To maintain trust and foster growth, the organization is transforming its global business operations to deliver “digital everything.” This requires a fresh look at each line of business and its supporting technologies, people, and functions to identify opportunities to reorganize, replatform, and accelerate their rate of digital change to become quicker and more competitive. During this transformation, the security operations team has a critical role in protecting assets, processes, and people. The team knew that even though the organization wasn’t having to deal with successful email attacks yet, they should keep looking for ways to enhance protection for their more than 34,000 inboxes worldwide. “Email is the most vulnerable area we have, because it requires humans to decide quickly whether or not to click a link or open an attachment. Blocking malicious emails before they reach a human is key,” said the company’s Director of Threat Intelligence. The organization’s proactive mindset led it to Abnormal. Rather than wait for an attack to succeed, “we took the next step in our email security evolution,” said the Associate VP of Security Operations.

Elara Caring, one of the largest home care providers in the United States, faced significant challenges in ensuring data privacy and security while providing a seamless employee experience. The company serves over 60,000 patients across 16 states and must navigate a complex landscape of state and federal data privacy regulations, including HIPAA. The healthcare industry is also known for high turnover rates, and outdated technology can negatively impact employee satisfaction. When Eric Bowerman joined as the Chief Information Security Officer in mid-2021, he noticed that employees were struggling to differentiate between authentic emails and phishing attacks, which was a significant threat to patient data security. The existing Microsoft 365 email security was catching basic threats, but advanced threats were still reaching employee mailboxes, causing stress and potential data breaches.

By mid-2021, Everise had more than 11,000 employees to meet new demand for outsourced services. But the shift to remote work brought new email security risks. “Our people are good at what they do, but they’re not email security specialists, and attackers know that. That’s why ransomware, social engineering, and email attackers go after the human ‘soft targets’—to get results.” Everise sought new protection to excel at employee and customer experience. As Everise worked to quickly extend its on-premises security practices to executive and employee home offices, they also had to contend with a rising tide of email attacks that were tailored to get past their existing security, including email security tools in Office 365 and employees’ security awareness training. “We started to see a large increase in the number of BEC attacks and social engineering attacks, primarily targeting senior leadership. We saw emails impersonating clients with fraudulent invoices seeking payment. Credential phishing emails impersonated our CEO and service providers like DocuSign,” said Amy Grisham, Director of IT Governance and Compliance. “We needed to stop these threats and to confidently recognize those emails coming from legitimate senders.”

During 2020, Coats faced an increase in advanced email attacks year over year. Coats had invested in Microsoft Defender for Office 365 which was effective in blocking common email attacks by leveraging rules and policies, and threat intelligence. However, for advanced attacks they needed a solution like Abnormal Security that leverages a behavioral approach to detect and block never-seen-before attacks with high efficacy. Coats was also finding messages in quarantine that didn’t belong there, and they didn’t understand why they were quarantined. The overall result was more risky messages getting through, more good messages stuck in quarantine, and more time assessing why their controls weren’t stopping potentially illegitimate messages and trying to fine-tune their safelist. The result was time and attention diverted from innovation and other security priorities.

Kroenke Sports and Entertainment (KSE) faced significant challenges with email security. Despite using Microsoft 365 for standard email threats and a secure email gateway (SEG) for advanced attacks, phishing and name impersonation emails were still getting through. This situation put the organization, its partners, and customers at risk of scams. Additionally, the IT team was spending an excessive amount of time on email investigations and remediation, leaving little time for other security initiatives. The SEG was not delivering the expected value for money, prompting KSE to seek a more effective email security solution that would integrate well with Microsoft 365.

In the world of retail, the sheer volume of suppliers and invoices processed on a daily basis is central to business operations. For CSC Generation, this challenge is amplified by their aggressive corporate growth strategy. As organizations like CSC Generation move their business to the cloud, their infrastructure transforms, and so do the attacks. According to the most recent 2020 FBI IC3 Report, the number one threat facing organizations are socially-engineered email attacks from compromised vendors. These novel threats evade traditional defenses and require a new approach to stop them. When it comes to pinpointing where the weak link lies, the culprit is often third-party vendors with lax security controls. If their credentials are phished, the results are dangerous to their own organization and partners. To add to the frustration, it’s common for organizations like CSC Generation to have a robust security stack and internal protocols in place to stop traditional attacks. However, even the best-laid plans can still fall short. Despite all of their security checks, CSC Generation was still defrauded out of a significant sum of money through a compromised vendor account.

ADT faced a dynamic threat landscape with various forms of email attacks such as order fraud, invoice fraud, and business email compromise. The vast supply chain created numerous opportunities for vendor email compromise attacks. The volume of attacks made it difficult for the IT team to identify trends and areas for security improvement. Additionally, the security team spent a significant amount of time on manual threat review and remediation, leaving less time for proactive security awareness training.

Softcat faced a significant challenge with advanced account takeover (ATO) email threats bypassing their existing email security gateway (SEG). Despite using Microsoft Exchange Online and a SEG, the company noticed that one or two ATO emails posing as vendors or customers were reaching their employees each day. This posed a risk to their employees' safety and productivity, as key security decisions were left to the employees. Additionally, the security team was burdened with responding to user-reported threats, which took time away from higher-value tasks. Softcat needed a solution that could detect these sophisticated threats without adding to the security team's workload or generating excess false positives.

Despite Technologent’s technology expertise, sophisticated phishing and business email compromise attacks were reaching the company’s inboxes due to the limitations of their email security providers’ threat detection capabilities. These attacks often targeted executives and reached their inboxes because they contained no traditional indicators of compromise like malicious links or attachments. The small security team handled the resulting manual investigations and remediation in addition to their other responsibilities. “We leveraged the native capabilities of Office 365 and it wasn't enough. We deployed a traditional SEG that fell short, and then added a second SEG with similar results. We quickly found that traditional email gateways are simply not enough,” said Jon Mendoza, CISO. To solve the problem, he looked for an API-based solution that uses AI to detect sophisticated attacks.

Avery Dennison faced significant email security challenges due to its large workforce and extensive vendor network. The company needed to protect its intellectual property and ensure 100% uptime for its production processes. Despite using Google Workspace for cloud email functionality, Avery Dennison encountered issues with phishing messages from compromised vendor accounts. Google Workspace's native security measures lacked the context to detect these external threats effectively. The security team, led by VP and Information Security Officer Jeremy Smith, had to manually investigate and remediate these threats, which was time-consuming and inefficient.

When Corporate Security Operations Director Steve Tieland joined Pega, the company’s internal corporate email environment was flooded by VIP impersonation attacks bypassing the SEG and Microsoft Defender. Tieland made email reform a priority to improve security and relieve his team of the 60 hours per week they were spending on manual investigation and remediation. Employees and executives also spent hundreds of hours each month managing graymail. “We would change the filter settings, but one change would add more spam, and another would quarantine too many emails. The SEG offered new features to help, but they broke things in our email system,” said Tieland.

Saskatoon Public Schools needed a cost-effective cloud email security upgrade as part of their migration to Microsoft Exchange Online. The existing Secure Email Gateway (SEG) was unable to auto-remediate phishing and internal email account takeover attacks. With a security team of one, responsible for all manual investigations and remediation, the division faced significant challenges in maintaining email security on a limited budget.

Rubicon faced the challenge of securing a complex email ecosystem against various email threats that could waste valuable operational, marketing, legal, and customer time. The company needed an API-based email security solution to support their cloud operations and commitment to agility. They were looking for a solution that could provide actionable intelligence quickly and offer visibility into specific and targeted attacks, which they were previously unable to see.

Virginia Beach City Public Schools (VBCPS) faced significant challenges in protecting their email ecosystems, which included both Microsoft 365 for faculty and staff and Google Workspace for students. The division's small IT team had to ensure compliance with federal regulations like COPPA, CIPA, and FERPA, while also addressing the unique risks associated with a student population that includes a significant number of military families. The increasing difficulty in distinguishing between malicious and legitimate emails, coupled with the inability to mandate security training for teachers, exacerbated the problem. Impersonation emails had already scammed some teachers into making unauthorized purchases, highlighting the urgent need for a robust security solution.

Advising clients worldwide on multibillion-dollar deals means Greenhill must comply with multiple data security regulations. Greenhill’s role also makes it a high-profile target for criminals seeking to steal sensitive data, intercept funds, or commit invoice fraud. Despite implementing an advanced security awareness program, Greenhill wanted to prevent employees from confronting email threats in the first place. Shaffer knew that the fewer decisions employees had to make about the legitimacy of emails, the more secure the company would be. To improve security, Greenhill adopted Defender for Office 365 and made gateway changes, but Shaffer’s team found that socially-engineered threats were still reaching mailboxes. It was clear that while their existing tools managed basic threats well, Greenhill needed a more strategic line of defense against sophisticated attacks.

EAB needed a robust cloud security solution to protect their organization and clients from phishing, business email compromise (BEC), and vendor compromise. They sought an additional layer of security to complement Microsoft 365’s built-in email protection. The goal was to protect their cloud-based email ecosystem from advanced threats, help education partners with less robust security identify and address threats, and free executives and IT teams to focus on other value-creation initiatives to support their mission.

AC Transit faced significant challenges in protecting its employees and partners from sophisticated email-borne attacks. The organization needed to stop active account takeover attacks immediately and required a solution that could be implemented quickly without the need for a secure email gateway. Additionally, AC Transit aimed to improve executive productivity by filtering out non-malicious but time-consuming graymail messages. The primary challenges included identifying an API-based solution with superior detection services, stopping ongoing account takeover attacks, and enhancing executive productivity.

BigTent’s online customer support team needed a hosted help desk solution that was easy to implement and maintain, and simple for all customers to navigate. Their previous solution was complex to implement and had an outdated look and feel. They wanted to offer a fresh, intuitive user experience without increasing their budget. The challenge was to meet these stringent requirements within a tight deadline.

Brightidea needed a better shared space where support, sales, and engineering teams could easily organize, collaborate, and share information to deliver a great customer experience. The goal was to ensure that customer service extended beyond the support team and involved other internal teams, impacting business strategy and success.

As CALE recently prepared to convert 40,000 single-space meters to multi-space pay stations in downtown Chicago, the company realized it needed a more reliable way of keeping track of trouble tickets. The fast-growing company had tried using a Microsoft Outlook-based plug-in ticketing system, but was frustrated by the results. CALE needed a web-based system that did not require an MS Exchange server or software that had to be installed on every computer—a serious trouble ticket system that would allow their distributed team to collaborate when delivering customer support. Adding to the urgency, CALE had agreed to provide 24/7 support for the Chicago parking program and handle thousands of toll-free calls from end users in the city of Chicago. CALE faced a potential deluge of calls and needed an easy way to track and access support information quickly.

When the United Kingdom’s Carbon Reduction Commitment Energy Efficiency Scheme (CRCEES) went into effect in April 2010, the nation’s larger companies scrambled to find tools that would help them measure and optimize their carbon emissions. Several major vendors responded by rolling out powerful new solutions—often with a hefty price tag. Carbon Guerrilla took a different approach, and from its inception in March 2010, the company aimed to put carbon accounting tools into the hands of as many companies as possible, at an affordable price. It faced the challenge of creating a robust carbon accounting platform from scratch and needed to implement a trouble ticket system to both manage its software development process and handle support tickets from customers.

Like most cities, the City of Hampton, Virginia relies on tax payments for much of its revenue. The city's tax assessment and collection software must remain in top condition to support tasks such as changing tax assessments, calculating tax rate schedules, and collecting fines and payments. The development staff works hard to respond quickly to IT requests from the Commissioner of the Revenue and Office of the Treasurer. However, the city's traditional IT help desk made it impossible for city staff to collaborate with developers or monitor the status of their trouble tickets, and was not well-suited to support extensive application development. The city needed a way to get internal clients more involved in their tickets, rather than just having them phone in requests to IT.

Prior to implementing Zendesk help desk software in June 2009, Compete was using email to receive and respond to support requests. As the number of requests increased, it became increasingly challenging to respond to customers and pinpoint the high-priority tickets. This inefficiency led to delays in addressing customer issues and a lack of organization in managing support requests. The inside sales and client relations teams at Compete needed a more streamlined and efficient way to handle support requests and trial account activations. The manual process of inputting recurring information and managing multiple applications was time-consuming and prone to errors.

Right from the start, crowdSPRING recognized the need for timely and accurate responses to support requests. In the world of web startups, co-founder of crowdSPRING Mike Samson explains, customer service and support is not something you think about after you’ve built up your customer base, it’s how you build up your customer base. “Customer service is part of our marketing plan,” Samson says. “A large part of our marketing is through word of mouth. Good customer service is the best way to make happy customers.” Rather than play catchup once support requests started coming in, Samson wanted something in place as they grew. Because the company deals with potentially sensitive transactions between individuals and small businesses, he wanted to get a solid support ticketing system (as opposed to just a community help forum) in place.

The Denver Broncos IT team faced the challenge of replacing their existing customer service software. The team needed a solution that was simple, efficient, and could be quickly implemented. The existing system was not meeting their needs in terms of transparency and response times, which were critical for their operations. The team required a system that allowed for easy ticket submission and real-time visibility of support requests, even when agents were away from their desks.

On December 11, 2010, Gawker Media faced a significant data security breach, which required immediate and effective communication with their users. The company, which did not have an extensive customer support setup due to not processing financial transactions, was suddenly inundated with thousands of reader emails requiring personalized responses. Gawker's previous approach of handling customer support requests via email and a customer support message board was insufficient for the sensitive nature of the data breach. They needed a secure and robust support ticketing system to manage the increased level of communication and ensure their readers' concerns were addressed promptly.

Groupon experienced rapid growth shortly after its founding, leading to an overwhelming number of customer requests. Initially, customer service was managed via email, but this quickly became unsustainable. The company needed a scalable, efficient ticketing solution that would not compromise the customer experience.

Moonfruit, a leading hosted website builder in the UK, recently underwent a corporate rebranding and website overhaul. During this process, the company identified inefficiencies in its customer support system. The existing open-source ticketing system lacked integration with social media streams, support forums, and FAQ tools, resulting in extra clicks and a less seamless experience for customers. Moonfruit needed a solution that could consolidate its support functionalities and align with its new brand identity.

The New South Wales Government Licensing Service (GLS) faced the challenge of providing better service, reducing red tape, and minimizing IT costs. They needed an efficient way to handle an increasing number of second-level support requests from more than a hundred first-level business support staff assisting 2,800 public sector users in various government agencies. The existing service desk solution was difficult for non-technical users to use, low on customer usability, and required in-house maintenance, upgrades, and management, which was a distraction from GLS' core business. Integration with other platforms and systems was not possible without direct involvement of external consultants and significant costs.

Postbox began looking for an online help desk software solution that would allow the company to communicate one-on-one with its customers while promoting community engagement and participation. They needed a solution that could support both public and private conversations, allowing the company to exchange sensitive information securely with customers. Additionally, Postbox required a system that could help their support agents collaborate on customer issues while storing all communications in one place. They also needed the ability to search for topics by customer to spot interrelated issues and route requests efficiently using automated business rules.