Yoav Leitersdorf just published a long read about Hexadite’s startup journey, from its founding three years ago to last week’s acquisition by Microsoft. It’s not often you get to see so much of a startup’s inside story.
Since we were there from the earliest days, we’d like to share some anecdotes and insights that show how special this team is. We also want to share this story so other entrepreneurs can see more of what goes on behind the scenes at a successful enterprise technology startup. Starting a company can be a long journey filled with challenges of all kinds. It helps to understand what is really happening, not just what gets written about in the news after a funding round or an acquisition closes.
In this column, ValiMail CEO Alexander García-Tobar discusses an aspect of security crisis communications that most companies overlook: Making sure that customers can actually trust the emails that the recently breached company is trying to send them.
In light of the recent OneLogin and DocuSign security breaches, that’s particularly pertinent, he writes:
Here’s a security scenario that’s all too common: A company suffers from a cyberattack, then responds to it promptly and alerts its customers, warning them to change their passwords. But the company remains vulnerable through the very means it uses to alert those customers: Email. In fact, attackers can exploit that vulnerability using email that pretends to be a security warning from the company, targeting customers and wreaking even more damage.
ValiMail CEO Alexander García-Tobar takes a hard look at the root cause of the recent ransomware scare known as WannaCry.
The ransomware crisis that swept the world last month highlights what we’ve known for years: The global IT infrastructure is incredibly vulnerable. …
However, media coverage of the attack has largely overlooked how this malware gets onto a computer in the first place. These attacks were almost certainly initiated by phish emails, and the recommendations to prevent WannaCry from the U.S. Computer Emergency Readiness Team (US-CERT) confirm this.
The risk from phishing attacks can be greatly mitigated using proven email authentication standards that are supported by the world’s largest senders of email. But most enterprises have not yet implemented email authentication.
We took on the challenge of redesigning and editing the quarterly print newsletter of the South End Rowing Club, a nonprofit athletic club in San Francisco that was founded in 1873.
The club offers swimming, handball, running, and rowing, as well as a beautiful, new gym and a new women’s locker room. Dylan has been a member since 2016 and was approached about taking the helm of the newsletter earlier this year, as a pro bono project.
We worked with a designer in Los Angeles to redesign the newsletter, creating a fresh new layout that would feature photos more prominently and allow inclusion of more and longer stories, while preserving readability. Simultaneously, we sourced articles from a large cross section of the membership, edited them, selected images, and organized everything into a single 24-page issue. Copy editor Kim Hedges ensured everything was free of typos and grammatical problems.
The end result has been getting rave reviews from the South End membership and its president.
Tezos is an all-new smart contract platform built with security and future growth in mind. Its code is built to facilitate formal (mathematical) verification, and governance is built into the Tezos protocol itself. The platform is currently active on a test network and is preparing for fundraising event in June.
We also scripted and produced this 2-minute explainer video starring the Tezos cofounders, with a combination of in-studio shots and animation.
Note: This is the second blockchain startup Tweney Media has done extensive work for. The previous one was Cosmos, for which we did message and media outreach around its public launch at International Blockchain Week in Shanghai during September 2016; we also scripted and executive-produced the introduction to Cosmos video. Cosmos went on to raise $17M in 5 minutes in its initial coin offering.
The Tezos founders are smart, dedicated, and have a great set of ideas about how to make blockchains and smart contracts work better. We wish them the best of luck in their fundraiser and beyond.
Imagine if health officials, after discovering that the Zika virus was spreading rapidly across the globe, only focused on human-to-human transmission of the virus, and never mentioned the mosquitos that were actually the main cause of the virus.
In the case of the malicious WannaCry hack, reports vary as to the original source — we may never know. But in the majority of infections, the “mosquitos” are the email messages — specifically, phish or spam — that appear to be a message you’d be interested in from someone you trust, but are in fact fraudulent messages sent by hackers.
We don’t have a jobs issue, we have a skills issue and a geography issue, argues Stephane Kasriel, the CEO of Tweney Media client Upwork.
In this contributed article, which appeared on Quartz, Kasriel takes on the mismatch of skills between companies and would-be workers, and suggests a possible solution: Companies need to start looking for talent beyond their immediate, urban-core headquarters.
Our workforce is going through unprecedented change. You can see the results of this change in the headlines every day: old jobs becoming obsolete, factories closing, companies moving divisions to lower cost areas, and voters reacting with frustration and anger. At the same time, innovation is progressing faster than ever in an attempt to keep up with the world’s problems and their necessary solutions.
With the media undeniably in crisis, what responsibility do communications professionals have? Dylan published this op-ed in PRWeek on February 28, offering two options: Be like Donny, or be more useful.
Option two: Double down on the idea that PR and the press have a symbiotic, mutually beneficial relationship. Too often communications pros give lip service to this idea but don’t actually deliver. Instead, take the role as a facilitator seriously and figure out how you can help the journalists you talk to, not just your clients.
From Tweney Media client ValiMail, a timely post that scored incredible engagement on LinkedIn, raising ValiMail’s profile and helping to establish CEO Alexander García-Tobar as an email security expert:
A Russian phishing attack used a fake Harvard email address in an attempt to get malware into American think tanks and nonprofits, the Harvard Crimson reports.
The attack shows how effective it can be for phishers to use the exact domain name of organizations that are unprotected by email authentication.
This attack also shows how difficult email authentication is for many organizations–Harvard included. Quotes in the Crimson story, and ValiMail’s domain checker, make it clear that Harvard was essentially defenseless against phishing attacks.
Worse: Phishing-led attacks account for a huge proportion of hacks, including the momentous intrusions into the Democratic National Committee. Hackers start their assault by sending phish emails to targets within the organization, and if they’re lucky enough to get someone who clicks on a link or opens a malicious attachment, they use that opening to get into the network itself.