Keeping Spear-phishing And Email Attacks At Bay

by Sohini Bagchi    Jun 17, 2014

itay email

Votiro, a secure data sanitization solutions provider that protects businesses from cyber-threats, has extended its cloud-based service to protect against spear phishing and other email-based attacks. In an exclusive interaction with CXOtoday, Itay Glick, Votiro co-founder and CEO discusses the trends in email security and the data security and cyber-protection efforts of the company.

Glick says the new version of Votiro’s sanitization service will allow users to forward questionable emails to the service and run the same scanning and active process on email attachments. By providing this immediate protection, this upgrade improves the usability of the service - a feature that was not available in the earlier versions.

“Statistics consistently shows that nearly all cyber-attacks begin with a spear phishing email that appears to be innocent, although its contents are tainted with a hidden exploit or similar advanced cyber-threats,” says Glick. He adds, “Our mission is to position our customers with a security posture that automatically identifies and eliminates the growing range of unknown and ongoing cybersecurity threats. By extending our free service, we are allowing enterprises and organizations to sample the strengths and benefits of our new spear phishing protection capabilities that are being incorporated into our overall solution.”

This sanitization service is part of Votiro’s overall Secure Data Sanitization solutions. Votiro’s Secure Data Sanitization solution automatically performs the sanitization process as the free, cloud-based service on all incoming email contents. This comprehensive process does not affect the usability of a file and can be seamlessly integrated into an organization’s IT infrastructure. More importantly, the new solution eliminates cyber-threats before they have the opportunity to penetrate an organization’s network and attack critical IT infrastructure and extract sensitive data, says Glick.

Read: India to Announce New Email Security Policy

“The free sanitization service is also the first step of our overall strategy to deliver our anti-exploit solution from the cloud,” says Glick. He explains that many IT and security solutions have been migrated to the cloud, although the cloud versions often remain as expensive and complex to use as the on-premise versions. This reduces benefits of moving the solution to the cloud. We certainly do not intend to follow this path. “By providing automated cloud-based protection against spear phishing and file-based attack campaigns, we will make our anti-exploit solution readily available to organizations of all sizes, from SMBs to mid-market businesses to large enterprises,” he says.

On the key measures needed to make email more secure, Glick says currently, once a new threat is identified, a remedy must be written and incorporated into the anti-virus software for it to be effective. Hackers and cyber-criminals often take advantage of this time gap to carry out their malicious activities. A few weeks ago, a senior exec at Symantec told the Wall Street Journal that “hackers increasingly use novel bugs” and that anti-virus software now catches 45% of cyber-attacks. “We intend to fill this gap with our anti-exploit technology, which neutralizes cyber-threats before they have the chance to reach the corporate network,” says Glick.

He also mentions the company is planning to make its anti-exploit cloud solution available within two or three months. “We are currently accepting beta customers to enter our cloud for free for 30 days to qualified potential customers,” Glick says adding that the spear phishing protection service, being cloud-based, is available to users worldwide. 

Data security and cyber-protection efforts that rely on anti-virus systems only are no longer sufficient, tips off Glick. It is no secret that malware and cyber-attacks become increasingly sophisticated by the day. The need for full security coverage is therefore essential to mitigate risks and minimize attack vectors that anti-virus software alone cannot handle. He also assures that the company’s new upgraded solution will be appropriately priced and easy to both set up by the CSO and use by the employees.