01732 759725 34 CYBER SECURITY This autumn is set to be a busy time for CybelAngel, as it introduces a new partner programme and moves more into the external attack surface management space with a new product and new company positioning. Technology Reseller finds out more in conversation with Camille Charaudeau, Vice President, Product Strategy at CybelAngel provided by the customer, such as the company name, company domain, project name, product name or confidential file. “We can start with your own IT assets that are publicly exposed, and you didn’t know about – what we call shadow IT. It could be a site you created with a former marketing agency that you forgot about and is no longer supervised but which now includes a vulnerability that hackers can use to access the database behind it and perhaps gain access to your network through that asset. It can be an API endpoint. It can be a server running on a cloud instance that you are not using anymore but which you are still paying for. It’s about finding that exposure. "The attack surface is also exposed credentials, so we go on the Dark Web and look at hackers who are trying to resell employee credentials that could be used as a way inside an organisation. We scan for open databases of partners that are inadvertently leaking information and for malicious domains – small variations in the spelling of your main company domain that are used for phishing campaigns to extract or collect specific information. They, too, are part of the attack surface. And lastly, it’s about finding data leakage on the cloud and on file sharing servers; you can’t imagine how many of them are still open and used freely to share information from one entity to another. If we can find these examples hackers can too.” Man and machine CybelAngel processes several billion data points a day and relies on a combination of machine learning and human analysts to filter and investigate that noise. “We never give a raw feed of information to our customers, because they do not have the time. We filter that first and we have dedicated analysts working with those customers who understand their business contexts and only push what’s relevant to them.” Each CybelAngel analyst can take care of 8-10 large clients. CybelAngel now Over the last eight years, CybelAngel has grown into an international business of about 180 people, with 60 people in the R&D and engineering departments, and 160 or 170 large enterprise customers, the likes of CVS in the US, NTT in Japan and BT in the UK. “A large proportion of our customer base is in Europe – in France, the UK and Germany in particular. In 2018, we expanded into the US and North America where we now have somewhere in the region of 40 customers and about 40 employees working from CybelAngel’s regional offices in Boston. We have 4 or 5 people in the UK, one or two people on the sales side in Germany and we very recently opened in the Middle East with two local employees working out of Dubai.” A global customer base About 75% of CybelAngel’s customer base is companies with more than 10,000 employees, largely because the bigger a company the more distributed its operations and the broader its digital footprint or attack surface. “If you are a very small company operating locally, the chances of your assets being exposed on the other side of the world and putting you at risk are low. But if you are a big one, like BT in the UK, with operations around the globe, then you Early days CybelAngel started out in 2014 to address data leakage of company assets. Its first customer was a major French bank after it found that many of the bank’s confidential documents, business plans, financial forecasts, invoices, contracts, employee personal information etc. were being stored on an exposed server owned by a third party. “This happens every single day, and the more you chat and share and do business with a broader ecosystem, the more you expose yourself,” says Camille Charaudeau, Vice President, Product Strategy at CybelAngel. “CybelAngel was set up to discover a specific exposure, a specific data leak, but we’ve expanded beyond that. Now, you can think of CybelAngel as a massive internet scanner, looking for exposure continuously 24/7 for our customers.” It does this by scanning for keywords One to watch: CybelAngel Camille Charaudeau continued...
RkJQdWJsaXNoZXIy NDUxNDM=