Aviva Zacks of Safety Detectives recently sat down with Mike Jones, Senior Director of Product Management for the Agari products within the HelpSystems email security family. She asked him about his company’s commitment to helping its customers secure their email.
Safety Detectives: What has your journey to cybersecurity been like?
Mike Jones: I started in cybersecurity in the 1990s at America Online, in their network operation center. Eventually, I became their director of anti-spam operations, which introduced me to the world of cybersecurity and email security. I joined Agari in 2010. Its founder, Patrick Peterson, had an idea to create standards around email authentication, to make them more operational for organizations so that they could better use those standards to make their email secure and stop people from spoofing them. Since 2010, I’ve been helping to develop these products. Last year, we were acquired by HelpSystems, and now we’re part of a larger suite of email and data security products.
SD: What do you love about cybersecurity?
MJ: Working in security is never boring. There is always something happening, something new. I’ve been working in email security for most of my career, but I’ve never felt stagnant. There’s always something interesting and new on the horizon—new problems to solve, new products to build. Ever since the beginning, it has been a constant cat and mouse game with the bad guys. You’re always trying to figure out what they’re going to do next, and when they try to get around that, you have to prevent it.
Another thing I really like about it is that, when we’re successful, we’re actually helping people. If we can build a product that helps stop the bad guys from spoofing someone’s bank so that they don’t give up their bank account information, then we did something in the real world to help a person save their life savings. That might be an extreme case, but it does happen, and it makes you feel good.
SD: What is your company’s flagship product?
MJ: Agari’s flagship is our brand protection product, which is the first product the Agari team built. It focuses on helping enterprises secure their email through the implementation of email authentication standards, so the bad guys can’t spoof them, and they have a secure communication channel over email to their customers. We have a lot of large financial and healthcare technology companies that use the product and rely on email communications with their customers, vendors, and partners. They need to send mail from their company’s email addresses safe in the knowledge that the emails their customers receive are actually from them and not someone trying to defraud their customers.
Agari also has a phishing defense product, which follows the same principles of securing the identity and understanding who’s spoofing your identity and brand, but it works on an enterprise’s inbound email channel to protect employees from being imitated (spoofed).
SD: How does your company stay competitive in a world that’s filled with different cybersecurity companies?
MJ: Buzzwords are a part of life, especially in cybersecurity. The most important thing is to make sure that you have clarity in your mission so that you can stay above the buzzwords. Focus on your customers, asking yourself what problems they have right now or what we anticipate them having in the coming year. Then think about how to help them stay in front of those problems.
SD: What do you think are the worst cyberthreats that are out there today?
MJ: Ransomware is a huge problem right now, but as I think about this coming year, it is really important to focus on the supply chain and potential cyberattacks on the supply chain. We all can see in our own lives the pressure that the world’s global supply chains are under right now. They’re overwhelmed. They’re in a precarious position in the physical world, and attackers in the cyberworld pay attention and take advantage of that. They know that the stresses on the supply chain mean that those areas are more open to social engineering and other types of attacks, so that’s where they tend to focus. It makes business email compromise, and vendor email compromise more prevalent than ever. It’s really important for organizations to focus on email security and put in place measures to help address vendor spoofing and business email compromised types of attacks.
I also think the bad guys are starting to focus on a more sophisticated use of the assets that they build. For example, when they compromise an account, they are becoming more judicious in how they use the compromised account. Instead of just compromising the account and trying to send malicious payloads right away, they tend to observe and try to identify the higher value places to use that compromised account. One of those areas is an email chain attack, which is just another version of a compromised account. The bad guys observe the account carefully choosing when to insert themselves into an email chain or conversation at a time when they are most likely to get a response, a click, or a download – in other words, when it’s going to give them the most value.
SD: Do you have anything to add about how the pandemic is saving cybersecurity?
MJ: I think there are a couple of focus areas the pandemic has highlighted. We know there’s a problem with staff shortages and that businesses everywhere are trying to get enough people to do the work that needs to be done. That’s no different in cybersecurity and the industry is looking at ways to help solve this challenge, including the implementation of more automation.
Also, the remote and hybrid work environments that emerged as a result of the pandemic look set to stay. A hybrid environment, when people aren’t fully remote or fully on-site, makes security a little less clear. There’s the idea of zero-trust, where trust is earned. It’s not given from the beginning, and you implement security by only trusting those sources where the trust has been proven.
I think that the pandemic has made the zero-trust approach to security more prevalent and more important. Of course, as I said earlier, there’s always a cat and mouse game. We see the bad guys trying to take over more trusted services and infrastructures now, so if you start implementing zero-trust, then they try and find a way around it.
Our products have used the idea of trust since the beginning because we focus on authenticity and identity. If an email is coming from a trusted and authentic identity, then you can trust that email. If it’s suspicious because you don’t normally get a certain type of email from your CEO, then you don’t.