At a glance
- Deployed Egress Intelligent Email Security to bolster email security and streamline workflows.
- Reduced false positives and operational delays with Egress’ real-time alerts.
- Empowered IT team with proactive threat detection, reducing workload.
- Enhanced user risk management capabilities with Egress Human Risk Management dashboard.
Traditional security frameworks creating bottlenecks in operations
As a prominent law firm operating across key industries in Australia including Government, Health, Education, Insurance & Finance and Property, Makinson d’Apice relies on email to share sensitive court documents and client communications. Consequently, it must ensure employees do not compromise confidential information by falling victim to phishing attacks, accidentally sending emails to unauthorized recipients, or failing to apply appropriate levels of encryption.
Previously, the secure email gateway (SEG) Makinson d’Apice had in place not only quarantined valid business emails—leading to a significant administrative workload—but also failed to identify sophisticated phishing attacks, particularly those involving impersonation.
Asitha Udumalagala, Head of IT and CISO at Makinson d’Apice, explains: “The number of false positives reported by employees was not only putting a massive strain on the IT team, but also slowed down business operations. As a law firm, we can’t afford to have legitimate communications sitting in quarantine, waiting to be released.”
Commenting on outbound risks, Asitha states: “Our previous solution for misdirected files and attachments was overly manual. Users were required to navigate through multiple checklists, often clicking through these checks quickly and rendering the solution ineffective.” Consequently, they sought an intelligent solution capable of comprehensively addressing the entire spectrum of inbound and outbound email threats, while identifying high-risk users within the organization.
Enhanced visibility of risk with user profiling
Following a successful POC in November 2022, Makinson d’Apice deployed the full Egress Intelligent Email Security platform across all 200 employees to enhance their overall security posture and alleviate the manual workload carried out by the security team.
Comprised of Egress Defend, Egress Prevent, and Egress Protect, the platform seamlessly integrates with Microsoft 365, utilizing AI models and an adaptive security architecture to detect and respond to threats, as well as providing real-time nudges to alert users before security incidents can occur.
Defend leverages pre-generative and zero-trust models, as well as linguistic, contextual, and behavioral analysis to detect advanced phishing attacks. On the outbound, Prevent and Protect combine contextual machine learning, intelligent DLP, and encryption to ensure emails are sent to the correct recipients, containing the right information, and are appropriately protected relative to the level of risk.
When reviewing Defend, Asitha immediately saw the benefit in the dynamic heat-based banners, explaining: “The banners provide real-time coaching without disrupting workflow. The red and amber warnings dramatically reduced the number of reported false positives and have eliminated the delays and complexities of a quarantine system.”
In addition, the team were particularly impressed in Egress’ Human Risk Management dashboard which provides an aggregated human risk score for each individual user based on Egress product telemetry, data from products within the organization’s cybersecurity ecosystem, open-source intelligence (OSINT), and user behavior.
“The Egress dashboards have given us unparalleled insight into the threats targeting our organization, and ... have saved my team hours of manual work every day.”
Asitha Udumalagala, Head of IT and CISO, Makinson d’Apice
Makinson d'Apice minimizes risk and boosts awareness with Egress
Immediately following deployment, Defend successfully identified several phishing attacks impersonating a senior practitioner within the firm. The Defend banners effectively alerted users to the threat, without causing any disruption to legitimate communications.
“As a law firm, anything we can do to improve business continuity while ensuring sensitive information remains confidential is essential—and this is exactly what Egress has done for us,” says Asitha. “Similar to Defend, Prevent has introduced minimal user friction. On average, people only see a prompt once every three weeks and only when an actual incident is about to occur.”
“Thanks to Egress, our security awareness has increased remarkably, transforming our entire approach to protecting sensitive information,” concludes Asitha. The shift is significant - we couldn’t imagine going back to the old setup.”