When it comes to preventing human-targeted cyberattacks, lean teams in high-stakes industries like insurance can’t afford to compromise. Verizon’s 2025 DBIR report recently reported that social engineering is the second most common cause of data breaches for finance and insurance companies. What’s more, people-focused tactics, like social engineering, evolve so quickly that traditional security tools often lag behind.
This was the reality facing a forward-thinking European insurance provider who recently chose Proofpoint to augment their email security.
Though email remains the primary vector for today’s cyberattacks, the provider’s outdated email security platform was showing its age. To compensate, they built proprietary automation tools to handle their high volumes of legitimate sensitive traffic. The goal was to help their small team of IT administrators focus on triaging a growing number of email threats.
The team knew they needed more than a quick fix. They needed a true partner, and one that could deploy quickly and flexibly. After evaluating several solutions, including Check Point, they ultimately chose Proofpoint. For this insurance company, the decision came down to freedom of choice for deployment, superior protection, and an unmatched understanding of the threats targeting their users.
The situation: signs of obsolete email security
Over the past several years, cyberattackers have increasingly targeted insurers due to the wealth of personal and financial data that they hold. This makes them particularly vulnerable to phishing attacks, impersonation threats, and data loss. Just a single compromised click could lead to a breach that impacts hundreds or thousands of policyholders.
To combat these risks, this insurance provider had just a small group of administrators whose responsibilities included securing hundreds of thousands of inbound claims-related emails daily. Email is mission-critical in the insurance sector, where customers file claims around the clock and response times impact both customer satisfaction and business continuity.
The team had already developed custom automation to triage claims and route communications. This was clear evidence of a security-savvy, efficiency-driven mindset. But despite their best efforts, they couldn’t compensate for the growing shortcomings of their several-year-old existing security platform. They began seeing troubling signs:
- Limited support responsiveness, with tickets taking days to resolve, ticking away time they couldn’t afford to waste
- Stale detection capabilities that missed modern threats like QR code phishing and language-agnostic fraud like business email compromise (BEC)
- Limited reporting and visibility into threat actors, tactics, and campaign-level data, which delayed response times
- Poor automation, which forced manual effort in quarantining and remediating threats as well as overburdened the small IT team
The consolidation question: SEG or API?
Email security that underperformed wasn’t the only issue that the team grappled with.
They had made significant investments in Microsoft E5 licensing and were aiming to reduce their vendor footprint. With clear decision criteria on their side, they were on the hunt for a long-term security partner.
The team not only wanted to fully make use of Microsoft’s native capabilities, but they also wanted to extend their visibility and control. Because they were focused on improving efficiency through automation, they needed a solution that could integrate with their bespoke workflows and scale with them as the company grew.
Initially, the team leaned toward replacing their Secure Email Gateway (SEG), but as they explored modern options, including API-based solutions, they became intrigued by the simplicity and speed of an API deployment. With a cloud-native environment, they recognized the potential to gain advanced protection without spending a lot of time completing full email rerouting.
But could an API-based email platform really meet their deployment deadlines and maintain their high security standards? Determined to find out, they evaluated several email vendors.
Eventually, they narrowed the field to Proofpoint and Check Point.
Enter the contenders: Check Point and Proofpoint
At first glance, Check Point seemed like a promising option. The API-deployed interface appeared straightforward, and the message around clarity was compelling; however, deeper testing uncovered technical challenges that raised some red flags—and brought Proofpoint into the spotlight.
Deliverability
The first flag for Check Point came from deliverability concerns with how its architecture could interfere with Microsoft’s native mail flow. The IT team experienced firsthand how mistakenly quarantined mail from Check Point had to be manually released from Microsoft. This created a critical productivity issue.
Because of this, the team preferred Proofpoint’s straightforward integration with the Microsoft 365 graph API, which kept their environment less vulnerable to delays.
Point solution silos
The future-looking IT team identified another potential challenge with Check Point, noting that email is not its main focus – a fact recently emphasized in prominent industry analyst reports. To achieve subsequent coverage, they would need to piece together multiple add-ons for DMARC enforcement, security awareness training, and other capabilities. As a result, they would end up with a security posture that was even more fragmented, which would add administrative overhead.
In contrast, Proofpoint offered a complete, integrated email solution and it gave the team immediate access to an entire company of purely email specialists.
Regional support and peer feedback
Through feedback from peers in their native region, the insurance team had also heard that organizations leaving Check Point often cited multiple common reasons. These included increased complexity and fewer improvements in detection as key concerns.
Unlike Check Point, the insurer remarked about how Proofpoint treated them as a crucial customer right from the start. Proofpoint also offered a track record of success in the insurance vertical as well as glowing customer references and localized support.
The Results: Proofpoint wins in flexibility, AI, and expertise
As the evaluation process unfolded, it became clear that only one vendor could truly meet the customer’s unique needs, both in technology and in overall approach. Proofpoint stood out to the IT team because of our flexibility, platform strength, and focus on customer satisfaction.
Flexibility that gets the job done
While other vendors offer a one-size-fits-all deployment, Proofpoint provides something no one else can: the flexibility of SEG or API-based protection. More importantly, we let customers choose the model that works best for their environment. For this insurance company, that meant deploying Proofpoint in a hybrid configuration (both SEG and API) to maximize protection without disrupting existing workflows.
This isn’t theoretical flexibility; it’s practical, immediate, and aligns perfectly with our customers’ needs. More importantly, Proofpoint’s ability to share threat intelligence between SEG and API environments provided the customer with deep insights into how their users were being targeted.
Better AI, better platform
The customer was also drawn to the sophistication and maturity of our solution, especially the real-world protection driven by our Proofpoint Nexus AI platform. Our Adaptive Email DLP capabilities, a Proofpoint-exclusive feature, offer a clear example. We use behavioral AI to understand relationships, detect and prevent misdirected emails, and unintended data loss. This can be critical for insurance providers that deal with sensitive claims data and personal information.
Unlike other tools that become stagnant post-deployment, Proofpoint is continually evolving. Our customers benefit from our ongoing focus on developing new features and protections, which means our tools don’t become outdated. This is a big reason why customers stay with us for the long haul.
Unrelenting focus on customer success
What truly sealed the deal wasn’t just the tech, it was the trust we built throughout the process. From the first meeting, Proofpoint brought in a full team to support the evaluation, including solution engineers and technical specialists who understood the nuances of the company’s individual environment.
We didn’t pitch; we partnered. The customer appreciated that we guided them, acting as an advisor as they navigated their options. We also backed our story with local, region-specific references that proved our long-standing success with similar organizations.
The outcome: Proofpoint delivered
Once the decision was made, deployment took just days, not weeks. Proofpoint’s API setup allowed them to onboard quickly, and they began seeing value almost immediately. Here’s what Proofpoint discovered during a four-week evaluation, projected annually:
- 2.5M+ unwanted messages including spam, graymail, and other bulk email
- 19,500+ highly targeted, advanced threats that bypassed existing security
- 45% of those threats were phishing, showing the clear gap in legacy detection
- 150+ Very Attacked People™ (VAPs) whom Proofpoint helped the team identify and prioritize by risk
Credential theft was the No. 1 type of threat observed in our data and is a top concern in insurance, where account compromise can lead to widespread fraud. Thankfully, the language-agnostic detection within Proofpoint’s AI was able to easily flag the phishing campaigns, even in the customer’s native Dutch language.
Why Proofpoint for API-based email security
At the end of the day, this insurance provider wanted to modernize without compromising. They needed a partner that understood the stakes of securing sensitive email traffic in a high-risk industry and had the expertise to guide them through it.
Proofpoint delivered on that promise. Our Proofpoint Nexus AI, hybrid deployment flexibility, and human-centric threat intelligence gave this insurance company the control that they needed while reducing burden on their small team. And most importantly, we earned their trust.
At Proofpoint, we believe the best security is human-centric, focused on the people being targeted and designed for the people who are defending them. Take the next step to protect your people and business from human-centric cyberattacks. Learn more about Proofpoint Core Email Protection today.
