By 2026, cybersecurity market capitalization is expected to sit above $350 billion, with a year-on-year average growth of 10-11%. A significant chunk of this market is in emails, with data suggesting that an average office worker sends out 40 work-related emails and receives 90 of them each day. Furthermore, about 306 billion emails are exchanged every day by around 4 billion users worldwide.
Despite the emergence of messaging apps, chatting apps, and social media, email continues to be at the forefront of digital communication. It’s no wonder, then, that it’s such a lucrative target for cybercriminals. Roughly 90% of all cyberattacks begin with a phishing email, and this is the primary method for delivering ransomware attacks. Combined with an increased risk from remote working setups, taking the first step to secure the email landscape by configuring DMARC (Domain-based Message Authentication, Reporting, and Conformance) at enforcement level is an essential first step all business and IT leaders should be undertaking. DMARC’s primary purpose is to protect a domain from being impersonated and used in Business Email Compromise (BEC) attacks, phishing emails, email scams, and other cyber threat activities. DMARC at full enforcement is the most essential tier of a comprehensive, layered cyber and email security strategy, necessary for companies worldwide.
How are artificial intelligence & machine learning driving the market?
The cybersecurity sector’s biggest challenge is the asymmetry in the cost to attack vs the cost to defend. The best estimate suggests it’s 400 times cheaper to launch an attack than it is to defend against one. This is this economic model that Red Sift aspires to change. Founded in 2015, Red Sift is a global organization with international offices in North America, UK, Spain, and Australia. Led by CEO, Rahul Powar, its tagline is to “Democratize the technology essential for cybersecurity.” As Rahul shares, their strength lies in utilizing computers rather than consultants, “Machine learning and AI makes it not only a less expensive solution for customers but enables Red Sift to automatically analyze and process millions of data points” meanwhile retaining enough flexibility to be able to cater to businesses of all sizes. “Red Sift helps organizations of all sizes to defend themselves, ranging from small charities and independent traders to multinational law firms and government bodies, whilst tiered pricing and discounts for charities and sole traders means both products remain accessible for all,” Rahul adds. “All our products sit on a platform poised to support a range of complementary cybersecurity solutions, with our GDPR compliant servers running with an average up-time of 99.98% over the last 12 months.”
Red Sift products currently include OnDMARC and OnINBOX, scalable SaaS applications that work together to close the net on the global phishing problem. Its award-winning DMARC solution (OnDMARC) helps organizations to maintain the correct setup of their email configuration, thereby automatically protecting against BEC, exact domain impersonation, and outbound phishing attacks using their company domain name. OnINBOX uses Machine Learning to analyze the security and content of inbound email communications, providing users with clear visual threat indicators inside every email so users can take the right action and security teams have company-wide email threat intelligence. As Rahul describes it, “The Red Sift Open Cloud is a data analysis platform that is purpose-built for the challenges of cybersecurity.”
“Ransomware will continue to be used to exploit company systems and critical infrastructures, but much like when GDPR was introduced, companies will be held more accountable to data breaches, with security regulations and legislation tightened throughout the world.”
Leaps & Bounds: The growth story
With Red Sift’s consumer-first approach, their focus is on “self-service”, making economic sense for small traders as well as big enterprises. Its cloud-based solutions are device-independent and appropriate for any organization that uses email. Its clients include Domino’s, Wise, Telefonica, Pipedrive, Rentokil, ITV, and top global law firms. Being an out-of-the-box solution ensured that OnDMARC was named Innovative Product of the Year at the Cyber Security Awards and labeled Next-Gen in Anti-Phishing at the Global Infosec Awards at RSA 2021. They work with Gartner analysts to validate market strategies, with OnDMARC being identified as a selected vendor in Gartner’s Market Guide for Email Security 2020. Along with being official members of the G-Cloud 12 Program, Microsoft Intelligent Security Association (MISA) and official suppliers to the Crown Commercial Service and General Services Administration (GSA), allowing them to sell to government agencies. The success of products has been widely recognized by analysts within the industry. In recent months, Red Sift has won Security Vendor of the Year – SME at the Computing Security Excellence Awards and IT Security Provider of the Year at the British Legal Tech Awards. Excellent products have propelled Red Sift deployments, with the largest companies in total no of active domains at 4536 email domains, in projected email volume at 836 million emails per year, and the number of employees at 140,000.
The following testimonials show the faith that Red Sift has developed and the reputation it enjoys today. Steve Jackson, Head of Internal Systems at Tessella, shares, “Without this [OnDMARC] in place, the impersonated email would have slipped through our spam and email filtering systems and landed in the target’s inbox. The only way we were even aware that this happened is because the Chief Executive received a bounce-back message from the rejected email, that he had never even sent in the first place! When following up we were able to disable the accounts that were blocked by OnDMARC for swift remediation. Without OnDMARC this could have easily led to financial loss.” And a Systems Administrator at a US Government Organization has this feedback, “We felt confident in getting to reject quickly and accurately for multiple domains with OnDMARC. A high-value feature for us was Dynamic SPF as we have so many agencies and vendors sending on our behalf. This was unique to other vendors and really helped in terms of simple and efficient SPF management.”
Risk Mitigation: Strategies & trends
As more and more people have switched to working from home, the challenges in cyber security are at their highest. Businesses still don’t fully comprehend the impact of security breaches and their economic complications. Despite the staggering amount of proof, 90% of global retailers still don’t have the correct DMARC configuration in place and are open to attack and vulnerable to fraud. As Rahul emphasizes, “Ransomware will continue to be used to exploit company systems and critical infrastructures, but much like when GDPR was introduced, companies will be held more accountable to data breaches, with security regulations and legislation tightened throughout the world.”
One of the biggest concerns in this industry has been customer privacy and confidentiality. In its report evaluating email security in the retail sector, Red Sift highlighted several interesting statistics. Reputation and customer safety are proportional, with another recent study finding that 67% of people trust a company less after a data breach, and 22% won’t use a company again if they are hacked. “It’s clear that a business’s brand equity is intrinsically linked with how customers view their integrity, and it’s key that this is upheld at all times.” shares Rahul. Deliverability can be dependent on DMARC, “More and more domains are putting the right email security in place, meaning that now a whopping 1 in 6 emails don’t even get delivered.” He emphasizes trust is the key, “The appearance of a registered logo in an email using a VMC (Verified Mark Certificate) tells the recipient that the sender is DMARC compliant, meaning the email can be trusted. We found that showing a verified logo on an email increases consumer confidence in that email by 84%.”
These trends show there is an urgent need for continuous review of the cybersecurity processes, with particular emphasis on the supply chain network. Clear procedures, tools, and protocols like DMARC should be in place everywhere to proactively monitor systems and provide immediate alerts about a cyberattack.