Abstract Seafoam Logo Closeup

Webinar Recap: Exploring Modern Email Security with Coats

Learn why Coats, the global leader in industrial thread manufacturing, skipped the SEG and chose Abnormal Integrated Cloud Email Security (ICES) to protect its workforce from modern email threats.

July 6, 2022

As the world's largest manufacturer and distributor of sewing thread and the second-largest manufacturer of zippers, there's a good chance Coats supplied the materials for at least one item in your closet.

For more than 250 years, the organization has made technological innovation a priority—both in terms of how it meets the needs of its customers and how it supports its workforce.

In a recent webinar, I sat down with Benjamin Corll, VP of Cyber Security and Data Protection at Coats, to discuss the email security challenges the organization was experiencing. During the hour we spent together, we talked about how the global manufacturer’s use of the Abnormal Integrated Cloud Email Security (ICES) platform blocked advanced attacks in a way legacy tools never could.

Coats’ Email Security Challenges

Like many enterprises, Coats experienced a considerable year-over-year increase in advanced email attacks during 2020, largely due to the shift to remote work caused by the pandemic. Coats had previously invested in Microsoft Defender for Office 365, which was effective in blocking common email attacks and messages with known indicators of compromise.

However, despite continuous tuning of their system, malicious messages were still being delivered to employee inboxes. Because these attacks were often text-based and contained no known bad indicators like a malicious attachment, they were allowed to bypass basic safeguards and land in employee inboxes.

To help reduce the likelihood of employees engaging with email-based threats, Benjamin and his team provided ongoing security awareness training. Still, he recognized that as long as email attacks were entering employee inboxes, there was no way to eliminate the risk entirely. “Yes, my end users are trained, but somebody’s going to make a mistake,” said Benjamin. “All they have to do is inadvertently click on a link, and all of a sudden, bad things are going to happen.”

For Benjamin, it came down to answering one question: how can Coats properly detect and prevent attacks before end users have the opportunity to interact with them?

Initial Steps to Improve Protection

The security team started by making the filtering rules more strict. Unfortunately, this led to legitimate messages being quarantined. Soon the service desk was fielding a growing number of calls from employees wondering where their important emails were.

Benjamin’s team then spent significant time fine-tuning their safelist and manually creating “if this, then that” transport rules based on email content and context. The result was attention and resources being diverted from innovation and other security priorities.

Benjamin knew the answer was not to replace the technology the organization currently had in place, but instead to find a solution that enhanced Microsoft’s native security capabilities. The objective was to maximize the ROI on the technology investment that had already been made, while also preventing these advanced attacks from being delivered.

On the Hunt for Defense in Depth

Coats first looked into adding a traditional secure email gateway (SEG). But after conversations with multiple SEG providers, Benjamin concluded that the protections a SEG offered were too similar to what Microsoft was already providing. This overlap in features meant that instead of helping the organization achieve defense-in-depth protection, implementing a SEG would likely require Coats to turn off the functionality of their existing solution and hope the SEG was more effective.

From Benjamin’s perspective, the ideal scenario would be to find technology that could offer behavioral analysis-based protection that complemented Microsoft’s threat intelligence-based defense. This would provide Coats with high-accuracy attack detection and prevention against every type of threat in the attack landscape. It would also free the Coats security team to focus on mitigating and remediating other threats.

Once the decision to look for a more innovative technology had been made, Benjamin faced a common challenge for security leaders: assessing the strategic and tactical aspects of a proposed investment and then finding a balance between the two. Thankfully, with more than two decades of experience in information security, Benjamin had a clear idea of what Coats specifically needed from a cloud email security solution.

Must-Haves for an Email Security Solution

Benjamin identified four key attributes that the right security solution would have:

Behavior- and context-based detection with the highest efficacy

First and foremost, Benjamin needed a solution that enabled Coats to achieve defense-in-depth protection. The technology should enhance Microsoft's protection with machine learning and behavioral AI to block the full breadth of email attacks with minimal false positives.

Seamless integration with Microsoft and no disruption to mail flow

Benjamin didn’t want his team to have to worry about changing mail exchange (MX) records or redirecting mail flow. He wanted a platform that integrated directly with Microsoft via APIs to simplify Coats’ security architecture and give the security team complete visibility into email traffic.

Simple implementation with no configuration required

With a security team that was already stretched thin, Benjamin wanted a platform that could be integrated and running as quickly as possible. He didn’t have the ability to accommodate an implementation process that took weeks or required extensive configuration before the solution would be effective.

Automated triage and remediation

One of Benjamin’s biggest challenges was that his analysts were spending too much time writing transport rules to block malicious attacks and researching why legitimate emails were blocked. He needed a solution that leveraged automation, giving time back to his security analysts so they could focus on other threats.

In the course of his research, Benjamin learned that Abnormal Integrated Cloud Email Security (ICES) is the only email security platform that offers precise detection against advanced email attacks, streamlines email security architecture, and reduces security team overhead—all while working seamlessly with Microsoft 365’s native security features.

Following an email security risk assessment, Coats knew partnering with Abnormal was the obvious choice.

Abnormal ICES Optimizes Security Across a Complex Supply Chain

Prior to implementing Abnormal ICES, Coats recorded 1,800 incidents of employees engaging with unsafe messages per year. Since adding Abnormal ICES to its security environment, Coats has seen a 97% decrease in daily unsafe user engagements, saving the security team an average of 30 hours per week on inbox investigations and errant message retrieval. Coats has also had zero accounts compromised in the past year.

In addition, Abnormal’s VendorBase assessed Coats’ 7,099 vendors and evaluated their messages for potential compromise. Based on each vendor’s legitimacy, history of compromise, and history of impersonation attempts both at Coats and across all Abnormal customers, 50 high-risk and medium-risk vendor email accounts were identified. Once identified, messages from these vendors were more closely scrutinized to ensure that all communications were legitimate and that no attacks bypassed the Abnormal platform.

Together, Abnormal and Microsoft provide Coats with a reliable, layered defense that protects its 11,000 employee inboxes from both common and more sophisticated email attacks.

Protecting Coats from Modern Email Threats

With more than 7,000 vendors in its network and a workforce of more than 17,000, Coats is at high risk for socially-engineered attacks—especially financial supply chain compromise. But with Abnormal ICES, Benjamin and the security team at Coats can be confident they have best-in-class protection against all advanced email attacks.

Now, instead of spending hours investigating email-based threats, they can focus on continuing the company’s centuries-long tradition of innovation.


To hear more about Coats’ experience with Abnormal (including a firsthand account of the benefits of Abnormal’s security risk assessment), watch the on-demand webinar.

Image

Prevent the Attacks That Matter Most

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.

Demo 2x 1

See the Abnormal Solution to the Email Security Problem

Protect your organization from the attacks that matter most with Abnormal Integrated Cloud Email Security.

Related Posts

B 1500x1500 Gartner Peer Insights Reviews blog
The Abnormal Security team is committed to providing the best possible solution and support experience to every customer. Here’s what a few of our customers have to say about us.
Read More
B Podcast Engineering 10 07 27 22
In episode 10 of Abnormal Engineering Stories, David Hagar, Director of Engineering and Abnormal Head of UK Engineering, sits down with Zehan Wang, co-founder of Magic Pony.
Read More
B 1500x1500 Email Attack Insights
Join us for a three-part webinar series about the most serious email-based threats, featuring some of the biggest names in cybersecurity.
Read More
B 07 22 22 Webinar Recap
Credential phishing attacks can lead to loss of revenue, loss of data, and long-term reputational damage. Learn why these attacks are successful and how to block them.
Read More
B 07 19 22 2022 Email Security Trends 1
Our new survey explores the current email threat landscape and what security leaders are doing to stay ahead of increasingly sophisticated attacks.
Read More
B 07 14 22 4types
Understanding the ways cybercriminals execute financial supply chain compromise is key to preventing your organization from falling victim to an attack.
Read More
B 07 07 22 Financial Supply Chain Compromise
Financial supply chain compromise, a subset of business email compromise (BEC), is on the rise. Learn how threat actors launch these sophisticated attacks.
Read More
B 06 15 22 Coats Webinar Recap Blog
Learn why Coats, the global leader in industrial thread manufacturing, skipped the SEG and chose Abnormal Integrated Cloud Email Security (ICES) to protect its workforce from modern email threats.
Read More
B 07 30 22 Q2 2022
We’re dedicated to keeping security professionals informed about the latest email threats. Here are a few of our favorite blog posts from Q2 2022.
Read More
B 06 21 22 Threat Intel blog
Executives are no longer the go-to impersonated party in business email compromise (BEC) attacks. Now, threat actors are opting to impersonate vendors instead.
Read More
B 06 7 22 Disentangling ML Pipelines Blog
Learn how explicitly modeling dependencies in a machine learning pipeline can vastly reduce its complexity and make it behave like a tower of Legos: easy to change, and hard to break.
Read More
B 04 07 22 SEG
As enterprises across the world struggle to stop modern email attacks, it begs the question: how are these attacks evading traditional solutions like SEGs?
Read More