If You Can’t Trust Your Phishing Protection Company, Who Can You Trust?
Quick Answer
Vet phishing protection vendors on ownership transparency, not just feature lists. In April 2019, Reuters and the Wall Street Journal reported that Cofense (formerly PhishMe) was partly owned by Pamplona Capital Management, whose funds had been backed by a Russian billionaire on a 2018 US Treasury oligarchs list. Pamplona was pressured to sell its stake after a national security probe. The lesson: with smaller vendors, ownership and decision-makers are easier to identify; with larger ones, board members, investors, and management layers can hide influence that matters when the product touches your inbound email. When evaluating a phishing vendor, ask who funds them, who sits on the board, and where the company is incorporated, not only what the product does.
Phishing protection is big business. There are many providers out there using advanced technologies to protect companies of all sizes. And these technologies are needed, because as research has shown, phishing protection education alone will not protect your company.
Now it has come out that one of the larger email security firms, Cofense (formerly PhishMe), is partly owned by, wait for it, a Russian oligarch.
According to an article on Reuters this month, “U.S. cybersecurity firm Cofense Inc. said on Wednesday that buyout firm Pamplona Capital Management is seeking to sell its stake in the company following a year-long probe by U.S. national security regulators.”
The article further stated that, “Pamplona bought a minority stake in Cofense, which serves major corporations, in February 2018, when the company was known as PhishMe. Pamplona’s funds [have] been partly backed by Russian billionaire Mikhail Fridman, who was on a February 2018 “oligarchs’ list” published by the U.S. Treasury Department.”
Pamplona declined to comment.
Well if you can’t trust your phishing protection provider who can you trust?
There are times when a small service provider is preferable to a larger one, like when you’re purchasing security services. Why is that? Because it’s much easier to understand who owns a small company compared to a large one. With small companies, it’s usually apparent who all the decision makers are. With larger corporations, you have to worry about management teams, board members and investors. And it only takes one to compromise the whole thing.
If you’re in the market for phishing protection services, consider a smaller service provider. One that’s been around for years with an excellent track record and superior customer service.
The Wall Street Journal first reported the news: U.S. Officials Pressure Russia-Linked Buyout Firm to Sell Stake in Cybersecurity Company (Paywall).
General Manager
General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.
Secure your email infrastructure
Protect, authenticate, and deliver. Contact our team to find the right solution.