Credit: Stephanie Boo - Menlo Security
Emergent vendor Menlo Security will target financial services firms first and “triple down” on its Australian investment by next year, its new regional head has said after the company drew down from a recent $US75m ($A110m) capital injection to formally establish offices in Melbourne, with Sydney and Canberra to follow.
Menlo Security, which was established in 2012 and is backed by JP Morgan, recently completed a Series D funding round that will drive a rapid marketing and overseas expansion program that includes the Australian offices.
Its Melbourne office has grown quickly on the back of contracts with a “large local bank” and “large defence contractor,” APAC vice president Stephanie Boo told CSO Australia, and these successes had laid the foundation for a targeted assault on Australia’s financial services market.
Available in cloud or on-premises versions, the company’s core Menlo Security Isolation Platform (MSIP) creates a layer between users and the Internet, intercepting online content and stripping it of anything malicious or active so that users are protected from inadvertent compromise.
“Malware needs active content to execute,” Boo explained, “so in the absence of content – where the content is being rendered to the user – it’s 100 percent protection against malware infection.”
Protection against active content has become increasingly important as new attack techniques leverage scripting techniques to compromise users even if they haven’t clicked on a malicious link or URL.
Such an attack has been blamed for this year’s breach of core systems at Australian National University, which this week released a detailed analysis of the events that led to the compromise.
The technology has been architected differently to conventional virtual desktop infrastructure (VDI), which does not intercept and cleanse content in the same way. And with 90 percent of the company’s customers choosing the cloud-based version of MSIP, Boo said, its relatively easy deployment has helped the zero-trust computing model rapidly gain popularity with security managers trying to fight back against a climate of increasing compromise.
Compromises have become near ubiquitous, with the recent Carbon Black Australian Threat Report finding that 97 percent of Australian organisations had suffered a data breach in the last 12 months – well ahead of the global average of 88 percent, and second only behind Germany (98 percent).
Government agencies and local authorities, in particular, were being targeted by phishing attacks – which caused 44 percent of breaches in those industries compared with 27 percent of breaches overall. And 89 percent of Australian respondents reported that attacks were becoming more sophisticated – tied with France and just behind the UK and Italy (90 percent).
“It appears organisations are adjusting to the ‘new normal’ of sustained and sophisticated cyberattacks,” Carbon Black head of security strategy Rick McElroy said. “Greater awareness of external threats and compliance risks have also prompted organisations to become more proactive about managing cyber risks as they witness the financial and reputational impacts that breaches entail.”
Menlo Security claims millions of MSIP users and its cloud platform isolates more than 500m web pages per day, according to the company, which will partner with distributor Westcon to develop local channel partnerships.
“We know our technology has a good market in Australia, and we have decided to double down to support our investment,” Boo said. “In fact, we will triple down our investment in 2020 as we look into the federal [government] space.”
Australia was a natural market for the expansion of Menlo Security – which, Boo said, was expanding internationally concurrently with its US expansion in a sign that it intended to be a global service provider.
The company first began selling to the Australian market in 2016, with a scan at that time showing that a popular Web site had loaded 132 scripts from 43 different domains.
“Existing web proxies are just a no-op from a security perspective and nothing more than a redundant extra hop on the egress,” chief technology officer Kowsik Guruswamy wrote at the time. “SOC engineers are scarce and simply can’t keep up with the deluge of false positives and false negatives.”