Oklahoma Office Of Management And Enterprise Services
Oklahoma Office of Management & Enterprise Services Achieves Optimal “State” of Security with Mimecast
- Email Security, DMARC Analyzer, Brand Protection, Security Awareness Training, Secure Messaging, Large File Send
- OMES Oklahoma Cyber Command needed to modernize legacy email gateways to strengthen email security and simplify email management
- Modernized email security platform
- Decrease in volume of email-based threats targeting the State of Oklahoma
- Automated threat detection and response
- Simplified email management
- Integration and orchestration resulting in a “smart” cybersecurity network
From securing elections, to rolling out COVID-19 vaccines, to handling unemployment claims, the Oklahoma Office of Management and Enterprise Services (OMES) is the lifeline in place to make sure state activities go off without a hitch. State agencies rely on OMES every day for the finance, property, human resources and technology services they need to succeed.
But even the most well-oiled machines need a tune up from time to time. That’s why, in 2019, State of Oklahoma leadership tasked State Chief Information Security Officer Matt Singleton and OMES Oklahoma Cyber Command—the security team responsible for protecting the state’s networks and digital assets—with strengthening Oklahoma’s cybersecurity posture. The solution? A full Mimecast suite that started with Email Security and has grown into so much more.
Knowing email is the primary method of communication across state agencies and the top target of exploitation by cybercriminals, Singleton and his team began their cybersecurity initiative with a focus on email security.
Beginning on day one with Mimecast, we saw a dramatic decrease in the number of IT tickets related to spam, malware and fraud. Mimecast has also automated threat detection and response, significantly accelerating our response time.
Jason Franzman, Senior Security Engineer, OMES Oklahoma Cyber Command
“Email is the lifeblood of our agencies, and bad actors take advantage of this fact by continuously hitting the state with phishing and spear phishing attacks, whaling campaigns and other email-based threats,” says Singleton. “Because of this, we knew our first priority had to be modernizing and strengthening our email security strategy.
The state was using antiquated secure email gateways, which made it hard for Oklahoma Cyber Command to defend against the daily onslaught of email-based cyberattacks.
“Our legacy technology forced us to manually build custom rules and filters and apply them across the state’s 14 email gateways,” says Jason Franzman, senior security engineer in OMES Oklahoma Cyber Command. “We also had to manually verify whether suspicious emails were actually a threat. It was impossible to keep up with the speed at which we were getting attacked.”
In addition to these security issues, the geographically dispersed gateways made email monitoring and management processes difficult and time-consuming.
Singleton, Franzman and the rest of Oklahoma Cyber Command knew the key to overcoming these challenges was to consolidate and modernize its secure mail platform.
Singleton notes: “We conducted a comprehensive evaluation of several email security vendors, and Mimecast came out on top. The company offers an extremely robust feature set that is available through a single platform – and it’s delivered at an affordable price point.” Today, OMES is benefitting from Mimecast’s Email Security, DMARC Analyzer, Brand Protection and Security Awareness Training offerings, as well as add-on features including Secure Messaging and Large File Send.
“Moving to Mimecast has modernized, consolidated and transformed how the State of Oklahoma handles email security,” says Singleton. “We faced several major challenges over the last 18 months, including securing the state election, and protecting agencies and citizens from contract tracing and vaccine rollout phishing attacks. Having Mimecast on board put us in a position to better defend against these threats.”
Franzman adds: “Beginning on day one with Mimecast, we saw a dramatic decrease in the number of IT tickets related to spam, malware and fraud. Mimecast has also automated threat detection and response, significantly accelerating our response time.”
Oklahoma Cyber Command is also benefiting from simplified email management through a single platform, and integration and orchestration capabilities that have been critical in the battle against cyber attackers.
“Mimecast integrates with our firewall, endpoint protection, SIEM and cyber threat intelligence solutions, which helps us build a smart security network,” says Singleton. “There are 61.5 million attacks targeting the State of Oklahoma each day. No human team can keep up with those numbers; integration is the only way to combat the volume and velocity of attacks against the state. The ability to have Mimecast become part of our cybersecurity ecosystem has been a game changer.”
He continues: “With Mimecast’s innovative email security platform, we’ve been able to take a proactive approach to cyber defense and greatly strengthen our overall cybersecurity posture.