Bensons for Beds is one of the UK’s largest bed retailers, operating more than 170 stores nationwide. In 2020, the Bensons for Beds’ IT Security team reviewed their cybersecurity posture, with the aims of improving their resilience and enabling the organization to adapt to advanced phishing threats, remote and hybrid working, and the hardening of the cyber insurance market. The review also came in response to several highly damaging cyberattacks within the UK’s retail sector.
The challenge: People are most at risk when using email
“Everyone knows that cyberattacks are most likely to happen as a result of a phishing email – so that’s the most logical place to start when enhancing your defenses,” states Mark Spicer, Head of IT Transformation and Data Protection Officer at Benson for Beds. “It just takes a single person to click on a single link and without the right protection in place could cause an estate-wide ransomware attack.
“We’d seen a competitor experience an attack that had lasted several weeks, and I’d heard other similar stories within the retail industry”, Mark continues. “At the same time, we were aware that people’s behavior and environments had changed due to remote work. With the full support of our board, the IT Security team began to review our cybersecurity controls.”
As part of their wider security enhancement project, the Benson for Beds’ IT Security team identified email security as a key area for focus. Phishing threats continue to evolve. They are frequently designed to bypass existing defenses and sophisticated social engineering tactics increase an attack’s credibility to make it difficult for users to identify them without the support of technology. Recognizing this, the team wanted to deploy an integrated cloud email security solution alongside their secure email gateway to detect and neutralize these advanced threats.
At the same time, people remain vulnerable to human error when sending emails, and the Benson for Beds’ team also wanted to ensure they could effectively protect sensitive and privileged information when shared by email, especially when sent to shared internal mailboxes.
“On the inbound, we wanted to be sure that we had robust layers of defense in place to protect our people from phishing threats, while enhancing our outbound security to ensure emails and attachments are sent to the correct recipients, with the appropriate encryption applied when needed,” explains Mark.
"By deploying all three solutions from the Intelligent Email Security platform, we are assured that we are protecting against the complete spectrum of inbound and outbound threats in Microsoft 365."
Mark Spicer, Head of IT Transformation and Data Protection Officer, Benson for Beds
The solution: Intelligent email security layered into Microsoft 365
In 2021, the Benson for Beds’ team contacted Egress, having heard about the company’s intelligent email data loss prevention (DLP) tool via word of mouth. Although the initial engagement centered on Egress’ outbound email security capability via Egress Prevent and Egress Protect, the team also quickly saw value from its anti-phishing product, Egress Defend.
“A senior member of the team had already seen Prevent in action and we were keen to understand what benefits it could bring for us,” continues Mark. “We also recognized that we wanted to enhance our inbound email security, so we were soon demoing Defend as well. It was brilliant to be able to find a single provider who could help us enhance both our inbound and outbound security.”
Part of the Egress Intelligent Email Security platform, Defend and Prevent use AI models to detect threats and deliver real-time nudges to users before security incidents can occur. Defend analyzes all inbound email, combining advanced techniques such as natural language processing (NLP) and natural language understanding (NLU) with technical measures such as sender analysis to detect the full spectrum of phishing threats. Dynamic banners are applied to neutralized threats, delivering in-the-moment training to improve security awareness.
Prevent uses machine learning algorithms to deeply understand user behavior and detect when anomalies occur, such as adding an incorrect recipient via Outlook autocomplete, attaching the wrong document, or forgetting to use Bcc for a large recipient list. When deployed with Protect for complete outbound email security, encryption can be automated based on risk scores and keyword libraries. Multi-factor authentication can be applied to encrypted emails, which when combined with encryption at rest in the inbox, ensures only authenticated recipients can access messages from shared mailboxes.
“By deploying all three solutions from the Intelligent Emil Security platform, we are assured that we are protecting against the complete spectrum of inbound and outbound threats in Microsoft 365,” says Mark. “The products integrate smoothly to provide us with holistic security. For example, while Prevent is primarily an email DLP tool, one of the features I most appreciate is its prompt when someone is emailing a recipient for the first time, which could help identify a reply to a phishing email.”
"We’re never complacent when it comes to cybersecurity, however we have a cutting-edge security strategy, with Intelligent Email Security playing a crucial role in stopping inbound and outbound email security threats in Microsoft 365."
Mark Spicer, Head of IT Transformation and Data Protection Officer, Benson for Beds
The results: A cutting-edge security strategy
The Benson for Beds’ team initially deployed Intelligent Email Security in phases among groups of senior employees. “It had to work for them,” Mark explains. “They’re one of the most at-risk groups within the organization and they’re also some of the most important in terms of user experience. Succeeding with them provided a strong positive indication that this was the solution for us.”
The solutions can be rolled out within hours and within four weeks of staggered deployments, every user was onboarded and benefiting from the additional security within Microsoft 365 and enhanced security awareness through real-time teachable moments.
“The heat-based banners alone sold Defend to me!” states Mark. “The way they change dynamically based on risk means people receive tailored insights that actually matter to them. Similarly, the intelligent prompts from Prevent only appear when a mistake is about to be made, so people genuinely get value from them.”
As part of the wider cyber enhancement project, Intelligent Email Security has helped contribute to a significant improvement in Benson for Beds’ security posture. As a result, they can now secure improved cyber insurance coverage at a time when the market was hardening.
“We’re never complacent when it comes to cybersecurity, however, we have a cutting-edge security strategy, with Intelligent Email Security playing a crucial role in stopping inbound and outbound email security threats in Microsoft 365” concludes Mark.