下载PDF
实例探究 > CSC Generation's Deployment of Abnormal Security to Combat BEC Attacks

CSC Generation's Deployment of Abnormal Security to Combat BEC Attacks

技术
  • 网络安全和隐私 - 身份认证管理
  • 网络安全和隐私 - 安全合规
  • 网络安全和隐私 - 应用安全
适用行业
  • 零售
适用功能
  • 商业运营
  • 采购
用例
  • 欺诈识别
  • 网络安全
  • 远程控制
服务
  • 系统集成
  • 网络安全服务
挑战
Business Email Compromise (BEC) has been growing at a breakneck pace over the past several years. Today, it represents more than half of all cyberthreat related financial losses according to the 2019 FBI Internet Crime Complaint Center (IC3) report. BEC attacks are sophisticated threats that leverage social engineering to target employees, who then unwittingly purchase gift cards, redirect payroll deposits or pay fraudulent invoices. As a holding company for retail brands, CSC is a primary target for BEC attacks due to its complex supply chain. Invoice fraud attacks, where attackers pose as suppliers, leverage the trusted relationships of external third parties to redirect legitimate invoice payments into an attackers’ bank account. Attackers have turned their focus toward the retail segment due to the sheer volume of suppliers and the fact that business invoices represent significantly greater value than payroll or gift card fraud. Compounding these issues is CSC’s growth strategy that is fueled by acquisition. The integration of new retail brands, their unique business processes and suppliers, create a dynamic that challenges any systems that cannot adapt to a constantly evolving environment. Traditional security policies become obsolete almost overnight.
关于客户
CSC Generation is a holding company for famous retail brands such as DirectBuy, One Kings Lane, Z Gallerie, and Sur La Table. Part retailer, part investment bank, and part tech company, CSC’s rapid growth is fueled by the combination of acquisitions and digital transformation of the retail brands toward e-commerce. Headquartered in Gardena, CA, CSC Generation operates within the private equity and technology sectors and employs over 1,000 people. The company’s strategy involves acquiring retail brands and transforming them through digital innovation, making it a significant player in the retail and technology industries.
解决方案
CSC quickly deployed Abnormal Security by integrating in minutes via native Office 365 APIs. Without any configuration required, Abnormal Security’s AI automatically developed a deep understanding of the people in the organization and their business relationships. Abnormal automatically mapped CSC’s complex supply chain across its multiple retail brands, incorporating the knowledge from VendorBase, Abnormal’s global, federated data of vendor behaviors and associated risk scores to identify and stop attacks from compromised vendors. These Business Insights provide the critical baseline for identifying anomalous behaviors to stop BEC and other socially engineered attacks.
运营影响
  • Immediately upon integrating, Abnormal Security began identifying and blocking various BEC attacks: from executive impersonation attacks to invoice fraud attempts from established vendors.
  • Abnormal Security also began to provide real-time detection of user accounts that were compromised. This includes the ability to identify incidents where compromised passwords were used to successfully authenticate, but failed MFA.
  • These detections and automated remediations provided significant time savings for the security team from lengthy manual response processes.
数量效益
  • Abnormal Security represents more than half of all cyberthreat related financial losses according to the 2019 FBI Internet Crime Complaint Center (IC3) report.

相关案例.

联系我们

欢迎与我们交流!

* Required
* Required
* Required
* Invalid email address
提交此表单,即表示您同意 IoT ONE 可以与您联系并分享洞察和营销信息。
不,谢谢,我不想收到来自 IoT ONE 的任何营销电子邮件。
提交

Thank you for your message!
We will contact you soon.