CyberShield
I’ve been working with CyberShield in the GCHQ accelerator, as part of the Wayra mentoring team.
I spoke to them, and asked them some questions about email fraud and phishing, and building a cyber start-up.
Here’s what they said…
JD: What do you do to help people, in 100 words or fewer?
CS: Cybershield helps companies by stopping their employees from opening phishing and the harder to detect spear phishing emails. We do this with an AI-based system which looks at 120 classifiers to detect a range of phishing indicators. We alert people to the threat in real time by changing the subject line in the email to green, amber, or red like a traffic light warning system. It is important to detect these more targeted attacks as these are the attacks which cause the breaches and give the media their headlines.
JD: What’s the difference between spam and phishing (and whaling)?
CS: Spam, or junk mail, is unsolicited email that tries to sell you a product or service, such as the “latest and greatest” diet pill or some form of “cutting edge, high-quality” software. Phishing email, on the other hand, is a specific email that tries to trick you into giving your personal or sensitive information, like your Login ID and Password or credit card number. It will use threats such as “if you don’t provide your login ID and Password immediately, your account will be deleted!”. “Whaling” or so called CEO fraud is specifically targeting the “C” Suite of companies to trick staff into believing they are getting urgent directions from their boss to transfer money, or send sensitive information to unknown parties. Facebook and Google got taken for $50 million each with these types of scams.
JD: Who are the Cybershield team, and why should we trust you as experts?
CS: Jack Chapman is a graduate from York University, and has worked for start-ups before, designing bespoke web scrapers, and deep learning steganography detection. His extensive experience in various machine learning has allowed him to design a system that detects many indicators of phishing from an email, and then present that information simply to the user.
CS: Paul Chapman has a police and security background, with additional experience in technical sales and management. He leads the business development and sales side of the business.
CS: Although there are already products on the market the key is to stop employees being caught out by targeted emails which aim at the human through social engineering. We went back to basics and worked with a psychologist who was studying why people fall for scams, and used a lot of the insights to design our new solution. Our expertise is in understanding how to better design systems that work with people the way they want to work rather than imposing systems that are hard to learn or impose punishments if users make a mistake.
JD: Where do you plan to be in 5 years’ time?
CS: In five years time we plan to be part of the UK’s active cyber defence program, protecting a number of major companies, and having our phishing protection within Government departments as well having gone international. We also will have a consumer product giving protection from email scammers, especially to the more elderly and vulnerable people in society.
JD: Can home users get hold of your protection technology?
CS: At the moment the solution is being developed for business customers only, but there are plans to deliver a low cost solution to home users, which would come bundled with other add-ons from their telecoms supplier or ISP.
JD: If not, can you give us some simple rules that will help identify phishing emails?
CS: Yes. First of all, take a deep breath and take a minute to think. Did you expect this email? If not, is it asking for personal information (account numbers, passwords, even date of birth etc.)? Is the email asking you to hurry? Is it appealing to base emotions such as fear or greed? Is it using these emotions to get you to click a link within the email? If you didn’t expect the email, don’t click the embedded links as it could take you to a cloned phishing site where your personal details will be harvested by the cyber criminals.
JD: What should a home user, like my mother-in-law, Rita, do if she correctly detects an email as phishing?
CS: Delete it and report it to the organisation they are impersonating.
JD: What are the best bits and worst bits of trying to grow a cyber security start-up?
CS: The best bits are building the product and developing the strategy to go to market. You know it won’t be right, but keeping listening and iterating the plan is a really great journey. The worst bits are the lack of money, that no task is ever finished, and that you have so few people with so many roles to fill, so you end up wearing a multitude of hats at very short notice.
JD: If someone is reading this and thinking that they could be a founder of a cyber start-up, too, what would be your advice to them?
CS: Make sure that you actually have at least one technical person who can code as one of the founders. Be prepared to test your ideas with people you don’t know to see if it’s a good idea before you go ahead. Your Mum will always love your ideas regardless how crazy, so don’t go using her as a sounding board to decide!!
JD: Tell me one really secret thing you’ve learnt since being in the GCHQ cyber accelerator.
CS: I have got really good at learning alarm codes and security protocols now.
JD: Any final words of comment or advice you’d like to throw in?
CS: Email is still the number one method of business communication and is here for the foreseeable future. If you can create a culture of not blaming your people for getting caught out by these phishing emails, it will massively help your cyber resilience. If an employee does get caught out (and we could all be caught out) then as long as they have the confidence to let you know, you can track back and mitigate the damage caused by the attack.
JD: Thanks, Paul, and best of luck with CyberShield
More information available from the CEO Paul Chapman.
JD