Phishman Fishman

History

2023: Attracting 90 million rubles of investments from the MTS venture capital fund

On April 25, 2023, the MTS Group informed TAdviser about investing through its MTS corporate venture capital fund in Phishman, a Russian developer of automated systems for analyzing, testing and training company employees in methods of protection against cyber attacks. Under the terms of the deal, the volume of investments will be 90 million rubles. The investment of the MTS venture capital fund will go to business development and the development of new solutions. According to Phishman's forecast, market conditions and synergy with MTS RED, a subsidiary of MTS in the field of protection against cyber threats, will allow maintaining growth and increasing the company's revenue.

MTS will invest 90 million rubles in the developer of the cyber literacy training system Phishman
Photo: Press Service of MTS PJSC

"This deal will allow Phishman to realize all available potential, as well as strengthen its competencies and presence in the cybersecurity services market thanks to cooperation with such an ambitious player as MTS RED," says Alexey Gorelkin, CEO of Phishman.

According to MTS, Phishman is one of the key players in the market for raising awareness of employees in the field of information security in terms of the quality of the educational process and the number of controlled scenarios. As a result of the transaction, Phishman products will be included in the MTS RED portfolio of managed cybersecurity services. The transaction is one of the stages of the implementation of MTS RED's strategy to form a product portfolio that will provide full coverage of all types of cyber threats through a single interface.

MTS RED and Phishman will be engaged in the technological development of Security Awareness products. Exchange of expertise will allow companies to quickly supplement them with current schemes of phishing attacks, expand the list of information security solutions compatible with the product and the number of controlled scenarios. This will create a high-maturity solution that customers, in turn, will be able to easily integrate into a single ecosystem of an organization's comprehensive protection system.

The inclusion of Phishman in the MTS RED ecosystem will allow enriching the service portfolio with technologies to improve employee cyber literacy and reduce the exposure of customer personnel to cyber attacks, said Evgenia Naumova, Director of Cybersecurity at MTS, General Director of MTS RED.

"We take a comprehensive approach to cybersecurity, so the focus of our attention is not only to protect systems, but also to increase people's cyber literacy. Employees remain one of the weakest links in companies' defense against cyber attacks. According to our data, approximately two-thirds of infrastructure hacks begin with phishing emails to employees. Such an attack is effective, easy to implement and does not require serious resources from the attacker, "said Evgenia Naumova.

The Phishman solutions are designed to help companies reduce staff exposure to cyber threats. Thus, Security Awareness Class System (the awareness of employees in the region) cyber security helps to form employees with the skills of correct response to attacks, increases their vigilance and resistance to the tricks of intruders. This is achieved through a cyclical learning process. The platform collects information about user behavior on the company's network through security systems, as well as simulates phishing e-mail mailings. Workers who fail to recognize phishing or who have security enabled are taking a series of cyber literacy training courses on the Phishman portal. The system collects statistics on the dynamics of training and tests employees based on the material passed. Statistics are available in the form of reports and help to understand which workers are especially. are vulnerable

In the future, the monitoring, training and testing process is automated on the basis of various scenarios: adaptation of new team members, exposure to current scenarios of phishing attacks, protection of sensitive information. According to Phishman estimates, after a month of using the system, the share of employees falling for tricks of intruders decreases by 70%.

The main feature of the platform is adaptability, which allows you to integrate the solution into any architecture and provide companies with additional advantages from building an ecosystem of cybersecurity technologies. Adaptability is achieved through a wide range of technical solutions with which Phishman is integrated and provides additional capabilities when building a comprehensive security system. For example, integration with SOAR systems automates the response of IT and information security services to unsafe employee behavior.

2017

Logo in 2020

According to 2017 information, Phishman was engaged in the development of high-tech systems and software systems in the field of information security. She was an associate partner of the British Standards Institute (BSI) in consulting and training courses.

Phishman has many years of experience in the field of information security.

2016: Purchase of stake by Softline Seed Fund

Softline Seed Fund, a joint seed investment fund of the Softline group of companies and the Russian venture capital company, acquired a large minority stake in the Russian service PhishMan in the summer of 2016. In parallel with this, the project was approved by the Fund for Assistance to the Development of Venture Investments in Small Enterprises in the Scientific and Technical Sphere of the City of Moscow, and will be able to count on additional funding from this structure.

PhishMan provides users with phishing protection, one of the most dangerous types of Internet fraud, which is aimed at stealing user accounts. PhishMan helps companies combat phishing through user training. Thus, imitating the activities of hackers, the program sends emails with various traps and evaluates the subsequent actions of the recipients. If the user opened a link from a trap letter, then PhishMan will offer him personalized training. The program regularly repeats the distribution of letters and checks the attentiveness of employees. Thus, PhishMan promptly monitors user awareness of possible threats, protecting the company from possible phishing attacks.

"Today, when most companies have technical protection complexes against attacks on IT infrastructure, users have become the weakest link in the corporate security system. It is easier to hack a person than to bypass technical protection. More than half of hacks start with phishing - users themselves give away their passwords by opening emails from attackers and clicking on links. Moreover, many companies underestimate this risk: by gaining access to the workstation of any employee, attackers can gain control over the accounts of top managers and access to financial information in a matter of hours. The amount of theft during a targeted attack can exceed tens and even hundreds of millions of rubles, "said Nikolai Agrinsky, CEO of PhishMan (previously Nikolai worked at Softline).