hamburger

Customer Interview: Michael Lee Sherwood, The City of Las Vegas

“In Cyber Security, nothing’s ever enough. There’s always more you can do.”

Michael Lee Sherwood, Director of Innovation and Technology, The City of Las Vegas

We’ve interviewed Michael Lee Sherwood, The City of Las Vegas‘ Director of Innovation and Technology about his experience with BitDam’s Advanced Threat Protection. Here is the result in video and text:

Please introduce yourself – Who are you, and what do you do?

My name is Michael Lee Sherwood. I’m the director of Technology and Innovation for the City of Las Vegas.

In one sentence, what’s your take on cyber security? And what was the challenge you had before BitDam?

Cyber Security is a completely evolving area and one of our number one priorities, prior to using BitDam has been how do we gauge that risk? How do we engage the threat and ensure that email can be a tool used for safety?

What does BitDam do for you? And what makes you happy with their service?

BitDam really helps us now by scanning our emails before they come in and eliminating threats that might otherwise have come into our network. So one of the key reasons other than a great partnership with BitDam, is its technology. With BitDam we’ve seen very little latency from time of entry to actually delivery to our customers’ mailbox. BitDam has been very successful in not only helping us address email threats, but actually providing us intelligence into the type of threats that is coming in as well as how we can mitigate future threats from impacting our network.

In your opinion, what makes BitDam different in the marketplace?

There’s a vast amount of products out in the security marketplace and growing all the time. I think what separates BitDam from other products and in my opinion, makes it unique, is their approach and their knowledge on Cyber Security.

What was the installation like? How long did it take to start seeing the value?

The BitDam solution was probably one of the easiest installations I’ve ever had. Within the first hour or two hours of the product being deployed, we had our first return of a suspect email. And in today’s cyber landscape, the ability to respond quickly and decisively is most important.

What have the results been so far?

I think in our case with BitDam, we’ve had 26 detections so far. We’ve had no infections from malware since we’ve had the product in place. It has provided valuable intelligence.

Is there anything else that you’d like to add?

I look at it this way, not only is BitDam an insurance policy, it’s an insurance policy that pays us dividends every day.

 

City and County of San Francisco’s Nathan Sinclair Share His Experience of BitDam’s PenTest

Nathan Sinclair heads the Cybersecurity Defense team of the City and County of San Francisco providing IT security services to about 30,000 employees. He has recently engaged with BitDam, used its PenTest in several ways and got to some conclusions. In this interview, he shares his experience with BitDam’s PenTest including some specific insights about the process, how it helped him assess different email security solutions and even push for doing more in less time.

Nathan, can you please give us some background about yourself and your job?

Nathan: I manage the cybersecurity defense team for the city and county of San Francisco. We are a central service for cybersecurity monitoring and alerting which serves the entire organization.

One of the newest additions is that now we are also focused on email protection. Our biggest challenge was phishing because we knew it’s a growing problem but didn’t have much visibility on what was going on, so that was the main trigger for our email security solution search.

How did you hear about BitDam?

Nathan: Our CISO, Mike Makstman, brought it to my notice. I heard about BitDam before but didn’t have any direct touch with them. Then Mike told me about them and that they use an interesting approach. So I did some research and found out that it is indeed a different approach to how all others do email security and it sparked my curiosity. That was when we started to kick off, saw a demo and understand what it does. Understanding the technology underlying behind it, I realized how valuable it could be. That’s one of the reasons we went forward with procuring it.

Ok, so what was the next step?

Nathan: To start testing we used the BitDam online PenTest and forwarded some malicious emails to the BitDam portal to see how it works. Just like we did to other email protection solutions. I know that this wasn’t the perfect test, but that was the best we could as an initial step.

Alright, can you tell me a bit more about the PenTest itself? What was done there?

Nathan: Well, the Pentest – that was interesting!

I started with the free online PenTest – very simple. You just put your email address there. The first time we did that was actually very helpful because we tested multiple solutions using the same PenTest – sent the same emails to mailboxes equipped with different solutions so we got a true comparison.

Then we rolled in into the advanced part of the BitDam PenTest working with the company’s team. That was really good because the number of emails that were sent to all solutions was high and it gave us a representation of what emails the products could see, which ones saw what, whether they were able to detect malicious files and so on. This helped us narrow down the solutions very very fast. This is the fastest POC that I’ve ever done for so many solutions at the same time in my whole career.

How many solutions did you test?

Nathan: We’ve examined about 5 solutions in total. We had licensing set up from different solutions to some internal mailboxes so each mailbox used a different solution. It was interesting to see in real-time how different solutions handle different malicious emails, which alerts they send etc.

What kind of products did you check in this PenTest?

Nathan: All products we’ve compared to were email security solutions. Some of them had additional functions like sandboxing and advanced analysis of the messages, so it was kind of a mix.

How would you evaluate these solutions without the BitDam PenTest?

Nathan: It would have been a similar process but a lot slower…We would have to wait for certain malicious or phishing messages to come to us for real in order to send it to each of the solutions.

How long did the process of comparing these 5 solutions take?

Nathan: Honestly, once BitDam started to send all those messages the test was very quick. This PenTest was way more efficient than how we’ve been testing other solutions before. The PenTest analysis took about a month in total, and that was only so I can pull data and make sure I’ve tested all the features and covered all bases.

How easy was it to operate? Analyze?

Nathan: The initial one on the website was super easy. Literally, put your email address in, click a button, and click submit. The advanced PenTest was also easy. We just had to let the team know which email addresses to send the messages to. I had alerts set up so I knew when it was coming in, what time. It wasn’t anything that was complicated.

Anything worth sharing with others who may do this PenTest?

Nathan: We had to figure out a way to count the messages that did pass and came in, and there were hundreds of such messages. To deal with that, one of our guys set up a rule so he could tell me every morning how many messages actually made it to his mailbox. He just created a folder in order to track it and it was very interesting to see how many did make it through.

Also, to us, the PenTest helped us assess how we will operate on those systems when we will get a false negative. Good representation of what’s going on is a pretty big deal to us since we serve different departments.

Were you surprised by the results?

Nathan: You know what, no, I wasn’t. We asked our peers what other solutions and services they have, and the actual experience they had with these solutions. So when we tested one of the first ones I wasn’t surprised, it was typical.

I was surprised by the speed of this PenTest which gave us the amount of time to be able to do everything that we wanted and even more.

And what was your impression of BitDam?

Nathan: I can definitely tell that it’s a company that doesn’t just sell a product but really builds a partnership which really fits how we operate with vendors. I think it’s really cool how the product looks at email very differently. The BitDam approach – creating the baseline of how something is supposed to work – was a key driver to make the decision to have it as a security blanket, especially for mailboxes that are more targeted than others.

Are there any cyber trends that you notice at the City and County of San Francisco?

Nathan: Our biggest target is our end users. That trend is going to continue. Malicious emails are looking more and more real every day. There have been a lot of messages that were targeted to us, that looked very genuine from where they come from and they are not. They send you to websites or places that look just like the website that could potentially send it. Once the user has clicked on it the damage has been done. I think we have to combine education of end-users and technology such as more intelligence and dynamic analyzing of those messages.