159 High-Risk Vendor Accounts Detected: Multinational Healthcare Services Provider Reduces Supply Chain Risk by Replacing Proofpoint with Abnormal

• Industry: Healthcare

• Mailboxes: 98,600+

• Previous Email Security: Proofpoint Secure Email Gateway inline with Microsoft 365 E1 and E3

• Detection Efficacy:

  • In a seven-week read-only-mode evaluation period, Abnormal detected 868 malicious messages that Proofpoint missed—an average of 16 per day.

• Delayed Remediation:

  • Over the same seven-week evaluation period, the Proofpoint SEG had a median time to action of 18 minutes per attack—with nearly one in five attacks taking more than 8 hours to post-remediate, while some attacks remained in inboxes for up to 42 hours.

• Risk of Vendor Fraud:

  • Upon integration for a second 25-day evaluation period, Abnormal’s VendorBase evaluated the security posture of every vendor in the company’s ecosystem. In addition to identifying 159 high-risk accounts that could be potentially abused by bad actors during this 25-day period, Abnormal detected 12 attacks from vendor domains.

Recognizing that Proofpoint was failing to meet their needs in terms of security, costs, and productivity, the healthcare services provider initiated a 25-day proof of value (POV) period with Abnormal.

• Fast Integration:

  • Abnormal integrated with the Microsoft 365 platform via API in under 60 seconds, with virtually no professional services required.

• Enhanced Detection:

  • During the 25-day POV, Abnormal’s behavioral AI detected more than double the number of attacks that Proofpoint post-remediated. Based on the number of attacks identified for remediation, the average compromise rates Abnormal has observed for the customer’s industry segment*, and the average cost per incident**, this could have resulted in an estimated $1.35 million in annual losses if similar undetected attacks had continued at this pace.

• Workforce Productivity Impact:

  • During the 25-day evaluation period, the company’s employees received an estimated 1.3 million graymail messages. Because Proofpoint failed to automatically filter these messages, the company’s employees were faced with cluttered inboxes that required employees to spend significant time manually deleting the graymail.

After evaluating the results of the POV, the multinational healthcare services company decided to migrate off Proofpoint. Abnormal’s seamless Proofpoint migration service enabled the customer to easily decommission Proofpoint with minimal effort.

• Employee Productivity Gains:

  • By using AI to eliminate opportunities for end users to engage with malicious emails, Abnormal saved the company’s employee base 875 hours during the 25-day evaluation/POV period. Assuming the same attack rates observed over the 25-day evaluation/POV, this could result in an estimated 13,000 hours annually for the company.

• Reduced Software Costs:

  • The company was poised to spend a significant amount in IT costs on renewing Proofpoint for features that significantly overlapped with functionality included in the native SEG capabilities of the Microsoft 365 platform.

Find out why enterprises across industries are moving from Proofpoint to Abnormal. Get started with a demo today and we’ll show you the proof of the Abnormal value.

* Source: Abnormal Internal Operations Data

** Source: Average cost figures taken from the following third party studies: NetDiligence Cyber Claims Study 2023 Report, 2023 Unit 42 Ransomware and Extortion Report, IBM Cost of a Data Breach, The Parallax View