Abstract Violet Joint

Fast-Growing Dudek Drives Progress, Delivers Excellence from Its People Across the Nation

Company Overview

Industry: Environmental Consulting and Engineering
Encinitas, California
Protected Mailboxes:

Dudek Security Environment

Credential Phishing Wave Flooded Inboxes

The FBI reported that phishing attacks more than doubled from 2019 to 2020, and then increased again by 34% the following year. These attacks increasingly use identity impersonation rather than malicious links and attachments to steal credentials from executives and other employees.

The result for Dudek was more realistic-looking phishing messages reaching their people, particularly the CFO and CEO.

Finding a True Partner, Not Just a Provider

Dudek has spent more than four decades driving progress by engineering solutions for the environmental challenges faced by government agencies, transportation authorities, universities, healthcare organizations, and the construction industry. Dudek’s portfolio includes renewable energy consulting, environmental impact reporting, engineering services for high-speed rail line development, wildfire protection plans, and many other projects.

The firm started as a two-person consulting practice in Encinitas, California in 1980. Now, CIO Brian Nordmann said, “We’re a fast-growing firm doing projects in nearly every state. We’ve got over 500 people in our offices and 200 more in the field across the United States at any time.” While rapidly growing, Dudek prides itself on listening carefully to clients, communicating and collaborating effectively with them, always centering on their clients’ best interests, and being a reliable, easy-to-work-with partner.

In 2020, as many companies saw a rise in advanced email attacks, Dudek realized that credential phishing attacks were a growing problem for its employees and executives. “With the tools we had in place, phishing emails were making it through our defenses, and we were scrambling to remediate issues as they were happening,” Nordmann said. He and the Dudek IT department spent several months methodically evaluating their options. They wanted something cost-effective and quick to deploy that would invisibly protect employees from advanced email attacks. They also wanted to find a solution provider that would be easy to work with, like Dudek.

“At Dudek, we deliver efficiencies throughout our projects, and we seek the same from our partners. We were impressed by Abnormal’s API model, the fact that we could set it up with a 30-minute call, and that it worked seamlessly with our Microsoft 365 environment.”
—Brian Nordmann, CIO

Dudek Needed a New Solution to Keep Threats Out of Its CFO’s Inbox

Dudek’s email security originally relied on Microsoft 365 detection tools to save the cost of a secure email gateway. “We had Exchange Online Protection and Defender for Office 365, and we built up what became an unwieldy rule set to try to keep threats out,” said Stephen Lister, IT Systems Architect. “The result was too many threats getting through, plus too many false positives.”

Sophisticated threats were the hardest to identify. “Our CFO and her team were heavily targeted with messages including details that made it look like a vendor requesting payment. With such a high volume of clients and vendor messages to handle, these emails made their jobs much harder,” Nordmann said.

As recipients reported these emails, the workload shifted to IT. “Before Abnormal, when a malicious phishing email got in, I’d search, find it, and manually purge it,” said Eric Williams, IT Systems Administrator. “Eliminating one phishing email from the environment could take anywhere from 30 minutes to an hour, and we were dealing with it multiple times each week.”

Easy-to-Use Solution Required No Training and Delivered Key Insights

Dudek’s goal was to find a Microsoft-compatible solution for advanced email threats. “We have a cloud-first approach to keep our infrastructure lightweight, and Microsoft is our go-to partner for infrastructure as a service and productivity,” Nordmann said. “We were impressed by Abnormal’s API model, the fact that we could set it up with a 30-minute call, and that it worked seamlessly with our Microsoft 365 environment.”

Abnormal provided other advantages, too. “With Abnormal, we didn’t have to train people on the new email solution,” Lister said. “And during our proof of value trial, Abnormal showed us what they found, why they found it, and what they would have stopped.” Williams agreed. “A lot of the other vendors we looked at generated false positives and missed attacks and they couldn’t explain why.”

Dudek Stats

Abnormal Delivers Immediate Value by Protecting Vendor Relationships

Abnormal’s commitment to engaging with clients proved its value quickly. Soon after Dudek implemented the product, the company was hit with an advanced email attack. “Shortly after we installed Abnormal, we experienced a vendor email compromise (VEC) attack that hijacked a legitimate three-way email conversation about an invoice between a vendor, our accounting department, and our IT department,” said Mark Baldus, IT Infrastructure and Operations Manager.

“The attacker took over the vendor’s email account and tried to steer a large amount of money their way. The conversation had started out legitimate but then we had questions. We worked with the Abnormal team to confirm the compromise and determine the exact point when the conversation was intercepted. That prevented a large transaction from going the wrong way,” Baldus said.

Vendor email compromise attacks can be especially hard to detect because they exploit trusted relationships and known identities. Abnormal’s VendorBase™ continuously assesses the risk and reputation of each vendor across the entire customer ecosystem, monitors the tone and content for changes from known-good behavior, and stops attacks to prevent financial losses.

Abnormal also quickly resolved Dudek’s longstanding credential phishing problem. “Before Abnormal, we got five or six phishing tickets a day. With Abnormal, I’ve only seen one, and it had already gone to quarantine,” said Baldus, who oversees Dudek’s help desk. “Abnormal is just what we needed—a full-service tool that automatically does what we were doing manually before.

“We feel very confident that we have a partner in Abnormal. They not only make sure our email security solution is working optimally, but they also listen when we have feedback.”
—Brian Nordmann, CIO

Dudek Finds Partner That Frees Them to Focus on Growth and Client Service

The Abnormal team works with Dudek to ensure they get the most from their email security solution. “The company has been very responsive to our questions and proactive about checking in to validate the solution,” Nordmann said.

With Abnormal, Dudek has safer inboxes and more time to focus on work. “Our CFO said she’s noticed the decrease in emails that she would have had to report,” Nordmann said. “It has been transformational,” Lister added. “Abnormal has lifted a huge burden off our email team and our end users.”

Let us show you how Abnormal can help keep your organization safe from advanced email attacks. Request a demo today!

Related Resources

B 07 22 22 Super Concept
Since Abnormal blocks advanced threats against SuperConcepts, employees and executives can focus on the future, growing their software and administrative service businesses to help Australians build their retirement funds.
Read More
B 07 08 22 Financial Solutions Brief
Discover the AI-based email security platform that protects financial institutions from the full spectrum of email attacks.
Read More
B 07 19 22 2022 Email Security Trends
We surveyed 300 security leaders to discover what matters most to them when it comes to email security in the current threat landscape.
Read More
B 07 06 22 SANS Whitepaper
This SANS Protects white paper explores some of the most common threats to enterprise email and shares a few ways organizations can block malicious emails from entering their environment.
Read More
B 07 06 22 Sans Webinar B
In this on-demand webinar sponsored by Abnormal Security, you'll learn how cybercriminals execute email-based attacks and how your organization can strengthen your security posture to mitigate these threats.
Watch Now
B 06 01 22 Gone Phishing
In this webinar, Graham Cluley, cybersecurity expert and host of the Smashing Security podcast, and Abnormal Security CISO Mike Britton discuss the latest in phishing attacks.
Watch Now
B 05 16 22 Elara Caring
Elara Caring's CISO consistently saw employees struggle to sort authentic messages from email attacks. He knew there was a better solution to protect patient data and improve the employee experience.
Read More
B 04 08 22 Digital Everything Customer Story
Upon integration with Abnormal, a Fortune Global 500 financial services organization learned that not only had 11,000+ advanced email attacks per month been bypassing its secure email gateway but more than 70 of its vendors had compromised accounts.
Read More
B 03 21 22 CSC Customer Story
While CSC Generation has robust security measures in place, unfortunately, the same couldn't be said for their vendors. To mitigate the risk of payment fraud via compromised vendor accounts, the organization added Abnormal to their security stack and the results spoke for themselves.
Read More
B 04 14 22 CISCO Guide to Phishing
Because phishing emails target human behavior, create a sense of urgency, and appear to come from trusted senders, they can be incredibly difficult to detect. Stopping them before they reach employee inboxes is the key to staying safe.
Download Now
H1 threat report cover
From June-December 2021, Abnormal Security discovered that nearly all types of advanced email attacks grew in frequency, with a new trend of phone fraud using email as the first contact.
Download Now
Everise case study cover
By mid-2021, Everise had more than 11,000 employees to meet new demand for outsourced services. But the shift to remote work brought new email security risks. “Our people are good at what they do, but they’re not email security specialists, and attackers know that."
Read More
Resource 03 COATS
With Abnormal ICES layered over Microsoft Defender, Coats employees are free to focus on continuing the company’s 250-year tradition of innovation, rather than sorting through emails and trying to assess the risks.
Read More
Webinar phish soc cover
Most people believe that the SOC is on the front lines, defending the castles against the forces of darkness. And while that’s true, it’s never quite as heroic as we’d like it to be.
Watch Now
Fireside chat katz cover
Legitimate email communications often contain links and attachments, and employees need to click on those links and attachments to do their jobs. Unfortunately, securing the enterprise often means stopping employees from doing so in an effort to stop bad actors from gaining access to systems or stealing money.
Watch Now
Fortune 200 wealth cover
As a leader in insurance and asset management, this Fortune 200 company recognizes that its security must protect its employees and customers from cyber attacks. Customers place their trust and their assets in the control of this company, so the security team built a robust solution reducing risk, gaining visibility, and securing user identity—the new perimeter.
Read More
Gateway church cover
Gateway chose Abnormal Security because of its uncompromising approach to prevent the email attacks that matter most. In the two years since they've deployed Abnormal, Gateway has not experienced a successful advanced email attack.
Read More
Human element whitepaper cover
The challenge of dealing with cybercrime is complex. Human factors and the human-computer interface are a central component of cybersecurity, and while technology alone will not prevent cybercrime, neither will people. People alone also can also not be relied upon as a last line of defense in an organization’s cybersecurity strategy.
Download Now
Human element webinar cover 2
Cybersecurity is largely a behavioral concern, as cybercriminals use social engineering to trick people into transferring money, entering their credentials, or providing access to sensitive data.
Watch Now
Key considerations webinar cover
Email is both a necessary communication medium, and the most vulnerable area for an attack. Year after year, adversaries find success in abusing email to gain a foothold into an organization—deploying malware, leaking valuable data, or stealing millions of dollars.
Watch Now
B Gartner Highlights 1
The Gartner Market Guide for Email Security explains what integrated cloud email security (ICES) solutions are and why they’re essential for modern enterprises. Download a copy now to learn why enterprises are moving away from the SEG.
Read More