Challenges
Insufficiently effective email reporting process
Lack of feedback for the person who reported
Loss of metadata, essential for analysis
Our company receives hundreds of new security eyes, which enable us to detect a lot more of what goes on at any time, and we can keep our security response close to the action when something happens.
Solution
Instant feedback on suspicious email reports
Automatically structured and enriched threat email data
Increased reporting of email-related security incidents
The challenges Storebrand needed to solve
With more than €100 billion in managed capital, the Storebrand group is a leading player in the Nordic market for long term savings and insurance. This makes their 1800+ employees in both Norway and Sweden extremely attractive targets for cybercriminals.
We see that email is the most frequent attack vector against us, in addition to the wide application and attack surface for the entire group.
Storebrand had implemented a manual process for reporting emails, but reporting volume and data quality depended heavily on the tech skills of each colleague.
Most people tried to simply forward the email to notify about something suspicious. This, however, caused us to miss out on important metadata data about the email’s origin and sender, which are essential for deeper analysis and effective countermeasures.
He points out that spam and virus filters are only as good as their last update, and that their security team constantly works on building awareness and following up with all employees.
What Storebrand achieved by using Secure Practice
Storebrand chose Secure Practice to help all their employees handle and report suspicious emails safely - and develop their skills while doing so.
The solution makes a strong contribution to both preventive and operative security operations.
It is much more effective for us when Secure Practice gives the user automatic feedback on results from the analysis, and we see that users appreciate this. In addition, we get all data very accessible when we do our own assessments, and the automation helps us run the analysis much more efficiently. This way, we can put a priority on relevant mitigation efforts, instead of spending time on processing every single email manually.
Martha Eike, who is a Senior Security Manager at Storebrand, describes how Secure Practice simplifies and improves how her colleagues handle suspicious emails in their inboxes.
Secure Practice offers a holistic solution with a great end-user experience. We really like how it allows colleagues to help each other in a simple and visible way.
From an internal survey, Martha can tell that, with Secure Practice in place, people have a really positive experience with being able to verify suspicious emails quickly, including the opportunity to ask for further feedback, if they want it.
The number of reported incidents related to suspicious emails has also increased significantly.
It is exciting to see the puzzle coming together. Email is in one way very simple, yet a complex attack vector against which we need to protect an entire organization. We cannot think about technical solutions and people separately - both need to be aligned.
With MailRisk, each person on the team can start contributing to the organization’s cybersecurity operations and also learn from every report and instant feedback they receive on it.
Building on that, Storebrand continued to upskill and support their colleagues with the educational resources, e-learning, simulated phishing, and preparedness exercises that Secure Practice provides.
We find it exciting how Secure Practice combines a more traditional form for protection and reporting with the opportunity for integrated training of employees on information security.
MailRisk, the part of Secure Practice that Storebrand implemented first, is delivered in collaboration with a managed security services provider (MSSP) that already operates a 24/7 security monitoring service for the financial giant.
Because everyone involved believes in the power of collaboration, the MSSP further developed an integration between Secure Practice and their own security platform to support even deeper, more powerful automation and risk mitigation.
Storebrand is eager to keep this collaboration going and excited to see innovation within such an essential area for them as cybersecurity is.