Recently, I spoke with BlueAlly’s CEO, Vijay Tanamala, and Director of Managed Services, Blake Langston, about our new partnership for managing business communication compromise (BCC). In the conversation, we discussed some of the recent trends in BCC and how this partnership will help protect customers’ environments.

What does BlueAlly do for its customer base?

“As a Preferred Partner and System Integrator for our clients,” said Blake, “our goal is to meet our customers where they are in their technology journey and help them to scale, optimize and manage their technology resources to reach their business goals. Part of what we are doing is to help them overcome their fear of the unknown and be more confident about their use of cloud communication channels.

“When the COVID pandemic started, we saw many companies scramble to support their workforce remotely, which led to the rapid adoption of cloud applications such as Zoom and Teams. But the adoption of these channels opened up vulnerabilities that businesses were not prepared to manage,” said Blake.

“In today’s hybrid work environment, many employees are working remotely and these types of cloud communication channels are critical to doing business. But are we protecting those business communication channels in the same way we protect email? This is the concern I have about how customers are communicating today,” he said.

Can you discuss the risk vs. reward for adopting cloud communication channels like Slack, Teams, LinkedIn, WhatsApp, and Telegram for getting business done?

“The race to conduct business remotely is still a priority. For example, how many Teams or Zoom calls do you conduct with external parties every day? Since it’s harder to meet customers face to face in this new business age, our best option is to use apps such as LinkedIn, WhatsApp, and Telegram.

“Phishing attacks and business email compromise continue to evolve,” said Blake. Some of the initial attacks and compromises we saw were relatively elementary – full of grammar mistakes and relatively easy to spot. Today, it’s becoming much more difficult to distinguish legitimate messages from fakes. Email continues to be one of the top delivery methods for malicious payloads, and remains a significant risk for organizations.”

“For example,” he said, “we’ve seen Lapsus$ stealing source code; Twilio being compromised; and Axie Infinity robbed of half a billion dollars. These attacks weren’t zero day or custom exploits, but social engineering attacks on employees and contractors.” 

What does BlueAlly think about the state of social engineering today?

“Social engineering is becoming increasingly sophisticated, so we must take on the role of educating our customers and deploying solutions that help mitigate these risks. We must also continue to think outside the box of traditional security vectors. The days of just deploying EDR and tightening down the firewall are gone,” he said. “This week, we read that an attack by a foreign state government targeting two individuals through WhatsApp. The attack vectors are expanding, and we must expand our response.”

What do you look for in your vendors? What intrigues you about working with SafeGuard Cyber as a vendor partner?

“The biggest attribute we’re looking for is a true partnership,” said Blake. “Someone who is willing to get in the trenches with you and provide value and solutions for customers. By going beyond traditional email and endpoint security, SafeGuard Cyber is helping solve a solution many companies haven’t even thought of yet.”

Why partner with SafeGuard Cyber? Why now?

“Mature security operations must have a SafeGuard Cyber security platform in their infrastructure,” said Vijay. “The platform gives SOC teams immediate insight into where and when their communications are coming from, as well as who they come from and what the communication is about.”

“A blind spot for most organizations,” he said, “is business communications. The Safeguard Cyber security platform is easy to set up, and takes only minutes – not hours. Since the platform is API-based, it makes it easy to integrate into our customer’s environment. And since the platform comes with pre-defined policies, or ‘playbooks’, they can be quickly and easily enabled. This empowers security teams to quickly respond, mitigate, and resolve today’s sophisticated social engineering, insider risk, BEC, and account takeover incidents.

“It’s more than responsible for us to add SafeGuard Cyber as a vendor so we have the ability to help manage business security risks for our customers,” concluded Vijay.