Sign up

What matters to you matters to us! Customize your newsletter–tell us what you're most interested in and we'll handle the rest.

loader image




May 24, 2016

Making Email Safe

mouse and keyboard

You’ve got mail. It’s an urgent message from your CEO asking to you to pay a vendor ASAP. You never drag your feet when she asks for something, so you quickly initiate the wire process, and run off to your lunch meeting.

BUT… unbeknownst to you, you’ve just been hacked by an imposter using a spear-phishing attack and POOF, the money is gone. The email from your CEO looked completely legitimate. Through social engineering, the hacker even identified a real vendor that you recently connected with on LinkedIn!  This type of targeted email attack is becoming all too common and the bad guys are getting smarter.

Today, we are thrilled to announce our investment in the good guys that will protect enterprise companies from these kinds of email phishing attacks: Agari.

These targeted email attacks are grabbing headlines all too often.  It happened to Snapchat in February and resulted in the identity theft of several employees.  In March, an email scam artist tricked an employee at Seagate into giving away W-2 tax documents on all current and past employees.  This is a popular scam during tax season: employees go to file their taxes and are shocked to see that they’ve already been filed and a refund already sent to a different address!  And phishing is big business: The FBI reported that since January 2015, business email compromise incidents rose by 270 percent and amounted to more than $2.3 billion in losses in less than two years.

Investing In a Secure Future

At Norwest, we have a long history of investing in the cybersecurity space.  Our portfolio includes security leaders such as FireEyeBitglass, Bracket Computing, Dtex Systems, ExabeamMobileIron,  Fireglass, PalerraSeculertShape SecurityTRUSTID, Morta Security (acquired by Palo Alto Networks), and 41st Parameter (acquired by Experian).

As an investor in the enterprise security space, I form my investment thesis by interviewing chief information security officers (CISOs) to understand their top security concerns. Targeted email attacks are consistently at the top of their lists because the bad guys have become smarter. While CISO’s have battened down the hatches with everything from firewalls to endpoint agents, the front door is wide open: email.

When we met Agari, it was clear from the company’s team, technology, and outstanding customer traction that they were the answer.

Outsmarting the Bad Guys

Here’s how it works.  The Agari Email Trust Platform™ processes some 10 billion outbound email messages a day, helping hundreds of household names like PayPal and JP Morgan Chase maintain their customer’s trust. In a world where “big data” has become a buzzword, the scale of this data source is unparalleled. The company uses insights from this data to fuel its Agari Customer Protect solution, which protects consumers from email attacks that spoof enterprise brands, and Agari Enterprise Protect solution, which helps organizations protect themselves from advanced spear-phishing attacks.

Security companies since the dawn of time have tried to model “the bad” starting with email signatures, URL blacklists, and, more recently, sandboxes.  This approach breaks down because the bad guys get smarter, change their approach, and on goes the cat and mouse game.

Agari takes a different approach to security by modeling the good, not the bad.  Enterprise Protect gains tremendous insight from the billions of outbound emails that the Agari Email Trust Platform sees every day and applies it to the inbound email coming into your company. Agari’s data science team has built robust models to understand what good email looks like, to ensure only those good emails reach your inboxes. Agari’s unique ability to tap into this volume of email through its email telemetry network provides a powerful defense against the increasing sophistication of cyber-criminals.

Agari can help us to trust our email again. We will worry less about whether an email really is from the CEO and more about getting business done.  We are proud to support Agari and excited to help them build their company and develop new products that make the cyber world a safer place. We look forward to collaborating with the Agari team and our co-investors including Alloy Ventures, Battery Ventures, First Round Capital, Greylock Partners and Scale Venture Partners.