599: Email Security: Why Impersonations Are Still Phishers’ Weapon of Choice
Today’s guest on our tech podcast is Kevin O’Brien, CEO of GreatHorn. Phishing continues to be a primary security problem for businesses. Think of all the spoofed emails you probably get from people asking for banking instructions or ‘invoice confirmation,’ messages from ‘banks’ that look surprisingly legit but ask for your credentials, and notes from ‘friends’ that look real but have an attachment that wasn’t expected.
Phishing continues to be a primary security problem for businesses. Think of all the spoofed emails you probably get from people asking for banking instructions or ‘invoice confirmation,’ messages from ‘banks’ that look surprisingly legit but ask for your credentials, and notes from ‘friends’ that look real but have an attachment that wasn’t expected.
GreatHorn is an email security company that was a finalist in the 2017 RSA Innovation Sandbox for its ability to utilize machine learning to automate the identification and remediate advanced email and social engineering attacks.
Kevin O’Brien is GreatHorn’s CEO and Co-Founder. Under Kevin’s leadership, GreatHorn has become the world’s leading next-generation email security company, analyzing billions of messages and stopping phishing attacks targeting a global customer base of organizations, both public and private. He brings deep industry experience, having been an early member of multiple successfully exited security companies, including CloudLock (Cisco), Conjur (CyberArk), and @stake (Symantec).
Prior to founding GreatHorn, Kevin was Vice President of Marketing at Conjur, where he built the early go-to-market team responsible for initial market positioning and growth. Previously he led product marketing and sales engineering efforts at CloudLock, the leading cloud access security company that now has more than 6 million enterprise users.
In addition to his role at GreatHorn, Kevin serves as co-chair for the Mass Technology Leadership Council’s cybersecurity group, and is a frequent speaker at key cloud cybersecurity and industry events. He has presented at the RSA Security Conference, Xconomy’s What’s Hot in Cybersecurity Conference, Microsoft’s Innovation Outreach Program, the MassTLC Cybersecurity Conference, and has been featured in TechCrunch, NPR Marketplace, Mashable, Forbes, CSO Magazine, and more.
On today’s podcast, Kevin O’Brien talks about the latest techniques criminals use, including the use of display name spoofs, social engineering techniques and increase in Business Service Impersonation attacks, where cybercriminals replicate communications from major brands like Walmart, DocuSign, and the US Postal Service.
We discuss email security shortcomings in Office 365 and G Suite include end-user alerts (emails that fail DKIM go to workers, not tech pros), limited malicious URL scanning and limited ability to configure or fine-tune security policies. I also find out more about GreatHorn’s useful Phishing Risk Calculator and its annual Cloud Email Security report.
If you want to gather around a virtual campfire and have a chat or ask me a question, you can message me, leave a virtual voicemail or even buy your friendly podcast host a coffee.