Protecting the Data Behind Australia’s Top Game

The Australian Football League partners with Proofpoint to secure its data, protect its brand, and keeps the trust of 700,000 participants and millions of fans. 

Australian Football League

At A Glance

The Australian Football League (AFL) relies on Proofpoint to protect the data that powers the game and the reputation of one of the country’s most recognizable brands. What began as a search for better email security has become a five-year partnership spanning email defense, brand protection, data security, and security awareness training. Now the AFL can spend less time on defense and more on growing the game.      

Products Used

  • Email Protection
  • Threat Protection
  • Human Resilience & Security Awareness

I think my advice to people is if you want the best product and the best people, Proofpoint is the way to go.

Lachlan McGill
Cybersecurity Manager, Australian Football League

 

Company Size

1,240  employees 

Headquarters

Melbourne, Australia 

99.99%
overall threat-blocking effectiveness
8M+
threats and unwanted emails blocked in one month
80%
reduction in phishing simulation click rates
CHALLENGES
  • A high-value target: As one of Australia's most recognizable brands, the AFL was targeted by phishing and malicious emails. Always on the defense:
  • A legacy on-premise email system left the security team spending nearly all its time chasing incidents instead of strengthening the league's security posture.
  • Data that develops the game: Protecting staff, member, player, and partner data against increasingly AI-crafted threats was essential to driving the AFL's future.
RESULTS
  • 9.99% threat-blocking effectiveness, with over 8M commodity threats and unwanted emails stopped in one month.
  • Over 40k advanced malware, phishing, and BEC threats blocked in a single reporting period, lowering data risks substantially.
  • An 80% reduction in phishing simulation click rates after ZenGuide training, with reporting rates now near 2X the industry average.
The Challenge

The Challenge

Defending the Data that Powers the AFL 

Australian football reaches more than 700,000 participants and millions of fans nationwide and ranks among the five most-attended sports in the world. That’s because of the Australian Football League (AFL), a 130-year-old organization that has become one of Australia's most recognizable brands.  

Behind that brand recognition is something just as valuable: data. Lachlan McGill, the AFL’s Cybersecurity Manager, says every department in the league wants to get its hands on this data. “Data is how the league grows the game and plans where it wants to be in five years,” he explains.  

Legitimate entities aren’t the only ones who want access to AFL data; cyberattackers are trying everything to breach it. Protecting that information is critical to the future of the sport. 

Over time, that job was getting harder for the AFL’s lean security team. They were running a legacy, on-premise email system, and email was the channel attackers preferred. Being such a recognizable brand made the league a big target, and phishing emails were slipping through our defenses more often that we would have liked. The team was stuck in reactive mode. “It just wasn't sustainable for us,” says McGill. “We had to do something about it.” 

When a malicious email landed, there was no real way to remediate it. If fifty people received it, the team had to contact fifty mailboxes—one at a time—and a clunky admin interface made it slow just to find out who was affected. “We were spending an inordinate amount of time just trying to find where the issue was, and there was no remediation mechanism in place,” McGill explains. 

Threats were evolving, too. AI was sharpening attacks, producing better-crafted phishing emails. The AFL did not need a slightly better email filter. It needed a holistic, future-ready way to protect its data, its brand, and the trust of everyone who follows the game. 

The Solution

The Solution

More Than a Security Product. A True Partnership. 

McGill first encountered Proofpoint back in 2016 in the healthcare industry when evaluating enterprise security solutions. “Proofpoint made a compelling case that they were a market leader and had the capability to suit our business requirements,” he says. Years later, he turned to Proofpoint to strengthen email security for the AFL. 

With a security team that tackles way above its weight, McGill needed a product that was easy to manage, had built-in automation, and cleanly integrated with the organization’s existing security stack.  

The Proofpoint team mattered just as much. "One of the key factors why we went down the Proofpoint path is the level of trust we had in the people supporting us," McGill says. AFL ran a proof of concept, stood the platform up in about a day, and migrated its configuration over three to four days. Proofpoint’s engineers helped guide the process and run quality assessments on the configuration. In McGill's words, “It’s one of the main reasons why we chose Proofpoint.” 

The AFL did not just want a new email filter; they wanted a holistic lens over its entire collaboration suite. First, the team deployed the Proofpoint email gateway alongside Email DLP and Encryption and Email Fraud Defense for DMARC (Domain-based Message Authentication Reporting and Conformance). This gives the league confidence that criminals can’t easily impersonate its domain to scam the public.  

Proofpoint’s Threat Response Auto-Pull immediately changed the security team’s day-to-day. Instead of chasing fifty mailboxes by hand, they can now pull a malicious message out of every inbox at once. When Proofpoint later determines that a delivered email has turned malicious, it removes the message automatically. "Half the time we don't even have to get on to the platform," McGill says. 

The AFL also adopted Proofpoint ZenGuide for security awareness training. ZenGuide turns awareness into true behavioral changes with phishing simulations modeled on real-world patterns, and teachable moments that explain an attacker's technique the instant a user clicks.  

Proofpoint’s ThreatFlip strips out the personal and malicious content and turns that real attack into a safe training simulation in ZenGuide. The AFL now trains its people on the exact threats hitting its front door.

The Results

The Results

Fewer Incidents, Sharper Staff, and Data Protected 

In a single one-month snapshot, Proofpoint screened 11.2 million inbound emails for the AFL, blocked more than 8 million commodity threats and unwanted messages, and stopped more than 40,000 advanced malware, phishing, and BEC attempts. Overall threat-blocking effectiveness is at 99.99%. In the same reporting period, Proofpoint auto-remediated 121 malicious emails after delivery. That’s a ton of work the team never had to touch. 

Phishing incidents that once landed every couple of weeks are now as rare as a drawn Grand Final. "We're not getting nearly as many phishing email incidents," McGill says. "Of those that do get through, we're able to easily track them down and remediate, all from the Proofpoint admin platform." 

The operational shift has been just as valuable, allowing the team to move from reacting to incidents to doing proactive security work to strengthen the league's posture. DMARC protects the brand by making it far harder for criminals to impersonate the AFL's domain.  

The biggest change may be in the AFL's people. Before ZenGuide, the league ran occasional, ad hoc phishing tests, and click rates sat stubbornly around 30%. After rolling out ZenGuide training built on real-world threats, the click rate dropped to a consistent 5 to 6%, and the AFL's simulated-phishing reporting rate now runs at nearly twice the industry average. Security awareness across the organization has gone, in McGill's words, from "not much" to "very, very good." A workforce that was once a sure target has become a formidable defense for the data the league depends on.