As the CEO of SlashNext, Patrick Harr directs a workforce of security professionals focused on protecting people and organizations from phishing anywhere.
Before joining SlashNext, Harr served as the CEO of Panzura. There, he transformed their company into a SaaS company, grew annual contract value by 400%, and led to a successful acquisition in 2020.
Previously, he held senior executive and GM positions at Hewlett-Packard Enterprise, VMware, BlueCoat and was CEO of multiple security and storage start-ups, including Nirvanix (acquired by Oracle), Preventsys (acquired by McAfee), and Sanera (acquired by McDATA).
In a world where hackers, and security threats are common considerations for businesses, this conversation was a helpful one to have.
M.R. Rangaswami: What are the core focus areas you see that help solve phishing attacks and other security threats for customers?
Patrick Harr: Hackers are increasingly turning their attention to mobile devices with new tactics including non-linked based phishing, and SMS/text phishing, known as smishing. The latest Verizon MSI report showed that 83% of organizations report mobile device threats are growing more quickly than other device threats.
Along those lines, we recently released the SlashNext State of Phishing Report for 2022, which analyzed billions of link-based URLs, attachments, and natural language messages in email, mobile and browser channels over six months. We found more than 255 million attacks, marking a 61% increase in the rate of phishing attacks compared to 2021. Also, SlashNext detected an 80% increase in threats from trusted services such as Microsoft, Amazon Web Services, or Google, with nearly one-third (32%) of all threats now being hosted on trusted services.
These findings show that legacy security strategies – including secure email gateways, firewalls, and proxy servers – are no longer stopping threats, especially as bad actors launch their attacks from trusted services and business and personal messaging apps.
SlashNext helps to protect the modern workforce from such malicious messages across all digital channels. SlashNext’s Integrated Cloud Messaging Security is built for email, browser, mobile, and brand to protect organizations from data theft and financial fraud breaches. The SlashNext Complete™ integrated cloud messaging security platform utilizes patented AI SEER™ technology with 99.9% accuracy to detect threats in real-time and prevent users from phishing, smishing, social engineering, ransomware, and malicious file downloads.
M.R.: What industry trends are having the greatest security impacts for the modern workforce today?
Patrick: Cybercriminals are increasingly moving their attacks to mobile and personal communication channels to reach employees. As a result, the single biggest threat to any company is no longer machine security – it is the human security factor due to the explosion of personal employee data in the newly hybrid workforce. These blind spots are becoming more apparent as organizations adopt new channels for personal messaging, communications, and collaboration.
In fact, SlashNext recorded a 50% increase in attacks on mobile devices this year, with scams and credential thefts at the top of the list for payloads. Such attacks on humans will continue to increase because humans are fallible and they get distracted, making it hard for people to easily identify many threats as being malicious.
It all comes down to the question of how do I validate that you really are the person I think I am communicating with? Or is this the trusted file or corporate website link that I assumed it was before clicking on it? This problem is growing because more people are working on the same device for their business tasks and their personal lives simultaneously. I only see this trend accelerating in the coming year.
M.R.: What are you working on to help close this mobile security gap?
Patrick: In October, we launched Mobile Security Personal and Home apps for BYOD and Family use to protect mobile device owners against the growing threat of phishing and fraud attempts on SMS/text, links, and apps. These apps provide total privacy for users’ data.
The personal BYOD edition can be purchased by a business for employees, as either a managed app or unmanaged option for user data privacy for BYOD. The Home edition involves an annual subscription which covers up to five mobile devices that can be shared across family members, and not tied to any corporate business accounts.
SlashNext has the only on-device solution to block link-based and non-link-based SMS phishing attacks, which is the first stage of attack in a Business Text Compromise (BTC). As a result, SlashNext Mobile Security gives users another layer of security on their personal devices while helping businesses to protect their company data and maintain employee privacy.
M.R. Rangaswami is the Co-Founder of Sandhill.com