Security is all about loss prevention. Stores can hire guards; IT departments add specialist equipment. Both work reasonably well—at least at what they have been doing. In fact, so well that the bad actors have had to turn to new ways to win.

Threats made via IT services began with massive, indiscriminate attacks via spam, largely countered with spam filters. Then came malware campaigns, more sophisticated and addressed by more advanced threat mitigation tools. Perhaps because of the success of these defenses, the fundamental nature of attacks has changed. New threats come from confidence tricksters who slip past the guard, slide invisibly through the firewall, and talk real people—fallible human beings—into giving them what they want.

Conventional security best practices don’t catch them. Time-consuming staff training programs don’t prevent them. These kinds of compromises are growing consistently year over year because traditional defenses aren’t enough.

The FBI reports that the biggest threat to corporate security now comes from email messages and compromised email accounts.* Fraudsters conduct elaborate scams that use social engineering to persuade corporate staff to make unauthorized fund transfers. They impersonate suppliers, pretend to be insiders, and use stolen information and inspired guesswork as they successfully submit fake invoices, redirect payments, or steal valuable IP.

Social engineering: This is the new frontier for corporate IT security.

*2019 Internet Crime Report, FBI, February 2020

The Abnormal response

What’s needed is a new response to this new threat; the normal response—educate your people to be more careful—is a cop-out, a sign someone has given up. And more importantly, the normal response just doesn’t work.

This is where a new startup, Abnormal Security, steps in with a solution built on AI that’s proving more than a match for cyberattackers, identifying and flagging the troublemakers before they get to do their work. Abnormal Security provides a service that plugs into an organization, analyzing communications, understanding its people, their preferences, and their communications habits, and learning what’s normal for that business and what’s not. It’s transparent and fully compatible with Microsoft 365. When something doesn’t seem right—say, an unusual message from a supplier, too frequent communication, or an odd collection of recipients—Abnormal Security threat protection kicks in, flags the problem to administrators, and can even pre-empt it before it can become an issue for your business. It helps overcome the vagaries and inconsistencies of well-intentioned staff who are doing their best, but are often no match for the subtleties of behavioral attacks that are designed to deceive them.

It’s like everyone in the organization, without even realizing it, has Abnormal by their side, helping them stay safe and secure. An invisible assistant that continues to learn and gets smarter every day as it figures out what seems right and what seems a little out of the ordinary or unexpected.

Who is Abnormal Security?

Abnormal Security cofounders Evan Reiser and Sanjay Jeyakumar must be stalwart security experts used to being tucked away in a lab, deep in the mathematical weeds of complex network algorithms, right?

Wrong. That’s not where they and the majority of the top data scientists have been working. Much of the excitement, innovation, and profitability in machine learning has come from innovations in the online advertising industry, and that’s where the Abnormal team cut its teeth. Leaders Evan and Sanjay have deep experience building state-of-the-art user behavior analysis and modeling for world-class blue-chips like Twitter, Google, and Amazon. They have applied AI to develop leading-edge innovations in social networking, advertising, and search. They produced software that helps understand people’s behavior, their preferences, what they care about, what interests them, what’s engaging for them, and what’s not. And in a light-bulb moment, Evan saw the connection between those key technologies that had so far propelled their success and the intersection of social engineering and cybersecurity. He saw an opportunity to take a road much less traveled, preventing threats and solving previously unsolvable problems that were leading to businesses losing millions to fake invoices, redirected accounts, and stolen information.

Much of the excitement, innovation, and profitability in machine learning has come from innovations in the online advertising industry, and that’s where the Abnormal team cut its teeth.

— Evan Reiser, CEO, Abnormal Security

Abnormal investors

Greylock Partners has helped launch some of the most successful tech startups, and has made substantial investments in Abnormal. That’s quite an achievement, and it came partly as a result of a great idea and partly because the idea was pitched by a seasoned startup team, but significantly (as Evan is quick to point out) because Evan and Sanjay had already conducted considerable customer research. They discovered that potential customers were very clear: We recognize socially engineered attacks are a real problem for us. We need a solution, and if you build it, we will buy—or at the very least, put it into trials. The great idea, the potential customers, and the resulting investor interest were enough to help attract a world-class team to complete the circle and make it all happen. Evan sums it up: “Here’s how we jump-started: Investor commitment depended on a great solution, demonstrated commitment from potential customers, and our ability to assemble a great machine learning team from day one. We delivered on all three.”

It wasn’t without risk, and investors readily pointed out that email compromise was the number one cybercrime problem and that no one else had yet managed to solve it. What made Abnormal the best bet? It was the track record of the founders, the skills of the proposed team, and the commitment to partnering with Microsoft and Microsoft’s enterprise ecosystem.

One month after creating the company, Abnormal was funded. Saam Motamedi, partner at Greylock, says, “Abnormal’s product concept and founding team made for an easy decision to partner. We had high confidence in exceptional executives who built large scale machine learning platforms at top technology companies, to tackle this massive problem.”

Abnormal Security joins Microsoft for Startups

Today, some 10 months later, 4 percent of Fortune 500 companies are Abnormal Security customers who are consolidating around Azure as they look for new business-critical technology investments. These are organizations that run their business on and trust their operations to the Microsoft cloud platform. Abnormal succeeds by meeting those customers right there, building opportunities on Microsoft applications and services.

Azure provides world-class infrastructure for powering, hosting, and distributing AI-based services; it’s a proven platform and one of the best answers to customer concerns about privacy, security, and compliance. For Abnormal, Azure built-in tools and infrastructure are the building blocks that handle the day-to-day platform and logistics, freeing the team to maintain focus on their secret sauce, enhancing their value proposition with differentiating features and proprietary algorithms. “Being a part of Microsoft for Startups allows us to focus more of our internal data science team on the specialized stuff—model training and model operationalization, data flows, and pipelines. So the more our team is free to get closer to our customers and their business problems, the more advantage we have,” says Evan.

Working with the Microsoft for Startups program doesn’t just provide technical advantages, though. Abnormal is developing a go-to-market partnership that helps co-sell through the Microsoft sales team, opening doors, simplifying procurement, and giving potential customers confidence that they are making the right choice.

The ability for our customers to transact through the Microsoft commercial marketplace enables them to do procurement directly through Azure Marketplace on Microsoft paper, and then to have that count against their Azure commitment.

— Evan Reiser, CEO, Abnormal Security

Abnormal advice for startups

Evan says startups should realize something that wasn’t immediately apparent to him and that he wished he’d learned earlier. It’s that selecting a cloud partner is a crucial first-stage decision, but it’s important to remember it’s as much a business decision as it is a technical one. Startups spend many hours sweating the technical stuff, putting together the program, planning the architecture, and selecting underlying interfaces and components. They don’t spend enough time thinking about what the right cloud partner will bring in the longer term, beyond initial cost-benefit box checking. Evan freely admits he was similarly distracted in the early days. “I didn’t really understand what Microsoft for Startups had to offer. I assumed cloud providers are all pretty much equivalent. And I think that’s a dangerous assumption.”

The right partnership with the right provider can provide real benefits—financial advantages, extended customer reach, and added confidence for you and your customers that you are working with world-class partners in which they, too, are invested.