Safety Detective’s Aviva Zacks had the opportunity to interview Matthew Gardiner, Mimecast’s Director of Security. He explained how his company is keeping ahead of the hackers and protecting your cloud.
Safety Detective: Tell me how you got into cybersecurity and what drew you to the industry.
Matthew Gardiner: At the end of 2001, I joined a company called Netegrity. It was a new company focused on the emerging spaces of identity management and web access management.
At the time, I liked that the company was working on an interesting technology in a new emerging space—security on the web. Since then I’ve realized that what I like about security is that it incorporates aspects of business, technology, research, economics, government policy, privacy, criminality, and law enforcement. Security brings together a lot of disciplines into one domain, and I enjoy switching back and forth between all of them on almost a daily basis.
SD: How does Mimecast help end-users and companies prevent cyberattacks through their email and their cloud systems?
MG: In the late 1990s, email was still emerging and was on its way to becoming a dominant communication vehicle for businesses. Attackers started to take advantage of that. Every businessperson in the world uses it because it’s technically flexible—you can send attachments and links, easy, and ubiquitous. Of course, what makes it valuable for legitimate use also makes it valuable for cybercriminals. They can trick the average person in a company into clicking a link or opening a file or responding to a request in an email.
Security defenses against malicious use of email emerged at the same time. Originally focused on filtering out spam, but since having evolved to take-on more targeted and sophisticated attacks.
Mimecast inspects an organization’s mail, whether it’s going in or out or within an organization and looks at the URLs and files that are attached to see if they are malicious. Then the Mimecast service automatically takes action on behalf of the customer to help get rid of the malicious emails from their email flow.
Traditionally security controls were something that ran on your computer or your network. But increasingly most of your applications are in the cloud, so it makes sense that your security systems are in the cloud as well.
Mimecast is helping to drive this trend of moving security controls to the cloud. We started with email, but we’ve expanded into other areas like web security, archiving and awareness training. I’m sure we’ll create new security controls delivered from the cloud that ultimately makes the consumption of those controls less complicated and expensive for everyday organizations.
SD: What are the current cybersecurity threats?
MG: In every society, there are malicious actors—that’s been true for thousands of years. That isn’t going to change. What’s new is the digital media medium in which they can do it now. This dramatically increases their reach, while reducing the risk of getting caught. Most cybercriminals are in it for the money, plain and simple,
Some cybercriminals are very targeted. They are usually more sophisticated and more focused on their particular victims. And other attackers have very broad distribution strategies. Companies need to put in strong controls, particularly around the places where private data or financial information is stored, because attackers are not interested in stealing things that have no monetary value.
SD: How do you see cybersecurity developing in the next five years or so?
MG: Mimecast has a tremendous set of data about email, email attacks, web traffic, and other security data. We service about 35,000 customers and see billions of emails every month, which gives Mimecast the ability to apply intensive computational techniques to that data to draw out intelligence. Artificial intelligence, machine learning, and related techniques help us mine data to discover, detect, and prevent attacks more quickly across our customer base.
Vendors such as Mimecast are increasingly sharing attack information with other good guys out there, helping organizations more quickly react to attacks. So instead of every company having its own systems for security—effectively going it alone—all this intelligence can be analyzed and applied on a more global basis. This will allow us to defend our customers more quickly and effectively, while also helping to improve the security overall for the world.