Computing Security: According to a market survey on email security carried out by analysts Gartner, the adoption of cloud email systems continues to grow, "forcing security and risk management leaders to evaluate the native capabilities offered by these providers". What do you see as the most compelling reasons to go down the cloud email systems route?

Yvonne Bernard: It is a fact that the more popular a platform is, the more likely it is to be targeted by cyberattacks - because there are lucrative gains to be made. Boosting inbuilt protection therefore is key and largely boils down to cost: how much are you able and willing to pay for security? In other surveys, Gartner recommends investing in third-party security to decrease the risk of cyberattacks targeted at cloud customers that currently only rely on native, out-of-the-box security features, such as when using Microsoft 365. An additional layer of security is a must to give customers the peace of mind they need and deserve. Some features, like our-Ex Post Deletion, are true lifesavers for the IT admins and MSPs who rely on our solutions to protect customer data.

CS: Not everyone, of course, has been convinced that they need to move to a cloud email system - at least not yet. Why do you feel that might be and are there indeed solid alternatives that make just as much sense?

YB: In most cases, those who fear a move to cloud email systems do so because they think they may lose control by not having physical control over their data and its flow. Although such concerns have been addressed years ago from a compliance perspective, they continue to haunt a few customers and keep them from moving into the cloud. However, a cloud email system brings many benefits, including reduced maintenance and operational costs, and far superior security if used with a third-party solution, and it is these factors that have convinced so many customers to move away from their on-prem solution to the cloud.

CS: How does Hornetsecurity's own Managed Security Services solution help protect businesses from the kind of increasingly malicious and sophisticated attacks we are now seeing?

YB: We are proud to have a fantastic in-house Security Lab, which not only monitors our current traffic, but also the latest trends in attacks, darknet, etc. This allows us to always be at least one step ahead and be proactive. In addition to that, our product's AI engines also learn new patterns before they even appear in research or real-world traffic.

CS: Data storage is an important part of the Hornetsecurity offering. How can organisations be sure that their precious data is really and truly safe? Aren't they taking something of a gamble by handing over ownership to a third party?

YB: Hornetsecurity offers its own high-performance, redundant, S3-compatible storage via in our data centres. Customers can choose which location (EU, UK, US, Canada) they want to use to meet their compliance needs. Ultimately, it is a question of trust and so far our customers are very happy with the choice they made: we have received very positive feedback about the availability, security, speed and quality of our data storage technology.

CS: What are the most worrying forms of threats we are likely to see in the coming months, years?

YB: Deepfakes and multi-level threats (e.g., email, phone, video) are rising. Therefore, it is important not only to rely on email security to protect both company data and employees, but also to adopt a holistic approach to company security that includes IT security awareness training.

CS: IT security awareness training is something Hornetsecurity has just invested in. Tell me more about that acquisition and the reasoning behind it.

YB: Yes, we recently acquired IT-Seal, a security awareness training company that specialises in establishing a sustainable security culture. Apart from promoting cybersecurity awareness to our partners and customers through educational blog posts, ebooks, webinars and reports, we can now provide IT security training as part of our cybersecurity package. This way, coupled with our established email security and backup and recovery solutions, we can cover all aspects of the awareness-prevention-detection cycle, with a particular focus on Microsoft 365. The automated training service uses innovative technologies to train employees and incudes a scientific, patented security awareness indicator (Employee Security Index - ESI) to make security awareness measurable and comparable. Every person makes an important contribution to everyone's IT security and focusing on the human factor through training helps secure both the digital society and the economy, as well as our customers.

CS: How do vendors like Hornetsecurity keep pace with the ever-steepening threat curve? Is that even possible?

YB: It's an arms race: you constantly have to be ahead of the attackers - which means you have to invest heavily into research, as well as finding and training the right staff to cope with the increasing challenges. From my point of view, having employees with the right mindset is hugely important - as you can educate them and they will step up to the next level with intrinsic motivation and the right skills.

CS: How is the emergence of quantum computing going to worsen the concerns that organisations already feel and what would Hornetsecurity like to see done at a governmental level to help ward off those threats, by working with vendors such as yourselves?

YB: Quantum computing was the last area I had focused on when completing my Master's degree at university. It was purely theoretical back then and has now become reality. Having said that, I do not think this is so much something to worry about, but rather it has great potential to solve computational problems faster than ever. Yes, this power can be used to break encryption, but it can also be used for a good cause. Quantum computing will, of course, lead to a faster deprecation of non-resistant cipher suites, but there are already quantum-computing resistant cipher suites available and we are already well prepared for real-world usage.