How can people keep their personal data secure?

Ciaran Rafferty, Managing Director, Email Security, HelpSystems, spoke to Cyber Magazine about securing data and tackling identity theft

Can you tell me about HelpSystems? 

HelpSystems is a software company with a unique and comprehensive suite of cyber security solutions and services that help customers detect and mitigate against an ever-growing number of cyber threats. 

We provide cyber security solutions for Data Protection, Email Security, Digital Risk Protection, Secure File Transfer, Vulnerability Management, Adversary Simulation, and Red Teaming. The solutions are built for hybrid IT environments that operate both on-premise and in cloud-based infrastructures. 

Additionally, HelpSystems provides a range of managed services including Managed Detection and Response, Managed Data Loss Prevention, and Managed Digital Risk Protection, as well as Security Awareness Training. 

The HelpSystems portfolio includes well-known leaders in the cyber security field, including: Agari, Alert Logic, Boldon James, Beyond Security, Clearswift, Cobalt Strike, Core Security, Digital Defense, Digital Guardian, GoAnywhere, Globalscape, PhishLabs, Terranova Security, Titus, and Tripwire. 

What is your role and responsibilities at the company? 

I joined HelpSystems in December 2019, when the company acquired Clearswift, a leading provider of data loss prevention solutions for email, web, and the cloud. In May 2021, HelpSystems also acquired Agari, a business offering unrivalled protection against email-based fraud. 

Working together, these solutions can help secure critical data and protect organisations from a wide range of email-based threats, including phishing and business email compromise attacks. I head up the HelpSystems email security business unit responsible for ensuring that worldwide cyber security customers benefit from our combined solution expertise.  

With a rise in phishing attacks, how can people keep their data secure? 

Throughout 2021, threat actors relied on a variety of attack vectors to carry out their campaigns. While the year was witness to an increased presence of emerging threats, traditional phishing methods still commanded the majority of threats facing enterprises. In the latest Quarterly Threat Trends & Intelligent Report by HelpSystems, the number of voice phishing (vishing) cases increased almost 550 percent over the last twelve months (Q1 2021 to Q1 2022). 

To meet these challenges head on and to minimise the scope of threats targeting their infrastructure and data, organisations should build relationships with technology and service providers to broaden their lines of defence and put in place the following protections: 

Implement DMARC

DMARC will help defend against spam as well as attacks that attempt to use spoofed (imitated) addresses. 

Train staff to identify phishing attempts

Email training can drastically reduce the number of fraudulent emails opened, and work to consistently reduce exposure to email-based threats. Outside of standard educational content, organisations can test their staff with internal phishing campaigns that measure email open rates, link clicks, and responses. 

Turn on 2FA

Additionally, two factor authentication (2FA) provides an extra layer of protection that goes beyond login credentials. Even if credentials are stolen, 2FA prevents that information from being used to access systems without the owner’s consent. 

Finally, ensure you have a phishing response plan and remediation process in place for when an attack does occur. 

As the world becomes more connected and digital, is there an increasing concern around identity theft? 

Yes, this type of fraud is now incredibly far-reaching, costs the globe billions of pounds each year and can be very tough for victims to rectify. Personal data was compromised last year by a record number of breaches, which increased 68% from 2020, says the Identity Theft Research Center. According to Experian, fraud costs the UK economy £193 billion a year, with identity fraud being the single largest contributor.

But there are ways to protect against identity theft, such as signing up for credit monitoring, shredding important documents and making sure you don’t disclose personal information online. For example, if you’re unsure whether an email or phone call from your bank requesting information or payment is genuine, call the number on the back of your bank card and ask them for verification. Don’t call the number in the email or on the voice message, as it is likely to be fake. 

What do you see as being one of the top emerging cyber trends this year?

At RSA, there was much discussion about the Russian-Ukraine conflict and the impact it was having on cybersecurity, and how the industry must collaborate and share information in order to protect against an ever increasing number of cyber threats. 

There was also emphasis on how cyber risk is no longer limited to a manageable perimeter, but rather a growing interconnected network of assets far beyond the organisation's direct control. This expanding attack surface often presents softer targets for hackers to compromise and go undetected for long periods of time, a trend we’ll continue to see increase as the digital supply chain grows. 

In a recent survey of CISOs, 52% agreed that since the COVID pandemic, cyber threats have become fiercer and 64% say a breach that exposes sensitive customer data is their top fear. With cybercriminals employing more sophisticated tactics in order to steal valuable data, the emphasis on keeping it secure has never been greater. Therefore, it’s critical for businesses to put adequate security measures in place, protecting data throughout its journey and controlling and monitoring access even when it has left the organisation. 

What can we expect from HelpSystems in 2022? 

HelpSystems will continue to focus within data security and infrastructure protection both from a product and managed services perspective. We’ll continue to look for opportunities to add more capabilities within these categories and also enhance the compatibility and interoperability between existing product lines. We’ve already released bundled offerings for phishing protection, secure file transfer with rights management, and vulnerability management and red teaming to meet customer requirements, and we’ll continue to work with customers to help them solve their cybersecurity challenges 


Featured Articles

CYBER LIVE LONDON: Day 2 highlights of the hybrid tech show

We take a look at highlights of the different stages at the Tech Live London show, including insights from Claroty, SalesForce and Oracle

TECH LIVE LONDON: An overview of the hybrid technology show

We take a look at the first day of Tech Live London with insights from technology leaders from companies such as IBM, Microsoft and Vodafone

Does a cashless society mean higher risk of fraud?

Armen Najarian, Chief Identity Officer at Outseer, spoke to Cyber Magazine about malicious apps and fraud within a cashless society

5 minutes with Gary Brickhouse, CISO of GuidePoint Security

Cyber Security

CTO at Passbolt explains the importance of password managers

Application Security

Nord Security raises US$100mn at US$1.6bn valuation

Cyber Security