Mediterranean Restaurant Group Serves Up Security with Abnormal

To help the restaurant business succeed, the Director of Cybersecurity implemented Abnormal Security to stop spear phishing emails and other advanced attacks.
March 10, 2022

At Abnormal Security, we empower our customers through technology to design incredible fashion, protect mortgages and their clients' wealth, keep entertainment running, care for their patients, provide for student learning and so much more. By stopping the email attacks that bypass other security infrastructure, Abnormal provides the protection organizations need to focus on their business. And for one of our customers, that business is serving Mediterranean-inspired cuisine across 80 restaurants in over a dozen states.

To help the restaurant business succeed, the Director of Cybersecurity implemented Abnormal Security to stop spear phishing emails and other advanced attacks. He recently sat down with Abnormal CISO Mike Britton to talk about his experience as an Abnormal customer. While the full video is included here, some highlights are included below.

Deciding Against the Secure Email Gateway For an Improved Efficacy Solution

Much like the rest of the world, this restaurant group was impacted by the pandemic in 2020 when all security was forced to become cloud-based seemingly overnight. And because the organization was small, whaling was a major issue for the company, where executives were seeing a lot of noise. The organization relied on Exchange Online Protection for their Microsoft 365 environment, but these attacks slipped by their current system.

The cybersecurity team first looked at traditional secure email gateways, having had experience implementing them for companies in the past. But when the Director of Cybersecurity started to evaluate them, he realized there might be a better way. He stated, “I asked myself and my team, is a secure email gateway the right architecture to be protecting our email? Do we want another appliance in the path of SMTP? And if the answer is yes, then what in that approach differentiates itself or is still highly relevant today? And we came away from that process feeling like secure email gateways were a little long in the tooth.”

Visionary Director Identifies New Approach to Solve Needs

Enter Abnormal. The team knew that an API-based approach to email security would be cheaper than a legacy SEG, but the real differentiator needed to be a meaningful improvement in efficacy. The director stated, “The architecture and modernness of the solution, the efficacy, and the ROI cost-effectiveness were the three key areas we were evaluating at the time.” While the organization reviewed multiple vendors, they wanted to understand exactly how each performed in their environment.

In order to do see what that efficacy looked like in practice, the organization completed a risk assessment with Abnormal. “Ultimately the architecture mattered a lot. It took less than 30 minutes to set up but the key was that there’s no extra point of failure. The simplicity of Abnormal’s approach was a big draw for us.” And because of the API, there was no need to change mail routing, meaning there was no extra point of failure. Once integrated, Abnormal could detect the email threats sitting in the organization’s environment to determine what was being missed by Microsoft.

Promoting a Defense-in-Depth Solution

As part of the conversation with Britton, the director spoke about a layered email security solution, acknowledging that while Abnormal is not expected to stop 100% of all attacks, it is a vital layer in a defense-in-depth solution. He stated, “And so, do I believe Abnormal is going to catch a hundred percent of all malicious email… I don’t. But that’s also why we have other solutions. There is no silver bullet but defense-in-depth is the best way to approach it, and Abnormal catches attacks much better than others on the market.”

Because the team believes strongly that more layers are important, he adds security awareness training to his email stack, underscoring the importance of the human element. In a recent phishing campaign, employees clicked on phishing emails about 14.5% of the time, which benchmarks very closely to the industry. But by combining this information with what is available in the Abnormal dashboards, the team can understand who is being targeted and fine-tune policies for those most at risk.

With a combination of email security tools, including Microsoft and Abnormal, the cybersecurity team ensures that employees within the restaurant group are protected from the attacks that attempt to trick them into submitting fake invoices or changing payroll details for employees. As a result of the security practices implemented, this restaurant remains protected—and can subsequently focus on providing the best Mediterranean cuisine to customers across the United States

To learn more about the features this organization uses to protect employees and how you can use them too, request a demo of the Abnormal platform today.

Mediterranean Restaurant Group Serves Up Security with Abnormal

See Abnormal in Action

Schedule a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.


See the Abnormal Solution to the Email Security Problem

Protect your organization from the full spectrum of email attacks with Abnormal.

See a Demo
Integrates Insights Reporting 09 08 22

Related Posts

B Disney Attack Blog
This Disney+ scam email uses brand impersonation and personalization to send a convincing fake subscription charge notice.
Read More
B 2024 Cybersecurity Predictions
As AI becomes more prevalent in the new year, discover how our experts believe the world will change—for both good and bad.
Read More
B 11 27 23 ATO Stats
Account takeover allows threat actors to steal sign-in credentials and access an organization's network. Read some eye-popping stats about ATO cost and frequency.
Read More
B Unmasking Vendor Fraud
Learn about the techniques, tools, and technologies we use to train the models that form the backbone of our vendor fraud detection.
Read More
Get the latest insights from the 2023 ISC2 Cybersecurity Workforce Study, including which skills are most sought-after, how careers have changed, and how AI is affecting the industry.
Read More
B Good Bad Ugly Future of AI
Hear about positive and malicious use cases of AI and how to protect against novel threats in this recap from Chapter 3 of our Convergence of AI + Cybersecurity series.
Read More