This video features Randy Potts, Chief Information Security Officer at Real Time Resolutions
Randy Potts: Hi, my name is Randolph Potts - Randy Potts. I am the CISO for a company called Real Time Resolutions. We are a Dallas-based full-servicing and debt collection company. We work for other financial institutions mostly.
I personally have been in information security for a little over 17 years now, coming up on 18 years actually and started in this field really because I was working on satellite systems. The biggest issue I had is still an issue we have today. It's just people going to malicious websites, getting malicious things on their computers, causing uptime issues. And, so, you know, back then - 18 years ago - I became the security guy because I was monitoring network traffic trying to figure out kind of how to shift left. You know, move closer to where the incidents were starting and trying to prevent them.
Back then it was people visiting malicious websites that they shouldn't be, downloading things they shouldn't. And today, the main way people get to those malicious things is by getting an email and then clicking the link that they shouldn't within that email, or opening an attachment that they shouldn't. So all of that is really critical.
Randy Potts: So I'd say the majority of our incidents today really stem from some sort of email making it to a user. They open the attachment...they click on a link.
Like a lot of companies, we do phishing campaigns. We already had an email security gateway in place. We had a lot of layers of control, and so luckily we would catch these things when they made it through, but the whole idea was, 'what can we be doing to reduce the occurrence of these events?' So, we were looking at another layer to add that would reduce the number of phishing emails making it to our users.
Randy Potts: There are a lot of new email security solutions out there. So we were really looking at adding a layer in that email security stack. What made Area 1 really stick out from the crowd is the false positive rate was impressively low, while still having a fairly low false negative rate as well. That, added to the research team that they have, being able to look into the emails that did make it through and make adjustments, make the overall system better, was really big for us.
I know, I personally, I'm always just looking for really intelligent security practitioners that I can partner with. I'd say Area 1 and the team over there are definitely best-in-class when it comes to email security. They did a really good job for us when it came to reducing the number of email that make it through and we have seen a significant decrease in the number of phishing emails that make it to users. That, combined with getting better user response and how we report the emails that do make it through...put us in a much better place where I feel like we are much less likely to suffer from a phishing campaign being successful against our organization.
Randy Potts: So Area 1 has been incredibly beneficial to our team by removing the number of phishing emails that get through. Whenever something does make it through, our response procedures remove it from mailboxes, see if anyone clicked on the link.
There's a lot of investigation that goes into a single email making it through that could be malicious. And so with Area 1 reducing the number of emails that are making it through, they have significantly reduced the amount of time we spend responding, investigating and cleaning up from these phishing emails. And they've really given the team back a lot where we can now focus on other improvements. I would say when we started this project, we were looking for a layer to add on to email security to respond to the phishing threats that we saw getting more advanced, more sophisticated. We were slowly seeing that increase in phishing campaigns against us. And now with Area 1 that number is back down, it's below where we were prior to seeing this increase and our need to respond to these incidents has reduced drastically.
So overall, not only has Area 1 helped us improve from an email security standpoint, they've also given us time back to go and improve other elements of our security programs. So, Area 1 has done a lot to make our security program better here at Real Time Resolutions.
Randy Potts: To any of my peers out there, I would definitely say you need to take a look at Area 1. They've helped us a lot and I think anyone who's trying to run a security program out there, especially if you have an issue with people clicking on things from emails, I would very much recommend that you look at Area 1. And I think you will see that it'll solve a lot of problems with email security along with any other layer you can throw in there. Definitely have a good endpoint EDR strategy as well for the things that might still make it through but, I would say Area 1 is a basic initial step in getting that in there just to reduce the volume that you're seeing. And then that will let you go focus on that, on that EDR project, on those other projects that will bring value to you. I definitely think email and web security are just two of the biggest things you can do as far as reducing your user exposure. So, definitely go look at Area 1, you will not be disappointed.
“What Cloudflare Area 1 is to me is that extra layer of protection over email that keeps us safe from the overwhelming volume of phishing out there. The biggest thing about Cloudflare Area 1 is the low false positive rate. If Area 1 thinks that email is bad, it’s bad.”
“To my peers, I would say take a look at Area 1. It will solve a lot of your problems with email security. It is a basic initial step in reducing the volume that you see. Go look at Area 1 – you will not be disappointed.”