Cyren: Building internet security for the cloud era

Magni Sigurðsson, Senior Manager of Detection Technologies at Cyren, spoke to Cyber Magazine about emerging cyber risks facing 2022

Can you tell me about your company? 

Cyren is a long-time provider of threat detection and threat intelligence for emerging email, file, and web-based threats. We started out licensing our technology to large cloud providers and technology companies that embedded it into their own products. A few years ago, we launched a new Cloud offering to directly help enterprise protect against advanced email threats like business email compromise and ransomware. We have engineers and threat researchers around the world, so we’ve really been studying this problem for a long time at a very large scale. 

What is your role and responsibilities at the company? 

I am the Senior Manager of Detection Technologies at Cyren. In this role, I lead the development and evolution of Cyren’s threat detection frameworks to quickly and accurately identify existing and emerging threats on the Internet. I identify trends of attacks cyber criminals are using to gain a better understanding of their techniques and procedures and detect what will be the next big email, malware, or web attack that we need to protect our customers from. Prior to Cyren, I was a malware analyst a FRISK Software, which produced one of the first anti-virus engines- this experience put me in good stead for the role I am doing now. 

As the number of cyberattacks continue to increase, do you think there are still companies that do not have the right protection in place? 

Certainly, attackers are maturing their processes faster than organisations are maturing their defences. We see a rise in attacks across all industries and all sectors. It doesn’t matter if the organisation is small or large, they will be targeted. It’s far easier to compromise an organisation from within; attackers know this which is why phishing and other forms of social engineering are such common attack types. Companies must invest in detection of targeted threats, automated incident response, and zero-trust to not only protect their employees from being the victim of a targeted attack, but to also move faster to contain the often devasting effects of an attack. 

What do you think are the major emerging cyber risks for 2022?

Cybercriminals adapt to macro digital trends. In 2022, we will see an increase in attacks targeting mobile devices and crypto currency wallets. Both are evolutions that we spotted late last year. For example, we saw an increase in QR codes being used to slip malicious URLs past email security filters. The ease of use and accessibility the two-dimensional barcodes have offered customers during the pandemic has meant more and more companies have employed it as part of their business operations in a bid to get customers engaging with their products and services. Threat actors have followed suit.  

With the rise in popularity of crypto currency investing, NFTs, and meme stocks, criminals are creating all kinds of online scams to steal money. We are seeing an increase in phishing campaigns, malware, and account takeover attacks all targeting various aspects of the retail crypto currency trade.

Share

Featured Articles

How secure is sensitive data stored in the cloud?

A Cloud Security Alliance (CSA) survey has found 67% of organisations store sensitive data in public cloud environments, but how secure is it?

CYBER LIVE LONDON: Day 2 highlights of the hybrid tech show

We take a look at highlights of the different stages at the Tech Live London show, including insights from Claroty, SalesForce and Oracle

TECH LIVE LONDON: An overview of the hybrid technology show

We take a look at the first day of Tech Live London with insights from technology leaders from companies such as IBM, Microsoft and Vodafone

Does a cashless society mean higher risk of fraud?

Cyber Security

5 minutes with Gary Brickhouse, CISO of GuidePoint Security

Cyber Security

CTO at Passbolt explains the importance of password managers

Application Security