You’ve got mail. It’s an urgent message from your CEO asking to you to pay a vendor ASAP. You never drag your feet when she asks for something, so you quickly initiate the wire process, and run off to your lunch meeting.
BUT… unbeknownst to you, you’ve just been hacked by an imposter using a spear-phishing attack and POOF, the money is gone. The email from your CEO looked completely legitimate. Through social engineering, the hacker even identified a real vendor that you recently connected with on LinkedIn! This type of targeted email attack is becoming all too common and the bad guys are getting smarter.
These targeted email attacks are grabbing headlines all too often. It happened to Snapchat in February and resulted in the identity theft of several employees. In March, an email scam artist tricked an employee at Seagate into giving away W-2 tax documents on all current and past employees. This is a popular scam during tax season: employees go to file their taxes and are shocked to see that they’ve already been filed and a refund already sent to a different address! And phishing is big business: The FBI reported that since January 2015, business email compromise incidents rose by 270 percent and amounted to more than $2.3 billion in losses in less than two years.
Investing In a Secure Future
At Norwest, we have a long history of investing in the cybersecurity space. Our portfolio includes security leaders such as FireEye, Bitglass, Bracket Computing, Dtex Systems, Exabeam, MobileIron, Fireglass, Palerra, Seculert, Shape Security, TRUSTID, Morta Security (acquired by Palo Alto Networks), and 41st Parameter (acquired by Experian).
As an investor in the enterprise security space, I form my investment thesis by interviewing chief information security officers (CISOs) to understand their top security concerns. Targeted email attacks are consistently at the top of their lists because the bad guys have become smarter. While CISO’s have battened down the hatches with everything from firewalls to endpoint agents, the front door is wide open: email.
When we met Agari, it was clear from the company’s team, technology, and outstanding customer traction that they were the answer.
Outsmarting the Bad Guys
Here’s how it works. The Agari Email Trust Platform™ processes some 10 billion outbound email messages a day, helping hundreds of household names like PayPal and JP Morgan Chase maintain their customer’s trust. In a world where “big data” has become a buzzword, the scale of this data source is unparalleled. The company uses insights from this data to fuel its Agari Customer Protect solution, which protects consumers from email attacks that spoof enterprise brands, and Agari Enterprise Protect solution, which helps organizations protect themselves from advanced spear-phishing attacks.
Security companies since the dawn of time have tried to model “the bad” starting with email signatures, URL blacklists, and, more recently, sandboxes. This approach breaks down because the bad guys get smarter, change their approach, and on goes the cat and mouse game.
Agari takes a different approach to security by modeling the good, not the bad. Enterprise Protect gains tremendous insight from the billions of outbound emails that the Agari Email Trust Platform sees every day and applies it to the inbound email coming into your company. Agari’s data science team has built robust models to understand what good email looks like, to ensure only those good emails reach your inboxes. Agari’s unique ability to tap into this volume of email through its email telemetry network provides a powerful defense against the increasing sophistication of cyber-criminals.
Agari can help us to trust our email again. We will worry less about whether an email really is from the CEO and more about getting business done. We are proud to support Agari and excited to help them build their company and develop new products that make the cyber world a safer place. We look forward to collaborating with the Agari team and our co-investors including Alloy Ventures, Battery Ventures, First Round Capital, Greylock Partners and Scale Venture Partners.