By Damien Fortune, Chief Operations Officer of Secured Communications
In the wake of a global shift toward remote work, crime is moving from physical space to cyberspace. Businesses are conducting more important and valuable business online than ever before, and accordingly, more valuable and sensitive information is being transmitted across insecure networks. This has presented bad actors with the incentive and opportunity to increase their focus on cybercrime and given the ever-increasing sophistication of cyber threats and access to robust computing power, cybersecurity companies have been tasked with evolving to better combat these emerging threats.
Over the last decade, data breaches have surged, exposing sensitive information, and undermining customer confidence which is potentially devastating, especially for smaller businesses. Companies, now more than ever, need to know how to keep their data secure while maintaining a seamless and productive work environment. On the back of these trends, new protocols are emerging to provide additional layers of defense to corporate communications.
One of the newest tools in the fight against cybercrime is Messaging Layer Security (MLS). This next-generation end-to-end encryption (E2EE) security layer encrypts each individual message with a changing encryption key, allowing for Perfect Forward Secrecy (PFS) and Post-Compromise Security, meaning that if a message were ever intercepted and compromised, that message’s content would be the only thing exposed, as opposed to jeopardizing entire message chains or providing information that would enable further surveillance through man-in-the-middle attacks. Most communications platforms on the market today use the older technology of transport layer security (TLS) technology, which does not provide similar layers of protection, and which is vulnerable to attacks from a variety of vectors.
Alongside digital protection of content itself, tools to protect users are also advancing. Multi-Factor Authentication (MFA), which requires users to present multiple forms of proof of identity to access information, has become more prevalent. Traditionally, MFA asks for either something the user knows (such as a password); something they have (such as their device); and as the most secure option – who they are (biometrics using Touch ID or Face ID).
Increasing technical sophistication and access to more computing power by those that choose to hack into business systems have made the migration to more-sophisticated tools inevitable. With modern workflows continuing to shift from outdated email systems in favor of messaging and collaboration-centric tools, we would expect MLS, MFA, and other tools to come to the forefront of cybersecurity suites in the near term.
About the Author
Damien Fortune is the Chief Operations Officer of Secured Communications, the leading global technology company specializing in ultra-secure, enterprise communications solutions that are trusted by businesses, public safety and counter-terrorism professionals worldwide. His career began on Wall Street where he worked as a sell-side analyst covering energy and industrial equities. From there he transitioned into private equity as a portfolio manager and eventually into a role as CFO/COO of a portfolio company.