As someone who joined Agari nearly five years ago as part of the core team building our breakthrough email security solutions, I am extremely proud of what we built, and I can’t wait for you to see what’s next. This is—after all—a race against time. In the battle against costly spear phishing attacks, business email compromise (BEC) scams, and other advanced email threats, serious solutions can never arrive too soon.
Let’s take a step back and look at the numbers. In 2018, phishing campaigns targeting US corporations jumped 297%, to well over 137 million attacks. The 60% surge in BEC scams over the last year has included nine large, publicly-traded companies that collectively lost $100 million through wire fraud.
In fact, 93% of organizations report being hit by these kinds of targeted phishing attacks, and as many as 50% say they’ve fallen victim in just the last two years. In all, the FBI estimates advanced email threats now account for 48% of all Internet-based business losses from cybercrime each year.
All this is to say that email security is a huge issue, and one that Agari is tackling head-on. We’ve always been dedicated to providing the best possible solution to our customers, and as our new VP of Product Management, I intend to continue that tradition.
Since joining Agari in 2014, I’ve held a succession of positions in which I’ve been able to help solve real problems for organizations looking to protect themselves, their customers, and their employees from the affliction of email-based cyberattacks. That includes new product development and applied research for a number of breakthrough solutions, as well as building the engineering platforms and processes needed to increase the velocity of innovation at Agari.
It’s been an incredible journey that began when I first felt the gravitational pull of Agari founder Pat Peterson nearly a decade ago. At the time, I was leading efforts to develop a real-time IP reputation system at Return Path and I’d been impressed with the work Pat had done at IronPort and then Agari. But our relationship really started with MOOCOW (Messaging Operational Overlay Coalition Of the Willing), a delightful name for a small working group trying to finally put a dent in the growing scourge of phishing attacks. That effort evolved into DMARC and over time, I got the chance to get to know Pat, Mike Jones, and the many others working on email authentication in forums such M3AAWG. When Pat recruited me to join Agari, what most intrigued me was that even then he had his eye on something really ambitious. We weren’t just going to help the world to adopt email authentication, we were going to be the first to solve the problem of spear-phishing and other advanced email threats. The great team that he had already assembled was a bonus.
When I joined Agari, the team had already created the first product—Agari Brand Protection, previously known as Customer Protect. I was tasked with launching the company’s first-to-market BEC detection solution which gave me the opportunity to collaborate across sales, marketing, and customer success teams while hiring, training, and scaling a twenty-member engineering organization. It was during this time that we first recruited Scott Kennedy and the other top software engineers who formed the core team and whose work led to a game-changing insight.
Existing approaches to email security were quickly becoming outdated as a new generation of cybercriminals learned how to evade traditional SEGs and even the security controls built into cloud platforms. Instead of relying on malware or malicious links, these social engineering-based email attacks leverage look-alike domains, hijacked email accounts, and other forms of identity deception to manipulate recipients into revealing sensitive information or initiating wire transfers. This meant that a new approach to email was required—one that focused less on email inspection and more on the identity of its sender.
The truth is, you don’t get many opportunities to disrupt an entire industry, but Agari raised the bar. I relished working with our data science team to help drive the development of multiple machine learning-enabled subsystems that power what has become Agari’s identity intelligence platform, which we call the Agari Identity Graph™.
This patented approach to email security combines novel machine learning techniques and real-time, anonymized intelligence from 2 trillion emails annually to model communications across individuals, organizations, and infrastructures and the trusted behaviors that define each individual sender’s “good.”
When email activity deviates from these established patterns due to impersonated or hijacked accounts, the Agari Identity Graph can easily detect and defend against them, enabling customers to trust their inboxes and providing the technology that no other company can.
Once we launched the Agari Phishing Defense product, previously known as Enterprise Protect, we discovered that one of its key features was the ability to perform incident response activities. This feature was better than other products on the market, but we knew that we could do better, that we could provide a fully automated product that was purpose-built for incident response.
So our team put our heads down to build a product that addresses the needs of SOC teams by accelerating phishing incident response and reducing the time it takes to discover and remediate breaches from an average three months to just minutes—the product that we recently launched in December 2018 as Agari Phishing Response. And we’ve continued to innovate on it in the past few months. New capabilities we introduced in our Spring 2019 Release combine predictive AI and a network of Agari SOC experts that enables organizations to detect latent threats that manage to evade early detection, and then remove them from all inboxes intravenously.
As I start this next chapter at Agari, our team is already busy conducting cutting-edge research, building new models and developing new tools to secure our customers and the broader email ecosystem. Our exciting roadmap includes not only improving and integrating our existing products, but also tackling the thorniest challenges in detecting and stopping emerging threats. The Agari products have helped our customers for a decade, and they’re going to continue to get better at detecting threats, protecting inboxes, and responding to incidents as we move forward into new territory.
Best of all, I get to continue leading the same team of trailblazers, and recruiting more—we’re hiring! I’ve had the good fortune of working with industry experts these past five years as we deepen our products, our data science, and our go-to-market strategies to deliver solutions that help organizations defeat cybercriminals and bring trust back to the inbox for good. I’m excited to show you what is coming next.
To learn more, read the official announcement on Jacob Rideout’s promotion to Vice President of Product Management for Agari, here.