Bootstrapping Using Services First, Raising Money Later: Rohyt Belani, CEO of PhishMe (Part 6)

Rohyt Belani: If you want, I can explain with a really good example in a story.

Sramana Mitra: Yes, go for it.

Rohyt Belani: If you think back to 2010, there was a bomb scare at Times Square. There was a Nissan Pathfinder parked right in the middle of Times Square, which is very unusual. If you’ve ever been to Times Square, you see that there are a lot of cops there walking around. None of these systems and technologies caught this anomalous SUV parked right in the middle of Times Square. It was two vendors who stood there everyday selling $2.99 I Love New York T-shirts that said, “This looks whacky.” They went to the cop and said, “We don’t see cars parked here.” The next thing you know they call the bomb squad. It was loaded up with explosives.

While these guys weren’t bomb experts, they were contextually aware. Our whole idea is how do we take that contextual awareness to cyber security. How do you do that? An example is I got hit by a phishing attack myself. We launched our most recent product. I guess the phishers just go after us for bragging rights.

I wake up one morning at 7:15. When I look at my email, I see that I have an email from my Chief Technology Officer talking about a critical bug in the recent product we put out. We had to roll it back from our beta customers. It’s an embarrassment. It had the perfect emotional trigger in there for me to want to act and it said, “The root cause analysis is in the attached Word document.” I was just about to open the document when I said, “Hold on a second. If there’s a major issue like that, Aaron picks up the phone and calls me irrespective of the time or day. Part two is if he sends me an email, it never starts with Dear.” Technology doesn’t know that. Again, I was contextually aware and spotted these two things. I was able to say, “This is suspicious.” I tagged it as suspicious and an hour later, we found out that it was indeed a malicious signature. That’s where we want to get human beings and employees inside of organizations to be contextually aware and turn into cyber informants for their security teams.

Sramana Mitra: You’re talking about this context awareness. Talk to me a little bit about the technology that drives that level of context awareness.

Rohyt Belani: I guess it’s a combination of humans and technology. When human beings report emails, what we find is in a large organization, you can get thousands of people reporting things as suspicious emails, especially if you make it easy for them by putting a button in Outlook or an email client. You start to get false positives but what happens is the system maintains a reputational score per person. Think of it as FICO score as it relates to phishing.

The more accurate you are in reporting phishing emails and the more resilient you are in not falling for simulated phishes, you combine those two aspects, that’s what governs your reputation. When people report things, we weigh it by the reputation, the number of people reporting it, and a variety of criteria. We are able to go into the IT security team saying, “Just because 5,000 emails got reported, you don’t have to look at all of them.” We group them into ones that are similar and two, we’ll take each of those groups and weigh them by the reputations of the people reporting it and the number of people reporting it. All of a sudden, you’re down to three groupings or clusters that you have to look at instead of 5,000 emails.

This segment is part 6 in the series : Bootstrapping Using Services First, Raising Money Later: Rohyt Belani, CEO of PhishMe
1 2 3 4 5 6 7