Email is the number one threat in the enterprise because of core design flaws that inflame today’s cybersecurity landscape. MxHero fixes email by merging it with modern cloud content management platforms without disrupting the end-user.

by Alexis Panagides & Donald R. Hammons

Image for post
Image for post
MxHero moves email content into cloud content platforms

mxHero is on a mission. In the last decade, we have been dedicated to changing how the most pervasive file-sharing technology in the world works. We’re changing Email.

Like anything truly worth doing, it is a monumental task, but the rewards will benefit everyone. The challenge is great. Email is a massive monster, weighing in at 4 billion active users. Even mighty Facebook stands in its shadow. Changing something of this scale is a heroic undertaking; thus, our company name, mxHero (“mx” for the DNS mx record, the address that points to a domain’s email server). …


by Donald R. Hammons & Alexis Panagides

The enterprises of tomorrow will need to simultaneously adopt strategies that achieve both human collaboration and enterprise security aims.

Image for post
Image for post

San Francisco, CA (USA) January 4th, 2021

When content lives everywhere, it is inherently insecure and less valuable. A rudderless approach to content management, collaboration, and security are no longer viable, it limits innovation, and frankly — it is a security threat. …


In the wake of one of the most severe breaches of US Government networks, are we going to continue believing that we're just a software patch away from data security? Are we going to continue to ignore simple yet proven strategies for protecting data? It’s time to face the data and facts (aka reality) and act accordingly to protect our organizations and nation from attack.

Image for post
Image for post

Once again, and this time at an unprecedented scale, major US government and potentially private networks have been compromised. This is just one more, albeit major, breach in the continual stream of breach events that form our daily news cycle. It is clear that despite billions spent on defenses, no network is safe. Not only do networks get breached, but breaches go undetected for months. It is critical that organizations embrace a strategy of assumed breach and adopt data concealment as a central tenant of that strategy. Studies show that the success of an attack is highly sensitive to the number of steps the attacker needs to go through to reach his target. …


We continue our data-driven exploration of the unseen risks of email using mxHero’s Calculator, this time examining data risk resulting from email content sprawl.

Image for post
Image for post
Second in a series showcasing results of the mxHero ROI Calculator

In our last posting, we took a closer look at the mxHero ROI Calculator’s estimate of accidental file deliveries resulting from emails with address errors. This article focuses on one of the most startling estimates, namely data sprawl caused by email. As we have written before, email’s architecture duplicates content with viral efficiency. This is because email and its embedded file attachments are replicated at every stage in the delivery chain. …


A new tool that combines available data with your organization’s metrics reveals your data risk due to accidental email deliveries.

Image for post
Image for post
First in a series showcasing results of the mxHero ROI Calculator

Over most of the last decade, mxHero has worked at the intersection of email and cloud storage services (e.g., Box, Egnyte, OneDrive, etc.). During this time, we have published research regarding the impact of email on corporate security, governance, productivity, and cost savings. One of our focus areas has been on the effects of email attachments on data risk and cybersecurity.

Often overlooked as innocuous, email attachments are anything but. In a world reeling with challenges, cybersecurity proves elusive and is crippling organizations of every size. Increasing amounts of critical resources are being diverted towards securing our digital assets. Despite record investments in cyber-security, we see a record number of breaches and record amounts paid as ransom to cybercriminals. One would be excused in viewing today’s cybersecurity efforts as futile. [DDI] It is our observation that the habitual use of the email attachment, a 50-year-old technology, is a root cause of the indefensibility of today's organization. …


The best and most overlooked action for robust cybersecurity might be the least expensive

Image for post
Image for post
The new DarkSide ransomware is considered the “perfect product” by its creators. The increasing sophistication of attackers challenges even the best-defended organizations.

Among the many challenges organizations face in 2020, cybersecurity (or the lack thereof) has dominated the news cycle. Ultra-sophisticated criminals are penetrating every type and size of company. In a recent article from Forbes, yet another threat has emerged from what seems to be a highly experienced crew who claim their latest ransomware, “DarkSide,” is the “perfect product.” According to the article, the group has already netted $1M in just two weeks.

A confluence of increased digitization, criminal impunity, and a dramatic increase in remote work has conspired to create a perfect storm for cyber vulnerability.


Organizations struggle with insider threats to their data security. Employees planning to leave their jobs are involved in 60% of insider cybersecurity incidents and data leaks, research suggests. Whether intentional or accidental, sensitive content leaked by employees represents a massive challenge. Innovative use of cloud storage may be the best solution yet.

Image for post
Image for post

Many organizations still suffer from the misconception that it is safer to receive files through email than through best-of-breed cloud storage services. A misconception that benefits no-one except the cybercriminals.

Image for post
Image for post
Me with the oldest phone I could find. It’s from the 1980s. It’s a little more modern than the technology behind your email attachments, but you’ll figure it out. :)

The other day my bank asked me for personal financial information in response to my request to explore mortgage refinancing. Fair enough. I dutifully uploaded my information to my Box storage account and generated a secure share link for which I opted for a seven-day auto-expiration. In other words, the share link to my private documents would expire in 7 days. …


Despite a decade of increasing investments in cybersecurity, never have organizations been more vulnerable. New approaches and thinking are urgently needed.

Image for post
Image for post
Cybersecurity is entangled in an impossible knot of productivity tied to old user habits and the failing efforts of IT security to defend against an ever more sophisticated and malicious adversary

For many companies, the cybersecurity strategy is to spend millions on security systems and services, follow best practices for patching software, and train staff … then cross fingers in the hopes that the next breach won’t be as bad as the last.


The concept of a layered defense is a maxim of cyber-security; however, when it comes to email content, companies leave the door open. Cloud storage links, if used correctly, can be a critical component of an effective defensive.

Image for post
Image for post
Multiple layers of defense have long been an effective strategy. With Verizon’s recently published data and analysis, we see how it extends to cyber-security.

For the 13th consecutive year, Verizon has released its Data Breach Investigations Report, an essential reference for CISOs and CIOs. With over 100 pages of analysis, there is much to take in, one particularly interesting find was the number of steps cyberattackers took to successfully breach their targets. The graph below plots the number of steps attackers took for each security incident.

About

Alex Panagides

CEO MxHero Inc.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store