Agriculture and Consumer Goods Company Improves Overall Security by Replacing Proofpoint with Abnormal

This leading company knows how to build value across a diversified business ecosystem. It produces several well-known consumer brands, but its scope extends far beyond a single category. The company’s operations include regenerative organic certified farms, farming and milling in several countries, sustainable consumer packaging, and renewable energy production from crop waste.

The company continuously improves its security by following the NIST and MITRE ATT&CK frameworks. “We’re always looking at new technology because legacy ways aren’t always the best anymore,” said the CISO. One example was the company’s secure email gateway. Installed in front of Microsoft 365, Proofpoint was failing to catch hijacked conversations and other advanced attacks. As a result, the company used time-consuming backstop procedures to prevent business email compromise attacks like payroll diversion and invoice fraud.

“Any request to update payment data went to an IT team that would spend 3-4 hours validating its legitimacy. If there was an incident, the security team would spend at least 20 hours resolving it. Proofpoint’s cost and questions about whether it was furthering our NIST and MITRE goals prompted us to look at other options,” said the CISO.

“Abnormal saves us time, improves our security, and eliminates our need for a SEG. Switching to Abnormal allowed us to reallocate 60% of our former SEG budget to buy additional solutions to address our other security needs.”
—CISO

The CISO decided to run an Abnormal POV, though he was initially skeptical of claims about Abnormal’s ease of deployment. “They said it would take 15 minutes to set up and 24-48 hours to start seeing results—and it did. It also hooked into our environment in the backend, so we avoided the DNS and routing changes that can bring down mail systems during POV setups.”

Abnormal quickly started catching attacks that Proofpoint and Microsoft 365 had missed. One was an intrusion into an ongoing conversation with a vendor by an attacker using a lookalike domain. “After reviewing the results and getting reviews from other Abnormal users, there was no reason to keep using our SEG,” said the CISO. “Abnormal caught every single attack that sought to change account details, and much more.”

The CISO saw that adopting Abnormal would allow the company to deprecate Proofpoint, which the company did within a week of activating Abnormal. “We were able to reduce our SEG budget by 60% and use that money to buy other security solutions.”

In addition to stopping more attacks, Abnormal’s automation features save the company more than 30 hours a month that a security analyst used to spend investigating and responding to user-reported phishing emails. Now, the analyst has time for more challenging projects and professional growth. “Before, that was a manual process and a nightmare, and 99% of the time the messages were spam but not malicious. Abnormal allows the team to work more efficiently, and end users have noticed fewer questionable messages reaching their inboxes.”

“The SEG is dying. Generative AI makes it easier and faster than ever to craft realistic-looking email attacks, even without coding skills or the resources of state sponsorship—and it’s going to get worse before it gets better. If we don’t have something innovative pushing the boundaries and stopping these attacks, we’re going to fall behind. Abnormal’s AI engine gives us an advantage against new threats that SEGs can’t provide.”
—CISO

Further, Abnormal’s dashboard and reporting tools help the CISO easily notify executives when they’re being targeted, add email data to the monthly security scorecard, and report to the Board of Directors. By saving the company time and money, Abnormal helps the company pursue its security framework goals while protecting against advanced email threats—and show that ROI.

The CISO believes any security leader who’s worried about the evolving nature of email attacks should consider Abnormal. “Try it and see for yourself. It only takes 15 minutes to set up, and you’ll be surprised by what’s getting through your current solutions.”