Aviva Zacks of Safety Detectives sat down with Hugo Sanchez, Co-Founder and CEO of rThreat, and asked him all about his company’s breach and attack emulation platform.
Safety Detectives: What motivated you to start your company?
Hugo Sanchez: rThreat was created because we saw a need for real cybersecurity validation in the industry. Jesus Garcia, our original founder and CTO, realized a gap existed in the industry when clients would ask him, “How do I know if this security tool actually works?” At the time he had no way to show them proof of the effectiveness of different cybersecurity tools, so he decided to create a platform that can show them this information in real-time. rThreat was born as a response to these needs. Once Jesus began the platform development, I joined the team along with our other two co-founders Daniela Applegate and Peter Nelson to transform this tool into a business.
SD: What are your company’s most popular products?
HS: As of now, our breach and attack emulation platform is our only product. This tool allows companies to test the effectiveness of their cyber defenses using real malicious scripts in a secure testing environment. Think of this platform as your dress rehearsal for cyber attacks. We empower companies with the ability to challenge their deployed cybersecurity tools, processes, and teams to truly understand how prepared they are to defend against real attacks. Companies can run on-demand tests using the latest threats to gain a day-to-day understanding of their security posture. Our platform can enable security teams to identify and address security gaps before they’re exploited, optimize existing solutions, and justify their ROI. Our reporting can also support compliance efforts so customers and board members know you’re staying on top of data protection.
SD: What helps your company stay ahead of the competition?
HS: What makes rThreat unique is our ability to execute both known and unknown threat artifacts that are real. You wouldn’t test the effectiveness of a bulletproof vest using fake bullets, so why would you test the effectiveness of your cyber defenses using hypothetical threat scenarios? Our threat library features real known threat artifacts, as well as custom and forced/zero-day threat artifacts that are created by our team of developers. Our threat artifacts are based on the MITRE ATT&CK framework, follow APT standards, and incorporate the TTPs seen in the most sophisticated threats out in the wild today. All of these executions are done in a secure testing environment so your network is never put at risk.
SD: What are the worst cyberthreats out there today?
HS: The worst threats your company can face are those that are unknown to your security team and other software and cybersecurity vendors. As we all know, zero-day exploits are the worst-case scenario that we all dread. However, other types of cyber threats can be just as deadly to your company if crafted with the right amount of sophistication. Ransomware and DDoS attacks can prevent companies from accessing their network, crippling their operations, and putting customer data at risk. Social engineering has also proved to be a very successful way for threat actors to infiltrate networks due to a lack of cybersecurity education among company employees. Multi-vector attacks that encompass all of the above (and more) are especially detrimental because these multi-faceted threats attack a company from all fronts, increasing the chances of evading cybersecurity tools.
SD: How will the COVID-19 pandemic change cybersecurity forever?
HS: I believe the way companies operate will forever be impacted by COVID-19, especially with the increase in permanent remote workers. Going forward, companies will have to rethink their cybersecurity strategy to ensure both on- and off-premise employees are secure. Many cybersecurity leaders had to quickly come up with ways to keep their remote workforce and company networks safe, but I believe all companies need to revisit these protocols and thoroughly review them to ensure they are truly effective. The events of COVID-19 also brought an onslaught of unprecedented cyberattacks, especially targeting the healthcare industry and government agencies. My hope is that this was an eye-opening experience for companies across all verticals, and made companies small and large realize they need to take cybersecurity more seriously. We have seen on numerous occasions that anyone can become a target. Even though the pandemic has had detrimental effects on our country, I hope some good will come from this via greater importance on cybersecurity and data protection.