SafetyDetectives spoke with Paul Holland, CEO at Beyond Encryption, about what makes the company unique, the most common data security threats faced by businesses, how companies can secure their data with a remote work staff, the role AI will play in data security, and more.
What motivated you to establish Beyond Encryption?
I have always had a fascination with technology, which dates back to a very young age. This is largely thanks to my dad, plus an early apprenticeship and career in electronic engineering, where I was exposed to some of the first Personal Computers (PCs).
After taking on an advisory role within the financial market, I found that many professionals and their customers were experiencing frustrations with communication efficiency, security, and engagement.
Since then, I’ve been passionate about working to solve these issues using some of my own experiences – with Beyond Encryption specifically created to provide professional services such as FS and legal with the tools they need to communicate both safely and efficiently with their customers.
What are the flagship services of Beyond Encryption, and what makes it unique?
We offer three core products that align with our mission as a business. Mailock is our versatile software platform that enables organisations to communicate securely via email. Mailock protects sensitive data through encryption and recipient authentication capabilities, as well as providing additional business benefits such as assistance with regulatory compliance, reduced costs, and improved operational efficiencies. The best part is we offer a free Mailock license to consumers to enable two-way secure communication between businesses and their customers.
nigel is our document vault and concierge, a mobile-first app that enables users to quickly and securely save, find and remind important information. nigel allows users to upload anything from bills to letters to screenshots, either directly from a person’s email or by scanning a letter sent in the post. The system then scans the contents for key information, including phone numbers, URLs and dates, and ensures you are always reminded of appointments or able to access urgent phone numbers when you need to.
Finally, Assurescore is our secure solution that utilises ‘Crowd Authentication®’, analysing data from network interactions to help identify customers and profile communication risks. It enables users to build a secure network that leverages personal connections and verifies digital identity without revealing sensitive data.
Together, these solutions provide a secure and intuitive experience for both the storage and transmission of personal information.
What are some of the most common data security threats that businesses face today?
While cyber-attacks and data breaches across the board are growing more frequent in number, email-based threats especially are on the rise. This can include incidents such as email interception, where a third party gains unauthorised access to email content when it is in transit between the sender and the recipient. Phishing is also reported to be on the rise, with a 2023 study from IMB showing that 41% of all cyber-attacks use elements of phishing. This generally involves a malicious third party sending an email pretending to be from a legitimate source and attempting to persuade the recipient to open a fraudulent link or attachment.
However, the biggest email security risk is undoubtedly human error, with 9 out of 10 data breaches caused by some form of human error. One example of this is when a user sends an email containing sensitive information to the wrong person, with our recent research showing that more than ½ of consumers have shared personal data over email, and a ¼ have accidentally shared this data with the wrong recipient.
Can you describe some effective strategies for protecting sensitive data from cyber-attacks and other security threats?
A comprehensive cyber security strategy should take a holistic approach to security, taking a range of protective measures that focus on both prevention and response to cyber risks. One key aspect of this will be empowering workers to take ownership of digital safety, providing a clear security policy, and educating them on best-practice for responding to potential threats. Another important step is to provide the correct tools to carry this out. When thinking specifically about communication security, one example of a necessary tool would be end-to-end encryption, as it prevents malicious third parties from intercepting data while in transit and at rest. Another example could be multi-factor authentication, which enables the recipient to prove they are who they say they are and provides an additional layer of security to accounts and messages.
How do you see AI changing the way companies handle data?
AI will enable us to better leverage the insights and value contained within data, adding value to both businesses and consumers in the coming years. For consumers, AI can be used in data management products such as nigel, allowing them to more appropriately store and protect sensitive data in a way that’s accessible and convenient.
For businesses, we can already find aspects of AI and machine learning entering the market that takes on the manual labour of analysing data and making predictions based on it. For instance, being used in security solutions for high levels of threat detection and response, with AI-powered systems able to scan vast amounts of data from multiple sources to identify patterns and anomalies that may indicate a potential threat. These systems can then respond in real time, alerting security teams and taking automated actions to block or mitigate the threat.
This level of data analysis can also be utilised for achieving higher levels of customer personalisation, allowing companies to target customers and make recommendations based on individual preferences and behaviour.
With the rise of remote work, what are some key considerations that companies need to keep in mind when it comes to securing their data?
As employees continue to operate from home, businesses must ensure that their cybersecurity defences cover all bases. Remote work, by definition, involves system access, network traffic, and data that is moved outside the conventional perimeters of the traditional business environment. With remote working expanding the attack surface, legacy strategies are no longer sufficient for maintaining safety across the business. Providing tools that nullify the risks that remote working creates is key, with businesses needing to make use of cloud-based solutions, VPNs, and communication software that bridges the gap.