Fresh off its $210 million Series C funding round this week, SC Media spoke with Evan Reiser, co-founder and CEO of Abnormal Security.
Reiser told us about Abnormal Security’s cloud-based platform, the company’s plans to enhance its machine-learning artificial intelligence capabilities, and target markets throughout the world for email security.
Abnormal Security’s valuation hit $4 billion this week. The company plans to go public in the next two to three years contingent on market conditions.
The reports this week say that Abnormal Security will aim to enhance its ML/AI platform? What new capabilities are you looking at?
Abnormal’s email security employs behavioral AI to baseline known-good user behavior and precisely detect anomalies across all email attacks. We will continue to invest in our AI/ML models to further improve the efficacy of our platform, and continue to lower the false positives and false negatives. Additionally, we will also invest in our AI-based automation capabilities, such as Abuse Mailbox automation and personalized user experience. These capabilities have delivered a lot of value to our customers by streamlining their operations and in turn, increasing the productivity of their security operations team and overall workforce.
We understand you want to expand in Europe and Asia. Which countries are your primary targets and why?
Today, outside of North America, we have a presence in the United Kingdom, Australia, New Zealand, and Singapore. We want to further increase our footprint in these countries and expand into new ones. Email security is a ubiquitous challenge globally and across all industries.
Can you explain the difference between Abnormal’s cloud-based approach versus a traditional email gateway? What are the advantages?
Secure email gateways were not built for and have not evolved to accommodate the challenges facing today’s cybersecurity teams. This includes a shift to cloud email, the recent embrace of hybrid-work from anywhere workplaces, and advances in attacker strategy to socially-engineered attack tactics, which are already evading secure email gateways. They have a legacy non-cloud-native architecture, which hinders their visibility into attacks and an outdated approach of blocking known-bad attacks by writing rules and policies, which always leaves security teams two steps behind the attacker.
Abnormal has a cloud-native, API-based approach which offers enhanced visibility into internal email context and threats. It also uses a behavioral AI-based approach to baseline known-good user behavior and precisely detects anomalies to stop all email attacks. Customers also value the fact that Abnormal lets them simplify their email security and streamline operations, which in turn boosts the productivity of their security teams and the entire workforce.
Do you plan to grow via acquisition in the future? If so, which capabilities would you be on the lookout for?
We don’t have a set acquisition plan, yet, but will continue to review opportunities as they present themselves.
You have been on the record saying that you want to take the company public in the next two to three years. Is that still the plan?
That’s still the plan, but of course external factors may change plans.
What advice would you give companies looking to make their email operations more secure?
Cybercriminals are constantly shifting their tactics, and that’s why we continue to see an increase in business email compromise losses year-over-year — despite increased awareness among employees. Because these modern attacks do not contain traditional indicators of compromise like a malicious attachment or bad domain, they’re incredibly difficult for legacy email security solutions to detect and block. AI remains the only way to effectively detect and block these never-seen-before attacks. To provide the most comprehensive protection for your organization, security teams should look for AI-based, cloud-native platforms that integrate directly through APIs with cloud email. With all the signals available, platforms like Abnormal can baseline known good behavior across identity, relationships, behavior and content, and then block anything that deviates from it.