Updated on: November 12, 2024
In a recent SafetyDetectives interview, Junior Cunha, CTO at HSC Labs, shared his insights on the evolving cybersecurity landscape and the human-centered approach driving HSC Labs’ mission. With over 20 years in IT and 13 in cybersecurity, Junior has overseen the development of innovative tools like Mailinspector, Smart Defender, and MindAware, which enhance email security and foster a strong security culture within organizations. In the discussion, he elaborated on HSC Labs’ AI-powered strategies to counter phishing and business email compromise (BEC) and shared his forward-looking views on the trends shaping the future of digital defense.
Can you tell us about your career journey and how it led you to become the CTO of HSC Labs?
My career journey began over 20 years ago with a degree in IT Management. Over time, I gained extensive experience in software engineering and eventually transitioned to cybersecurity, where I’ve now worked for 13 years. My path has always been driven by a desire to create robust and innovative solutions, which naturally led me to my role as CTO at HSC Labs. Today, I’m responsible for architecting and implementing systems that protect over 2 million corporate users, placing people at the center of our digital defense strategy.
What is the primary mission of HSC Labs, and how do you ensure your solutions stay aligned with that vision?
At HSC Labs, our mission is all about protecting people and businesses from digital threats, with a strong focus on the human side of security. We’re committed to developing solutions that empower users while using AI to defend against evolving threats. To keep our solutions aligned with this mission, we’re constantly innovating, training, and listening to client feedback, which keeps our products evolving in ways that meet real-world needs.
HSC Labs emphasizes email security with tools like Mailinspector and Smart Defender. Could you explain how these solutions differentiate from native protections in platforms like Microsoft 365 and Google Workspace?
Mailinspector and Smart Defender are designed to add an extra layer of security, going beyond the native protections in platforms like Microsoft 365 and Google Workspace. These solutions leverage AI to detect anomalies and behavior-based threats, enabling them to catch subtle signs of phishing and business email compromise (BEC) that standard protections may overlook. They also allow for fast and customized incident responses, offering a more tailored approach to security.
With phishing and business email compromise (BEC) on the rise, how does your AI-based security solution proactively block these evolving threats?
Our AI-driven security solutions continuously analyze email patterns and user behavior to detect signs of threats, identifying both traditional phishing and new BEC variants. The AI adapts and learns from new attack patterns, anticipating threat vectors before a real attack occurs. This proactive analysis helps block intrusion attempts and ensures a comprehensive layer of protection, detecting threats before they reach end-users.
Cybersecurity awareness is a key element of your offering. How does MindAware’s training approach effectively reduce human error and improve organizational resilience?
MindAware is a platform that combines attack simulations, like phishing, with continuous, interactive training. Our focus is on educating users about risks and teaching them to identify potential threats in their day-to-day work. What sets it apart is that the simulations and training are adaptive, adjusting to each user’s profile. This effectively reduces human error and strengthens organizational resilience by fostering a cybersecurity culture within the company. I often say, “Every click matters,” and it’s critical that users understand the role they play in their company’s digital defense.
Looking ahead, what emerging trends or threats in cybersecurity do you foresee, and how is HSC Labs preparing to stay ahead of these developments?
As technology advances, we’re seeing an increase in attack complexity and the use of AI by cybercriminals to customize and enhance their techniques. While email remains a primary attack method, we’re seeing a noticeable evolution in attacks through other channels like Teams, OneDrive, Google Drive, WhatsApp, and social media platforms. This shift calls for adaptive protections and AI-powered defenses to provide effective security. We also anticipate growth in threats targeting IoT devices and hybrid work environments. To stay ahead, HSC Labs is investing in R&D to detect these newer threats and exploring the ethical, effective use of AI to strengthen prevention and response measures. We’re committed to keeping clients prepared for whatever comes next.