Mediterranean Restaurant Group Serves Up Security with Abnormal

To help the restaurant business succeed, the Director of Cybersecurity implemented Abnormal Security to stop spear phishing emails and other advanced attacks.
March 10, 2022

At Abnormal Security, we empower our customers through technology to design incredible fashion, protect mortgages and their clients' wealth, keep entertainment running, care for their patients, provide for student learning and so much more. By stopping the email attacks that bypass other security infrastructure, Abnormal provides the protection organizations need to focus on their business. And for one of our customers, that business is serving Mediterranean-inspired cuisine across 80 restaurants in over a dozen states.

To help the restaurant business succeed, the Director of Cybersecurity implemented Abnormal Security to stop spear phishing emails and other advanced attacks. He recently sat down with Abnormal CISO Mike Britton to talk about his experience as an Abnormal customer. While the full video is included here, some highlights are included below.

Deciding Against the Secure Email Gateway For an Improved Efficacy Solution

Much like the rest of the world, this restaurant group was impacted by the pandemic in 2020 when all security was forced to become cloud-based seemingly overnight. And because the organization was small, whaling was a major issue for the company, where executives were seeing a lot of noise. The organization relied on Exchange Online Protection for their Microsoft 365 environment, but these attacks slipped by their current system.

The cybersecurity team first looked at traditional secure email gateways, having had experience implementing them for companies in the past. But when the Director of Cybersecurity started to evaluate them, he realized there might be a better way. He stated, “I asked myself and my team, is a secure email gateway the right architecture to be protecting our email? Do we want another appliance in the path of SMTP? And if the answer is yes, then what in that approach differentiates itself or is still highly relevant today? And we came away from that process feeling like secure email gateways were a little long in the tooth.”

Visionary Director Identifies New Approach to Solve Needs

Enter Abnormal. The team knew that an API-based approach to email security would be cheaper than a legacy SEG, but the real differentiator needed to be a meaningful improvement in efficacy. The director stated, “The architecture and modernness of the solution, the efficacy, and the ROI cost-effectiveness were the three key areas we were evaluating at the time.” While the organization reviewed multiple vendors, they wanted to understand exactly how each performed in their environment.

In order to do see what that efficacy looked like in practice, the organization completed a risk assessment with Abnormal. “Ultimately the architecture mattered a lot. It took less than 30 minutes to set up but the key was that there’s no extra point of failure. The simplicity of Abnormal’s approach was a big draw for us.” And because of the API, there was no need to change mail routing, meaning there was no extra point of failure. Once integrated, Abnormal could detect the email threats sitting in the organization’s environment to determine what was being missed by Microsoft.

Promoting a Defense-in-Depth Solution

As part of the conversation with Britton, the director spoke about a layered email security solution, acknowledging that while Abnormal is not expected to stop 100% of all attacks, it is a vital layer in a defense-in-depth solution. He stated, “And so, do I believe Abnormal is going to catch a hundred percent of all malicious email… I don’t. But that’s also why we have other solutions. There is no silver bullet but defense-in-depth is the best way to approach it, and Abnormal catches attacks much better than others on the market.”

Because the team believes strongly that more layers are important, he adds security awareness training to his email stack, underscoring the importance of the human element. In a recent phishing campaign, employees clicked on phishing emails about 14.5% of the time, which benchmarks very closely to the industry. But by combining this information with what is available in the Abnormal dashboards, the team can understand who is being targeted and fine-tune policies for those most at risk.

With a combination of email security tools, including Microsoft and Abnormal, the cybersecurity team ensures that employees within the restaurant group are protected from the attacks that attempt to trick them into submitting fake invoices or changing payroll details for employees. As a result of the security practices implemented, this restaurant remains protected—and can subsequently focus on providing the best Mediterranean cuisine to customers across the United States

To learn more about the features this organization uses to protect employees and how you can use them too, request a demo of the Abnormal platform today.

Mediterranean Restaurant Group Serves Up Security with Abnormal

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.

Get AI Protection for Your Human Interactions

Protect your organization from socially-engineered email attacks that target human behavior.
Request a Demo
Request a Demo

Related Posts

B 07 22 24 MKT624 Images for Paris Olympics Blog
Threat actors are targeting French businesses ahead of the Paris 2024 Olympics. Learn how they're capitalizing on the event and how to protect your organization.
Read More
B Cross Platform ATO
Cross-platform account takeover is an attack where one compromised account is used to access other accounts. Learn about four real-world examples: compromised email passwords, hijacked GitHub accounts, stolen AWS credentials, and leaked Slack logins.
Read More
B Why MFA Alone Will No Longer Suffice
Explore why account takeover attacks pose a major threat to enterprises and why multi-factor authentication (MFA) alone isn't enough to prevent them.
Read More
Learn how Abnormal uses natural language processing or NLP to protect organizations from phishing, account takeovers, and more.
Read More
B DK Compromise 7 11 24
Discover the top five ways hackers compromise accounts, from exploiting leaked API credentials to SIM swapping partnerships, and more. Learn how these techniques enable account takeover (ATO) and pose risks to enterprises.
Read More
B Sans Recap 7 11 24
Discover trends among modern SOC teams, including misaligned budgets, increased automation, unsatisfactory AI tools, staffing issues, and more.
Read More