Company Overview

Industry: Environmental Consulting and Engineering
Location:
Encinitas, California
Protected Mailboxes:
1000+

Dudek Security Environment

Credential Phishing Wave Flooded Inboxes

The FBI reported that phishing attacks more than doubled from 2019 to 2020, and then increased again by 34% the following year. These attacks increasingly use identity impersonation rather than malicious links and attachments to steal credentials from executives and other employees.

The result for Dudek was more realistic-looking phishing messages reaching their people, particularly the CFO and CEO.

Finding a True Partner, Not Just a Provider

Dudek has spent more than four decades driving progress by engineering solutions for the environmental challenges faced by government agencies, transportation authorities, universities, healthcare organizations, and the construction industry. Dudek’s portfolio includes renewable energy consulting, environmental impact reporting, engineering services for high-speed rail line development, wildfire protection plans, and many other projects.

The firm started as a two-person consulting practice in Encinitas, California in 1980. Now, CIO Brian Nordmann said, “We’re a fast-growing firm doing projects in nearly every state. We’ve got over 500 people in our offices and 200 more in the field across the United States at any time.” While rapidly growing, Dudek prides itself on listening carefully to clients, communicating and collaborating effectively with them, always centering on their clients’ best interests, and being a reliable, easy-to-work-with partner.

In 2020, as many companies saw a rise in advanced email attacks, Dudek realized that credential phishing attacks were a growing problem for its employees and executives. “With the tools we had in place, phishing emails were making it through our defenses, and we were scrambling to remediate issues as they were happening,” Nordmann said. He and the Dudek IT department spent several months methodically evaluating their options. They wanted something cost-effective and quick to deploy that would invisibly protect employees from advanced email attacks. They also wanted to find a solution provider that would be easy to work with, like Dudek.

“At Dudek, we deliver efficiencies throughout our projects, and we seek the same from our partners. We were impressed by Abnormal’s API model, the fact that we could set it up with a 30-minute call, and that it worked seamlessly with our Microsoft 365 environment.”
—Brian Nordmann, CIO

Dudek Needed a New Solution to Keep Threats Out of Its CFO’s Inbox

Dudek’s email security originally relied on Microsoft 365 detection tools to save the cost of a secure email gateway. “We had Exchange Online Protection and Defender for Office 365, and we built up what became an unwieldy rule set to try to keep threats out,” said Stephen Lister, IT Systems Architect. “The result was too many threats getting through, plus too many false positives.”

Sophisticated threats were the hardest to identify. “Our CFO and her team were heavily targeted with messages including details that made it look like a vendor requesting payment. With such a high volume of clients and vendor messages to handle, these emails made their jobs much harder,” Nordmann said.

As recipients reported these emails, the workload shifted to IT. “Before Abnormal, when a malicious phishing email got in, I’d search, find it, and manually purge it,” said Eric Williams, IT Systems Administrator. “Eliminating one phishing email from the environment could take anywhere from 30 minutes to an hour, and we were dealing with it multiple times each week.”

Easy-to-Use Solution Required No Training and Delivered Key Insights

Dudek’s goal was to find a Microsoft-compatible solution for advanced email threats. “We have a cloud-first approach to keep our infrastructure lightweight, and Microsoft is our go-to partner for infrastructure as a service and productivity,” Nordmann said. “We were impressed by Abnormal’s API model, the fact that we could set it up with a 30-minute call, and that it worked seamlessly with our Microsoft 365 environment.”

Abnormal provided other advantages, too. “With Abnormal, we didn’t have to train people on the new email solution,” Lister said. “And during our proof of value trial, Abnormal showed us what they found, why they found it, and what they would have stopped.” Williams agreed. “A lot of the other vendors we looked at generated false positives and missed attacks and they couldn’t explain why.”

Dudek Stats

Abnormal Delivers Immediate Value by Protecting Vendor Relationships

Abnormal’s commitment to engaging with clients proved its value quickly. Soon after Dudek implemented the product, the company was hit with an advanced email attack. “Shortly after we installed Abnormal, we experienced a vendor email compromise (VEC) attack that hijacked a legitimate three-way email conversation about an invoice between a vendor, our accounting department, and our IT department,” said Mark Baldus, IT Infrastructure and Operations Manager.

“The attacker took over the vendor’s email account and tried to steer a large amount of money their way. The conversation had started out legitimate but then we had questions. We worked with the Abnormal team to confirm the compromise and determine the exact point when the conversation was intercepted. That prevented a large transaction from going the wrong way,” Baldus said.

Vendor email compromise attacks can be especially hard to detect because they exploit trusted relationships and known identities. Abnormal’s VendorBase™ continuously assesses the risk and reputation of each vendor across the entire customer ecosystem, monitors the tone and content for changes from known-good behavior, and stops attacks to prevent financial losses.

Abnormal also quickly resolved Dudek’s longstanding credential phishing problem. “Before Abnormal, we got five or six phishing tickets a day. With Abnormal, I’ve only seen one, and it had already gone to quarantine,” said Baldus, who oversees Dudek’s help desk. “Abnormal is just what we needed—a full-service tool that automatically does what we were doing manually before.

“We feel very confident that we have a partner in Abnormal. They not only make sure our email security solution is working optimally, but they also listen when we have feedback.”
—Brian Nordmann, CIO

Dudek Finds Partner That Frees Them to Focus on Growth and Client Service

The Abnormal team works with Dudek to ensure they get the most from their email security solution. “The company has been very responsive to our questions and proactive about checking in to validate the solution,” Nordmann said.

With Abnormal, Dudek has safer inboxes and more time to focus on work. “Our CFO said she’s noticed the decrease in emails that she would have had to report,” Nordmann said. “It has been transformational,” Lister added. “Abnormal has lifted a huge burden off our email team and our end users.”

Let us show you how Abnormal can help keep your organization safe from advanced email attacks. Request a demo today!

Related Resources

B 10 19 22 AC Transit Vid 1
Together, Abnormal and Microsoft provide AC Transit with a robust, efficient security solution that blocks advanced threats from reaching inboxes.
Watch Now
B 10 05 22 Sentara
With Abnormal, not-for-profit healthcare organization Sentara enjoys reduced inbox threats, better employee email experiences, and more time to cultivate cybersecurity talent.
Read More
B 10 18 22 Abnormal for Manufacturing
Attackers go after manufacturers to steal data, engage in corporate or nation-state espionage, and commit financial fraud. Learn how Abnormal protects manufacturers.
Read More
B 10 05 22 Cloud Email Security Strategy Checklist
Determine what you need from a cloud email security platform and ensure you ask the right questions when evaluating potential solutions.
Read More
B NHS
The NHS is a magnet for cybercriminals, with 81% of organisations across the UK suffering a ransomware attack in the past year. Learn how Abnormal protects the NHS.
Read More
B 10 3 22 Technology Industry Solution Brief
Cybercriminals target technology companies for their data, their funds, and their connections to vendors, partners, and customers. Learn how Abnormal protects tech companies.
Read More
B 09 26 22 Legal Solution Brief
Criminals target legal organizations for sensitive data, launching increasingly sophisticated email attacks that are difficult to detect. Learn how Abnormal protects law firms.
Read More
Blog cybersecurity awareness month
It's important to take time to evaluate your email security practices, both for your employees and across your organization. These resources can help.
Download Now
B 09 22 22 Government Solution Brief
Threat actors know that state and local governments have troves of data and access to critical operational processes. Learn how Abnormal protects state and local governments.
Read More