Forsyth County Takes a Proactive Stance on Data and Operational Security

Security team implements Abnormal to prevent advanced attacks targeting local governments nationwide.

Forsyth County administers more than two dozen community and government services on behalf of the Winston-Salem, North Carolina area. Effectively supporting and communicating with 385,000+ citizens creates extensive security and compliance requirements.

Industry: Government Administration
Winston-Salem, NC
Protected Mailboxes:
Number of Employees:

The Forsyth County Email Security Challenge

Local governments with small budgets and legacy security tools are frequent targets for email-based attacks that erode public trust and waste taxpayer dollars. Forsyth County's key challenges were:

  • Detecting and preventing advanced credential phishing and BEC attacks evading existing security solutions.
  • Providing optimal security value for taxpayers' dollars.
  • Minimizing security team time spent on email investigations and remediation.
“It only takes one event to damage an organization’s reputation,” he said. “A lot of our counterparts around the state have unfortunately taken a beating on reputation because of cyber incidents, and a majority of those were initiated through email. We wanted to strengthen the security of our email communications to prevent losing integrity in the eyes of our citizens.”

The Abnormal Security Solution


Forsyth County wanted an email security solution that would block advanced threats their existing security platform missed and give the security team more time to focus on other tasks. They also sought a future-proof solution that would deliver the best possible value now and in the future, as new threats emerge.

Because Abnormal uses behavioral AI, it quickly learns what is normal activity in an email ecosystem. Deviations from that baseline indicate advanced threats—the kinds that make it past legacy defenses. This fine-grained detection, combined with automatic remediation and superb visibility into threats and email activity, set Abnormal apart from rules-based threat detection systems.

Why Forsyth County Chose Abnormal

Abnormal proved much easier to set up and use than other solutions Forsyth County had worked with. “It was up and going extremely fast, with no disruption at all,” said Jason Ring, Technology Manager.

Soon after the Proof of Value was initiated, Abnormal detected an attempted BEC scam against elected officials in progress.

“The message impersonated one commissioner, urging another commissioner to rush out and buy gift cards for employee rewards. Our Abnormal account team alerted us and we were able to interrupt that active conversation. We felt it was a good example of how Abnormal would help us protect the county.”

The Abnormal dashboard’s threat visibility tools also make security awareness training easier.

“I can see which users are marking suspect emails as phishing, and which are just deleting them, so I know where to focus my training,” said Ring.

The Abnormal Impact: Greater Security, Enhanced Value

With fewer worries about advanced email threats, less time spent on manual remediation, and more up-to-date and precise resources for staff security awareness training, Abnormal has provided the kind of value and support Forsyth County was looking for to protect their public trust.

“I like to work with what I call ‘true partners’—folks who will be part of your team and adopt your mission,” Koontz said. “Abnormal saw where we were and helped us get to where we needed to be.”

Let us show you how Abnormal can help keep your organization safe from advanced email attacks. Schedule a demo today.

Schedule a Demo
Forsyth County Takes a Proactive Stance on Data and Operational Security

See Abnormal in Action

Schedule a Demo

See the Abnormal Solution to the Email Security Problem

Protect your organization from the full spectrum of email attacks with Abnormal.

See a Demo
Integrates Insights Reporting 09 08 22

Related Resources

B 05 08 23 MKT006 Rise of Israel Based BEC Attacks R2
A recent study uncovered the emergence of an Israel-based threat group that launches sophisticated, multistage BEC attacks targeting global enterprises.
Download Now
B 07 20 22 Devastating
Business email compromise (BEC) is no joke, and it continues to increase—despite increased awareness of the issue. Learn about the future of BEC attacks in this on-demand webinar.
Watch Now
B Vendors as Your Largest BEC Threat 07 07 22
Threat actors have shifted their strategy—moving away from internal impersonation and instead focusing on impersonating third parties. Watch the webinar to learn more about this new threat: financial supply chain compromise.
Watch Now
Report fscc cover
For years, executives were the go-to impersonated party in business email compromise attacks. Now, threat actors are opting to impersonate vendors and suppliers instead.
Download Now
Webinar cover 3
Colonial Pipeline. CNA Financial. Quanta. Even the NBA. Hardly a week goes by without a ransomware story hitting the news, as organizations worldwide are targeted by an attack. But are there more dangerous threats out there?
Watch Now
H1 threat report cover
From June-December 2021, Abnormal Security discovered that nearly all types of advanced email attacks grew in frequency, with a new trend of phone fraud using email as the first contact.
Download Now
Webinar hacking tobac cover
Rachel Tobac talked to Abnormal Security's CISO Mike Britton about hacking, social engineering attacks, and how to protect your organization.
Watch Now
Webinar beyond spam cover
Adversaries are increasingly targeting the enterprise email inbox, and security teams need to look further than just spam and phishing attacks.
Watch Now