Interview published on CyberNews

Marco DeMello, PSafe: “digital security is an investment, not an expense”

Ransomware is definitely not a new type of malware but one thing is for sure – it’s considered to be one of the most dangerous cyber threats to both regular users and enterprises. Victims of ransomware attacks are demanded to pay enormous amounts of money to regain their sensitive information or are doomed to lose their data forever.

Even though the number of different ransomware variants continues to grow, many people and organizations still fail to accept that everyone can fall victim to such attacks. And according to Cybernews, investing in professional digital security solutions rarely comes as a priority.

For this reason, we talked with Marco DeMello, the CEO at PSafe, and discussed why everyone should be aware of ransomware and what are the best practices to avoid dangerous attacks.

Would you like to share a little bit about your story? How did PSafe come about more than a decade ago? 

PSafe, the largest privately-held cybersecurity company in Latin America, was founded in Brazil in 2010 to protect mobile users from cyber attacks. With a decade in the B2C market, PSafe has more than 300 million installs of its dfndr security application worldwide and has established itself as a leading authority in the field of cybersecurity. 

Since 2020, we have also grown into the enterprise space when we launched our AI-powered dfdnr enterprise SaaS solution for protecting businesses from modern-day ransomware and zero-day attacks. This turn-key cybersec solution will soon enter the US market.

Can you introduce us to your dfndr apps? What are their key features? 

Our key feature is predictive and proactive protection that we call the 3Ps. We deliver on that promise by relying on a very robust Artificial Intelligence (AI) cybersecurity engine that evolved over years of blocking hundreds of millions of attacks per month. Our AI is a collection of dozens of distinct models which analyze behavior and not binaries. Thus, it can block threats in milliseconds, at their point of inception. 

Our corporate solution, dfndr enterprise, will be entering the US market later in 2022. It offers full-time protection against ransomware, malware, phishing attacks, data leaks, and other threats. A very unique design principle of this corporate solution is that it was designed for companies that don’t have a dedicated cybersecurity team. It works automatically, without constant human oversight, and it blocks attacks in real-time. For larger enterprises, we also offer ransomware infection insurance included with our product. 

How is AI incorporated into your products? 

Artificial Intelligence has become essential for information security as these technologies can rapidly analyze millions of datasets, and track the wide variety of threats that proliferate throughout the world today – from malware and phishing attacks to behaviors that can result in security incidents. 

AI is present in all our solutions and constantly updating itself. That’s why our solutions are so effective: we receive millions of security signals and threats daily, which guarantees constant re-training of our AI models. As a result, our AI performs heuristic and behavioral analysis of possible threats and can block them in milliseconds, including threats never seen before. 

What would you consider the most serious cybersecurity threats that emerged during the pandemic?

Ransomware is certainly the most dangerous and pervasive threat that grew during the pandemic. In particular, because it can lead to several other scams and extortion schemes. In 2021, it is estimated that there was a ransomware attack every 11 seconds. One of the consequences of this type of attack can be the leakage of sensitive data, which can compound the potential damages due to improper exposures. 

Other than that, recovering ransomed data requires payment, usually in cryptocurrencies, for the company to have its system and information re-established. In 2021, the average value of this ransom was $570,000. Not to mention productivity losses, operational losses due to inoperative systems, and the loss of customer confidence. It’s not unheard of that these losses resulting from ransomware attacks can lead to even worse consequences, such as business failure. 

Why do you think certain organizations are unaware of the cybersecurity risks they are exposed to? 

I don’t think the word is unaware because by now, companies know the risks. Unfortunately, many still prefer to take such risks since they don’t consider themselves as potential targets for cybercriminals. It’s the not with me mentality, which has been proven catastrophic over and over again. However, we are all targets now, as attackers use robots to attack and not humans. As a result, the target list has grown exponentially. 

Nowadays companies of all sizes must accept the reality that everyone is a potential target. A recent survey revealed that 26% of Brazilian companies suffered cyber attacks in the last 12 months, with the most common attacks being phishing, viruses, and ransomware, with equal percentage distribution. 

Cybercriminals are aware of the high-profit potential of these attacks and will increasingly target them at companies they perceive to be vulnerable. Small and medium-sized companies think they are not attractive enough, but the problem is growing rapidly here. Precisely because smaller companies have shown to be more vulnerable and they have become more attractive targets. So, cybercriminals have chosen to focus their attacks on them. 

What would you consider the most serious security issues surrounding mobile apps today? 

Mobile applications are just as susceptible to attacks and scams as any system or browser-based application that is on the Internet. In fact, mobile app marketplaces and the apps themselves are increasingly being leveraged to enable scams. Cybercriminals have created convincing fake apps, and even made them available on official stores.

In your opinion, what security measures are crucial for every company nowadays? 

The first and most important idea to grasp is that digital security is an investment, not an expense. Secondly, it’s essential to understand that not investing in this area can generate incalculable losses, and may even be responsible for the bankruptcy of the business. 

In addition, it is vital to educate employees. Many companies believe that their employees would never fall for a scam, but we have to keep in mind that cybercriminals evolve quickly. Just as the digital environment evolved by 10 years in 6 months, cybercrime has experienced a very rapid transformation. Without proper training and protection, employees are a significant point of vulnerability. 

As for average Internet users, what safety tools do you think everyone should have on their mobile devices? 

Everyone should have a security solution installed on their device. And when I say a solution, I don’t mean antivirus, since this type of solution no longer has the same efficiency as those based on Artificial Intelligence. This is because it does not perform heuristic and behavioral analysis of malicious links and files. 

That’s why dfndr security is different: available to users in Brazil and the United States, the solution is capable of blocking any threat in milliseconds. And it also provides other functions, such as informing you if your data has been leaked, and if so – where and when. 

Share with us, what’s next for PSafe? 

As I said, PSafe should soon enter the US market with our dfndr enterprise corporate solution, so we can offer businesses the protection that consumers already enjoy. We will continue to invest in cutting-edge technology to maintain our leadership position. 

Also, dfndr enterprise, for example, recently gained the new ransomware protection engine. It’s optimized to become even more powerful and block countless types of ransomware, both the most famous ones, like Petya, WannaCry, CrySIS, CryptoLocker, and those newly discovered in 2022, such as Deadbolt and Night Sky.