FS-ISAC Preview Blog: New Approaches to Detecting and Preventing Vendor Email / Supply Chain Compromise

On Thursday, April 29th Abnormal Security’s CEO, Evan Reiser, and MassMutual’s Head of  Security Operations Center, Eric Guzek, will present at the FS-ISAC Spring Virtual Summit on new approaches to preventing vendor email compromise and supply chain compromise.

Your organization’s security is only as strong as your vendor’s security. Compromised supply chain attacks represent a massive risk to organizations and they often slip by due to the trusted relationships between vendors and their enterprise counterparts. The frequency of supply chain attacks is increasing, and the most vulnerable and frequently targeted channel for these attacks is email. Abnormal’s session will address why these attacks consistently bypass traditional email security, like Secure Email Gateways, and how your organization can eliminate this threat.

Topics in this session will include:

  • The Rise of Vendor Email Compromise (VEC) — The volume and frequency of VEC attacks are rapidly rising. According to the most recent 2020 FBI IC3 Report, the #1 threat facing organizations are socially-engineered email attacks from compromised vendors.
  • MassMutual’s Security Overview — We’ll walk through an overview of MassMutual’s security architecture and discuss how adding an API-Based behavioral data science tool filled the gaps.
  • An Inside Look at a Real VEC Threat — Deep dive into a real VEC attack, how it bypassed Secure Email Gateways (SEGs), and how Abnormal Security used behavioral data science to detect this threat. 
  • Uncovering VEC Signals & Techniques — We’ll look at how attackers exploit the gaps in methods used by traditional email security to bypass them, and the new approaches required to address those gaps.

Based on Abnromal’s research, organizations have a 50% chance of getting hit with a VEC attack in any given quarter. If you’re interested in learning how new approaches can help prevent these advanced attacks, join our session!

We encourage you to bring any questions you have to the session; we’ll happily answer them during the presentation – or follow up with you after if you can’t make it. If you’re a member of FS-ISAC, register here to join the virtual summit and watch our presentation on April 29th.

Alternatively, schedule a demo and we can show you how Abnormal Security can protect your organization.

Related content