ANALYSIS OF NEWS — The corporate inbox appears to be a lucrative destination for malicious hackers more than 17 years after the famous announcement by Bill Gates that the spam epidemic was close to being solved for good. Today, a flood of well-funded start-ups for email security are emerging to take another shot at protecting the entry point for nearly all big cyber attacks.
On Thursday, email protection experts Armorblox revealed a fresh $30 million venture capital investment round, joining a rising roster of well-heeled startups tackling one of the most daunting challenges in cybersecurity: keeping disruptive hackers out of corporate mailboxes.
Armorblox, headquartered in Sunnyvale, Calif., has now funded $46.5 million in total to position itself nicely to continue shaving away from incumbents such as Proofpoint, Mimecast and Forcepoint at market share.
The company says it will use the new money to develop its tech and data science departments and double down on its bet that machine learning magic will efficiently counter the kinds of targeted email attacks that impact companies of all sizes.
Armorblox sells a software that links and analyses thousands of signals over APIs to grasp the email communication meaning. Security teams will use the platform data to block targeted phishing attempts, safeguard critical PII and PCI, and automate user-reported email threat remediation.
Although the overuse of “ML/AI” buzzwords will spoil any effort to address ML/AI capabilities properly, Armorblox CEO DJ Sampath is bullish in exploiting knowledge of natural language, deep learning, conventional machine learning, and recognition strategies to arrange signals through personality, actions and language. “Think of Armorblox as a fingerprint scanner if legacy email security controls are padlocks,” he said.
Sampath argues that this technique also deals with the tricky remediation dilemma where defenders walk the tightrope between safety and efficiency of employees.
He bets that “context-aware identification of attacks” would be much more accurate and effective than the collection of threat deeds, metadata and one-shot detection tools integrated into current email protection offerings today.
Armorblox has bigger aspirations in a technology-centric, post-pandemic, work-from-home environment, with cybersecurity-related investment touching astronomical figures and vast defence data lakes already providing profits for tech firms.
Sampath is not coy about the ambitions of his business to locate treasure in use-cases outside cybersecurity: “We claim that the opportunity to build a single device that can incorporate a common understanding of all information and a proper repository of contextualised data experiences can serve a range of purposes well beyond detecting instances of abuse of intellectual property by email or company.”
Armorblox is not alone with heady big-data aspirations, but it will be a long slog against the cloud email vendors themselves, Microsoft (Office 365/Teams), Google (GSuite/VirusTotal/GCloud), against thousands of well-funded startups, existing incumbents and headwinds.
Microsoft and Google have developer APIs that enable identification and other reasoning to be baked into email traffic flows through ‘inside-out’ protection technologies, however, as is apparent recently, the bigger software vendors have their own market aspirations for cybersecurity.
Material Defense, a startup that came out of stealth last June with $22 million in investment from Andreessen Horowitz and a roster of CISOs openly endorsing its inline plan to incorporate two-factor authentication into attachment recovery, is another early-stage email security game worth watching.
Material Encryption, the brainchild of Ryan Noon, Abhishek Agrawal and Chris Park, former Dropbox engineers, provides security teams with the power to email confidential content—even older archived mail—and make it available only after a two-factor authentication phase. This makes leak protection, ATO (account takeover), phishing herd immunity and other exposure and admin controls to be sold by the company.
Separately, in the multi-billion dollar email protection bath, a wide variety of firms have earned funding to play. These include Agari (raised $85 million), Valimail (raised $84 million), Region 1 (raised $82 million), Abnormal ($74 million), Avanan ($41 million), Inky ($32 million), and GreatHorn ($22 million).
By 2024, industry watchers expect the email protection market to hit $6 billion, powered largely by the rapid digital transition linked to COVID.