Vendor Email Compromise Surge: Between August 2023 and August 2024, vendor email compromise (VEC) attacks on healthcare organizations rose by 60%, with cybercriminals exploiting trusted vendor relationships to execute complex fraud through social engineering (Source: Abnormal Security).
Healthcare Association Replaces Darktrace with Abnormal, Automating Threat Detection and Triage
Abnormal enhances email security for a leading healthcare association, catching advanced threats and streamlining email security operations.
Industry Context
Phishing Incidents Increase: Phishing attacks on healthcare grew by 37% from August 2023 to August 2024, using sophisticated, AI-enhanced emails that bypass traditional security and capitalize on high-stress healthcare environments (Source: Abnormal Security).
Complex Cybersecurity Landscape: As healthcare relies on vast third-party networks and holds highly sensitive data, evolving cyber threats continue to outpace traditional defenses, underscoring the need for advanced, adaptive security solutions.
Customer Challenge
Missed Attacks: Darktrace allowed advanced email threats, including phishing and impersonation attempts, to reach inboxes, increasing security risks.
High Manual Triage Requirements: The security team had to spend considerable time manually triaging email threats, which added to the operational burden.
Configuration and Maintenance Needs: Darktrace required extensive configuration and regular maintenance, making it challenging to keep up with evolving threats.
Why Abnormal?
Reduced Phishing Open Rates: Abnormal's advanced threat detection led to a 29.4% decrease in phishing email open rates, improving overall threat visibility and strengthening the organization's response capabilities.
Automated Email Classification: Abnormal accurately classified and confirmed the safety of emails initially flagged as graymail, ensuring a more reliable email security system.
Abuse Mailbox Automation: Abnormal’s automated triage and remediation significantly reduced the manual workload for the security team, optimizing resources more effectively than Darktrace, which required extensive manual intervention.
Business Impact
Enhanced Threat Detection: Abnormal detected and addressed 188 threats over three months, effectively mitigating risks that were previously missed by Darktrace.
Efficient Self-Deployment: The association utilized self-deployment, harnessing Abnormal's step-by-step guide and support resources, which allowed for a smooth transition and onboarding of 1,000 users in a single session.
Time Savings and Future-Proofing: Abnormal's automated, non-rule-based approach eliminated the need for manual configuration, saving time for the security team while continuously adapting to new threats, ensuring long-term protection without additional effort.