– Nearly every successful cyber attack involves malicious use of email. We are excited to see
how Secure Practice contributes to solve this challenge, by enabling users to check suspicious
emails and get a timely response, explains Richard K. Jensen, director of sales at Mnemonic.
Mnemonic is an international cyber security partner which features as a representative vendor in
Gartner’s market guide for Digital Forensics and Incident Response Services. With offices in Norway,
Sweden, UK and the US, their customers can benefit from 24/7 security monitoring based on a global
– Although email gateway solutions deal with 99 % of spam, some emails will always
reach through to end users. Even one percent of a large volume is still a lot, and this is where
Secure Practice helps out, continues Jon-Finngard Moe, manager of Mnemonic's system integration
Hybrid analysis model
With end-user access to check any email, Secure Practice gives room for a second opinion on anything
that passes beyond spam filters. Although a large amount of analysis has been automated, some emails
will still need manual investigation.
In partnership with Secure Practice, Mnemonic has built an integration which turns this into
a completely transparent operation for their customers. End-users receive the verdict directly
through the Outlook add-in, and every analysis comes to the benefit of everybody else.
– With the service APIs, we can run every email through several automated checks, in addition
to the machine learning service provided by Secure Practice. Most of these analyses will be
determined automatically, and within seconds, says Moe.
Mnemonic's Security Operations Center (SOC) is further staffed by several experts who analyse
thousands of events every hour. Now, they can be reached directly by end-users in a matter of
minutes, unless of course automation has taken care of the request already.
– This is much more efficient than common practice today, where employees sometimes forward
suspicious emails to their IT administrator, or other colleague internally. Usually this goes down
without including email headers and attachments, so the IT administrator needs to respond back
asking for a complete message, which takes up a lot of time, explains Jon-Finngard Moe.
Digitalization where it matters most
Moe describes how Mnemonic is offering email analysis as an integrated service to their customers,
and continues to invest in their partnership with Secure Practice.
– Getting access to the right data is critical for efficient incident response. With this
partnership, everything goes into our analysis pipeline so we can find threats faster, and
potentially propagate threat data to automate mitigating actions, he explains.
– Among the events we analyse, we also see new, directly targeted campaigns that have
yet to be detected by any signature. This is where an even higher value in our hybrid analysis
model is found, Moe continues.
Mnemonic is already using data from analyzed emails to block malicious DNS lookups in customer
networks. They are also developing integrations which make it possible to automatically remove
detected email threats across customer email servers.
– We need to focus our efforts where they matter the most, and email is where we find
the volume of attacks. Thus, this is also where you can retrieve the biggest rewards through
automation and digitalization, says Moe.
– It is also great to see that end-users can be valuable contributors to security, in contrast
to being perceived and treated as a problem, Richard K. Jensen concludes.