Sign up for my newsletter to see more interviews with the biggest names in cybersecurity.
This week I interview James Foster of ZeroFox. ZeroFox aims to reduce and manage the risks posed to organizations by social media through reconnaissance, asset protection and attack monitoring. ZeroFox has previously raised $13mm from NEA, Comcast Ventures and others. Check out the awesome interview below and let me know what you think!
When you think enterprise security, you don’t traditionally think social media security (though 60 Minutes has helped to change that). What was the impetus for starting a company focused on social media security?
Social media has become the number one form of communication 2/3 of the world’s population actively uses social media to interact with one another. This growth has profoundly impacted business and business operations. Considering the scale and trusted nature of social media, cyber criminals have found it to be a fantastic new avenue for leveraging old attacks and inventing new ones. This problem was originally identified while working with a branch of the US government many times when we dug into the origins of an attack, we found that it had its origin on social media. We have developed a solution to investigate this root cause in order to find and stop attacks where they originate.
Company impersonators on Instagram and Twitter have proliferated. Clearly social media fraud is a growing problem, however I tried to find competitors of yours and there aren’t many. Why aren’t more people tackling this problem?
It’s not easy to identify, analyze and alert on social media fraud, targeted attacks, impersonations, and phishing campaigns in an automated and scalable way. We’ve been researching and building technology around this problem for over two years now and we’re excited that we are still the leader in developing technology solutions to these challenges. In particular, impersonating profiles are a problem that ZeroFOX alone is tackling. We have blazed a trail on the most effective techniques to automate the identification and analysis of impersonator profiles.
In Security Week you give examples like the fake Jamie Dimon account and several fake Instagram promotions as successful social media attacks. It seems to me that thus far, most of the damage caused through social media has been reputational, rather than directly affecting the company’s bank accounts. Is this accurate and have these attacks been enough to convince Boards and CEOs of the need to use a service like yours?
Reputation impacts how organizations interact with customers and can improve or damage customer relationships. In addition, reputation has a big impact on the market and an organization’s performance in the market, especially for public companies. That said, many attacks that make the headlines are reputational. This is because everyone can see these attacks, they are embarrassing, and people can take screenshots. However this is not the most interesting or exciting kind of cyber attack that our platform alerts on for our customers. Social media has made targeted cyber attacks much easier to execute. From infrastructure attacks, phishing campaigns, data theft, cyber attack planning and physical threats, to manipulating the stock market, social media cyber security has garnered enough attention that boards, CEOs and security teams are all beginning to pay attention.
In Forbes you said “there are too many companies focused on catching the next generation of malware.” What should budding cybersecurity entrepreneurs be focusing on?
First and foremost you need to focus on yourself. Develop concrete skills, work for companies that are going places, learn what success looks like so that you have a headstart on replicating it once you start something on your own. I 100% think that you should work for two successful companies before you can start your own that way you’ll have two different baselines and perspectives on how to reach success. Next, you need to get out there and focus on learning as much as possible about the market, the companies, and the solutions that companies are offering. Once you have a better grasp on the market and the areas of solutions that are currently available, you will have a better idea of where gaps exist. You’ll also know best how the skillsets you have developed can be leveraged to solve these issues or gaps you’ve identified.
You sold Ciphent to Accuvant in 2010 and have helped grow several others significant security companies like Foundstone. I’m sure you had no trouble raising VC money. How did you choose your investors and have they been able to add value?
Raising capital is never easy. It is helpful to have a successful track record with start ups and found a company with people who have proven themselves in their own fields. Not only is raising capital challenging, but it is very important to find the right partners. In the B2B cyber security space, your pool of ideal investors and partners is different than B2C cyber security company. One of the most important steps when raising capital is to do this initial research find and target firms that will be your ideal partners. Great partners are ones that have deep industry knowledge, applicable technology or product expertise and experience that you don’t have.
- Major M&A deals include Bain Capital’s $2.4bn acquisition of Blue Coat, Raytheon’s $1.9bn acquisition of Websense, and Singtel’s $810mm acquisition of TrustWave.
- Major funding rounds include Illumio’s $100mm Series C and CipherCloud’s $50mm Series B.
- Tools and companies recommended include Bluebox Security, FireEye, IBM’s QRadar, and Splunk.
- Elbit is Israel’s largest publicly traded defense business. Defense companies have been very active in cybersecurity M&A; Raytheon recently paid $2bn for Websense and Lockheed recently announced an investment and strategic partnership with real-time threat detection company Cybereason.
- NetBeat’s network access control product allows system administrators to easily allow or disallow access to sensitive information.
- These questions tend to be too easy for attackers to guess or too hard for users to guess.
- Hackers only had to know a few bits of individuals’ personal information to get access to a much larger trove of information. Plenty of sites function in the same way. Two-factor authentication would’ve stopped this attack that exposed very sensitive personal information for over 100,000 individuals.
- 60% of IT workers say they wouldn’t even be able to detect an insider threat, much less prevent one.
- High praise for Avast’s antivirus: “one of the best free security products you can install.”