University of Alabama at Birmingham — has been acquired by one of the fastest-growing privately owned companies in America, PhishMe Inc.Malcovery Security LLC — the Birmingham cyberintelligence company founded from technology developed at the
PhishMe is the leading provider of phishing threat management solutions. The dozen or so Malcovery technical staff will continue to work at Malcovery headquarters at Birmingham’s Innovation Depot to perform threat intelligence work for PhishMe, says G.T. LaBorde. LaBorde is a Malcovery investor who was appointed as Malcovery CEO in August 2014.
“The PhishMe leaders are extremely excited about the relationship with UAB,” LaBorde said. “They would like to grow the staff in Birmingham and perhaps hire more UAB-trained employees. They are very excited in maintaining the relationship with Gary Warner and with UAB.”
Warner, the director of research for the Center for Information Assurance and Joint Forensics Research in the UAB College of Arts and Sciences, was co-founder and chief technologist of Malcovery. PhishMe has appointed Warner as its chief threat scientist, and Warner will devote 20 percent of his time to PhishMe, says Richard Marchase, UAB vice president for research and economic development.
“I’m so pleased that the PhishMe team has really welcomed our Birmingham-based team and is already adding staff in Birmingham, making it clear that they intend to grow and strengthen their ties to Birmingham and UAB,” Warner said.
Malcovery was launched in May 2013, based on patented UAB forensic technology that can identify the source and nature of immediate cyberattacks. About 98 percent of the nearly $5 million invested in the Malcovery startup came from Birmingham-area investors, LaBorde says. Financial details of the Malcovery acquisition were not revealed by PhishMe, a privately owned company.
PhishMe was the 520th-fastest-growing firm in Inc. Magazine’s 2015 Top 5,000 Fastest-Growing Private Companies in the United States. Its 2014 revenue of $10.3 million was an 892 percent increase over its 2011 revenue, Inc. Magazine reported. PhishMe is headquartered in northern Virginia, with additional offices in New York, London and Dubai.
Phishing is the attempt to steal information, such as passwords or credit card details, through fraudulent electronic communications that look trustworthy. If employees click on an attachment in this bait, the result can be an expensive data breach for businesses.
PhishMe serves its business clients by purposely sending phishing messages — minus the malicious software used by criminal phishers — to the employees to find out how many fall for the fake message, LaBorde says. PhishMe can then educate the employees and show its business clients how much better the employees become at recognizing phishing attempts. PhishMe has also developed a button that allows employees to send any suspected criminal phishing attempt to the company’s internal security.
The Malcovery acquisition adds a dimension to PhishMe’s phishing threat management solutions, LaBorde says. Malcovery is a threat intelligence expert — analyzing the threat landscape to find out who is making a criminal phishing attack and what computer infrastructure they are using. “This threat intelligence allows companies to proactively block current and future cyberthreats,” LaBorde said.
“Thus, the Malcovery expertise will allow PhishMe’s business clients to potentially use phishing attempts reported by their employees as assets to proactively prevent current and future attacks,” LaBorde said. “We’re excited that Malcovery is now part of a great company that is rapidly growing its customer base and can take advantage of Malcovery’s threat intelligence capability.”
The integration of Malcovery technologies into PhishMe gives Malcovery the scale to reach even more corporations with solutions, Warner says. “PhishMe has a great system to help raise security awareness and to encourage employees to report suspicious emails. Malcovery has patented technologies for mining those suspicious emails to cluster and analyze the threats and turn that information into defensive measures.”