Cyren: Building internet security for the cloud era

Share
Magni Sigurðsson, Senior Manager of Detection Technologies at Cyren, spoke to Cyber Magazine about emerging cyber risks facing 2022

Can you tell me about your company? 

Cyren is a long-time provider of threat detection and threat intelligence for emerging email, file, and web-based threats. We started out licensing our technology to large cloud providers and technology companies that embedded it into their own products. A few years ago, we launched a new Cloud offering to directly help enterprise protect against advanced email threats like business email compromise and ransomware. We have engineers and threat researchers around the world, so we’ve really been studying this problem for a long time at a very large scale. 

What is your role and responsibilities at the company? 

I am the Senior Manager of Detection Technologies at Cyren. In this role, I lead the development and evolution of Cyren’s threat detection frameworks to quickly and accurately identify existing and emerging threats on the Internet. I identify trends of attacks cyber criminals are using to gain a better understanding of their techniques and procedures and detect what will be the next big email, malware, or web attack that we need to protect our customers from. Prior to Cyren, I was a malware analyst a FRISK Software, which produced one of the first anti-virus engines- this experience put me in good stead for the role I am doing now. 

As the number of cyberattacks continue to increase, do you think there are still companies that do not have the right protection in place? 

Certainly, attackers are maturing their processes faster than organisations are maturing their defences. We see a rise in attacks across all industries and all sectors. It doesn’t matter if the organisation is small or large, they will be targeted. It’s far easier to compromise an organisation from within; attackers know this which is why phishing and other forms of social engineering are such common attack types. Companies must invest in detection of targeted threats, automated incident response, and zero-trust to not only protect their employees from being the victim of a targeted attack, but to also move faster to contain the often devasting effects of an attack. 

What do you think are the major emerging cyber risks for 2022?

Cybercriminals adapt to macro digital trends. In 2022, we will see an increase in attacks targeting mobile devices and crypto currency wallets. Both are evolutions that we spotted late last year. For example, we saw an increase in QR codes being used to slip malicious URLs past email security filters. The ease of use and accessibility the two-dimensional barcodes have offered customers during the pandemic has meant more and more companies have employed it as part of their business operations in a bid to get customers engaging with their products and services. Threat actors have followed suit.  

With the rise in popularity of crypto currency investing, NFTs, and meme stocks, criminals are creating all kinds of online scams to steal money. We are seeing an increase in phishing campaigns, malware, and account takeover attacks all targeting various aspects of the retail crypto currency trade.

Share

Featured Articles

Resilience: Firms Fail to Grasp Cyber Financial Impact

Resilience and YouGov survey reveals 74% of mid to large UK businesses face cybercrime, while ransomware understanding lags behind data breach concerns

SonicWall and CrowdStrike Unite for SMB Security Service

SonicWall partners with endpoint protection specialist CrowdStrike to offer managed detection and response capabilities through managed service providers

FS-ISAC CISO Talks Cyber Strategies for Financial Providers

FS-ISAC CISO JD Denning explains the cyber strategies financial providers need to adopt in order to stay afloat in the wave of cyber attacks

Darktrace Reports 692% Surge in Black Friday Cyber Scams

Cyber Security

KnowBe4 Launches AI Agents to Counter Phishing Threats

Technology & AI

Gen Reports 614% Rise in Command Prompt Manipulation Scams

Cyber Security