The evolution of email: Why we invested in Red Sift
There is no hiding in the fact that email continues to be the most commonly used channel for both opportunistic and targeted enterprise attacks, with nearly 80% of data breaches using email as an initial attack vector. Email security is a board-level concern for many organisations and an inability to adequately defend against email-based cyber attacks has resulted in significant financial and reputational costs for businesses. As the primary medium through which businesses communicate and archive data, the use of email isn’t going away — so what do companies do about it?
Shift focus from basic threat to impersonation-based detection
Up to 30% of total enterprise cyber security spend is allocated to email security today, which has resulted in the stack developing significantly over the past 5-10 years. Although it can be segmented through many different lenses, we think about it in three high-level layers; illustrated below.
Fig 1: The Email Security 'Stack'
Basic threat detection capabilities have become commoditised and there is little differentiation between players in the market. For example, elementary anti-spam is currently more than 99% effective across almost all vendors and is within acceptable limits for most organisations. One of the primary criteria for differentiation amongst vendors is the capability to defend against advanced and targeted threats. In particular, protection against impersonation-based threats, such as business email compromise (BEC), domain spoofing and account takeover, will be a key enterprise focus. When we explored the mindset of the decision makers, CISOs (“Chief Information Security Officers”) and Heads of IT, consistently told us they
“used to worry about attachments and hidden malware and now worry about email as an enticement to divulge credentials, leading to sophisticated, longer-lasting attacks. This reflects a movement in the threat axis of the security game.”
Solve the foundations starting at the protocol layer: Red Sift
At a fundamental level, the standard for encoding email messages published in the early 70s was never designed for use in the modern work setting and certainly didn’t take security into account. Over time, recommended protocols such as SPF, DKIM and DMARC have surfaced to provide a standard for protecting organisations against email-based impersonation threats/phishing. Nonetheless, our research showed that adoption of these protocols has been modest either because they are misunderstood, difficult to deploy or require material resource. For example, studies have shown a less than 20% adoption of DMARC in the US and Europe by corporations.
This is why we led a $8.8m investment in Red Sift, alongside our friends at In-Q-tel, White Star Capital and Oxford Capital. We believe we have found a company that will become the leader in the evolution of email security, starting at the protocol layer. Their first product, OnDMARC allows organisations to seamlessly gain insight, action and protection via the DMARC protocol, allowing companies to see who is using their domain to send fake emails, whilst boosting email deliverability by verifying you as the genuine sender. Customers who have often tried and failed to implement the protocol, love the ease of deployment and independence of the product.
What’s more, Red Sift has spent the best part of the last four years developing an underlying open data computation and product development platform on which OnDMARC is built. This is perfectly suited to the fast advancements and change in the email security stack and we are extremely excited by their roadmap. A large part of this funding round is to support the release of their second product, OnINBOX, which uses advanced machine learning techniques to analyse inbound emails and indicate the risks in every email to the user.
The journey to date
Having started to develop the platform in 2015, since launching their first product in 2018, Red Sift have quietly grown to hundreds of organisations globally. We’ve been tracking the team at Red Sift from the very early stages of the business and have been consistently impressed with their ability to execute and achieve their goals. Rahul, Randal and the rest of team have been a joy to get to know and we’re honoured to be investing in the company and joining their journey from here.
Fig 2: The Red Sift team collecting the “Best Cybersecurity Product or Service” at the UK Cloud Awards earlier this year
Sources include Verizon Data Breach Investigations Report 2019, Gartner Research and MMC Research.
This post originally appeared on MMC Writes.