, and it increases our visibility into potential compromises.”
This type of efficiency has been especially important in helping the security manager and his team keep pace with an escalating volume of BEC and supplier threats, and prioritise the most important issues.
“When we started our manual process a couple of years ago, we had about 80 vendor-related security incidents,” he said. “Last year we had 100, and we know it will continue to go up. Detecting threats is just the first piece of it. As that volume increases, we have to scale up because one person can’t handle it all. Proofpoint lets us automate threat detection, so we can free up time to enable our staff to focus on containment and remediation.”
The Proofpoint technical support team has also been helpful in ensuring that the company realises the full value of their investment.
“Working with the Proofpoint team has been fantastic,” said the security manager. “They have been very receptive and are available on a 24x7 basis. If there’s an issue, I can text someone at Proofpoint and they’ll get back to me with an answer or let me know where I can find the answer.”
Now this leading energy provider has a comprehensive, multilayered email security solution. And it’s one the company is confident will protect its infrastructure and customers from cyberattacks—even as threats continue to evolve.