In 2020, the social media accounts of highly visible executives fell victim to everything from account takeovers to data hacks to social engineering plots. These hacks exposed a critical vulnerability for both executives and company brands and sent shockwaves from Wall Street to Silicon Valley.
Suddenly, other enterprises and executives were asking themselves: Could that happen to me?
The answer, unfortunately, is yes. In a 2020 report on the growing threat of cyberattacks against C-level executives, 84% of respondents said they had been targeted by at least one cyberattack in the past year, with phishing attacks being the most common (54%) (Forbes). These types of attacks – generated through social media and collaboration channels like WhatsApp, Twitter, Facebook, and more – have only become increasingly frequent, especially given the rapid adoption of new collaboration platforms among remote workers. To create better human-to-human interaction, companies have unwittingly exposed themselves to more vulnerabilities.
Now, many enterprises, as well as collaboration and social media platforms, are examining how they can protect their brands, employees, and customers. However, many have stumbled upon a few challenges while attempting to secure these channels.
First, there’s employee privacy. While employees’ accounts may represent a vulnerability to the organization, many of these accounts are private. The question then becomes how to protect employees’ data in a noninvasive way that keeps their underlying content private.
Another critical challenge is scale. The average person has 60-90 apps installed on their mobile phone, using around 30 of them each month and launching nine apps per day with most time – especially post-COVID - largely spent on either collaboration or social/mobile apps. Take a look at your phone. How many do you have? Think about those dozens of channels – each with its unique behaviors and data stores. Now multiply that number by hundreds or thousands of employees in multiple languages and regulatory environments. Suddenly, the business risks grow exponentially. How do you make sure each individual is protected and recognize diffuse attacks targeting numerous individuals across multiple channels at the same time?
This is the critical problem that demands a new solution. The problem is here and now, especially in regulated industries where social, mobile, and collaboration channels are fast becoming integral to the way business is conducted. That’s why we were so excited to connect with SafeGuard Cyber, a Charlottesville Virginia-based startup that has developed a cloud-native security platform to address these new risks.
With the most comprehensive array of channel coverage among its peers, SafeGuard Cyber protects a company’s digital assets from cyber threats and compliance risks, with detection and response capabilities in channels as varied as CRM, mobile chat, collaboration, and social media. Today, Cisco Investments proudly announces our recent participation in their Strategic Growth Financing Round, alongside NightDragon and Allegis Cyber Capital.
ThreatCortex, Machine Learning, and Agentless Architecture
I sat down with Jim Zuffoletti, CEO and Co-Founder of SafeGuard Cyber, to learn more about SafeGuard Cyber’s unique approach to securing the new age of human communications.
According to Zuffoletti, enterprises must first recognize that risk is everywhere there is digital communication. “If the business challenges of the last year have shown us anything, it’s that the organization’s digital risk surface is going to continue to expand and likely faster than they currently anticipate,” he says. “That means that we need to protect new communication channels as they emerge.”
For SafeGuard Cyber, the platform architecture represents a key differentiator. “ThreatCortex, our cloud-delivered security analytics engine, uncovers hard-to-identify threats such as social engineering, malware, and compliance risks powered by our Machine Learning and Artificial Intelligence hard-to-access cloud application locations. Modern and at-scale attack detection and prevention will dictate which Disaster Recovery Plan providers will lead the pack. SafeGuard Cyber can provide configuration, MITRE ATT&CK mapping, and SaaS delivery, and we are positioned to successfully deliver improved detection, faster investigations, and flexibility to our customers.”
Jim Zuffoletti adds, “This approach means our platform is portable to any device on any network. We designed our solution to be invisible to the end-user. Since moving to remote work, this architecture has helped our customers gain unprecedented visibility into risks, no matter where their employees communicate. And whether they remember to use the VPN or not.” All the capabilities, integrated for novel channels that organizations need to protect these channels -- security, compliance, retention, and e-Discovery -- out of the box and integrated with your security infrastructure in an easy-to-understand pricing model.”
The platform does not need complex, time-consuming technology to deploy. Modern, easy to deploy agentless architecture for the agile enterprise to protect collaboration, mobile, chat applications that are network and device portable and BYOD friendly.
Securing communications sounds simple in theory, but the execution is complex. The volume and velocity of digital communications make human supervision impossible. One of SafeGuard Cyber’s customers generates over 118,000 WhatsApp messages per month. That’s where machine learning comes into play.
Jim shares, “We’ve aggressively prioritized machine learning innovation to identify risk events on behalf of our customers. For example, a user might communicate something using a particular set of words. We can look at those words, see the context, but also to see perhaps some kind of metadata associated with what was happening in that ‘virtual machine’ that we can correlate and say, ‘overall, this looks like an insider risk,’ or ‘overall, this looks like a social engineering attack.’ Then, it’s about making sure the alerts that you're surfacing and the events that you're taking action against are those true positive events that they need to respond to, as opposed to overloading the SOC with a bunch of risks that aren't actual risk events.”
Perhaps the most significant benefit of SafeGuard Cyber is the peace of mind the platform delivers for enterprises. Whether they’re looking to secure a sales rep using a new channel like WhatsApp or WeChat to communicate with prospects or customers; protect their employees who have ditched email for mobile chat collaboration or shield their high-profile executives against a social engineering attack.
The Cisco and SafeGuard Cyber Partnership
Today, the SafeGuard Cyber team protects over half a million accounts. Still, ultimately their goal is to “get that into the millions and then ultimately into the billions as organizations continue to use these platforms over time and require protection,” says Zuffoletti.
Realizing that goal, however, requires first getting the right investors and partners in place. “Our mission is to secure human connections,” says Zuffoletti. “That means we have to go where the human wants to go, in the manner of how they're conducting their business, and how they're communicating regularly. We decided to partner with Cisco Investments because they believe in the same thing. Their collaboration and security business units have made incredible commitments to forge the future of work. The idea of building the future security stack in software for the cloud is something that very much resonates with us.”
Looking Ahead
At Cisco Investments, we know SafeGuard Cyber is well on its way. Enterprises are now recognizing that protecting their data, people, and brand is mission-critical to their business operations. As multiple communications channels continue to increase, the difference-maker will come down to how well enterprises’ digital risk protection systems work across all channels and are suited to the needs of each line of business, be it security, compliance, or marketing and sales.
With the market moving toward SafeGuard Cyber's agentless platform approach, it is clearing the path to lead the market in this transition and fulfilling the vision of securing human connections in the digital-first world.