Our CEO Bryan Champagne recently spoke with CyberNews to talk about the most serious threats surrounding mobile applications today, tips on how organizations can protect both their workforce and customer data and more.
Nowadays, information is one of the most valuable assets, making it an attractive target for cybercriminals. People are already trying to secure their data by employing innovative protection solutions, such as antivirus products, Multi-Factor Authentication (MFA), and others.
However, threat actors not only find sophisticated ways to circumvent these security measures but many complex applications contain vulnerabilities – once they’re found, cybercriminals can successfully steal sensitive user information.
For this reason, we talked with Bryan Champagne, the CEO of Eclypses, a company that provides disruptive data security solutions. He explained how organizations can eliminate potential security gaps to protect their customer data and avoid breaches.
How did Eclypses originate? What was your journey like since your launch in 2017?
Eclypses was founded with a primary focus on developing our MicroToken Exchange (MTE®) technology to be the most innovative and disruptive data security solution for all mobile application technologies, websites, as well as IoT platforms and devices.
Since our founding in 2017, Eclypses has experienced tremendous growth. The deployment of Eclypses’ MTE technology has continued to grow across multiple verticals and sectors, especially in sectors such as banking, finance, blockchain, and payroll systems. In September of 2021, we received our FIPS 140-3 validation that ensures our customers are using a product validated by a National Institute of Standards and Technology (NIST) approved testing laboratory. Seen as the gold standard in data security, the FIPS 140-3 validation proves that Eclypses’ MTE data protection technology effectively and consistently safeguards user data to ensure bad actors cannot access valuable information at any point during the data transmission process.
Our journey in 2022 is even more exciting as we are currently working with global leaders in technology retail and communications. We are very excited about several new announcements coming soon.
You take great pride in your MicroToken Exchange solutions. Can you tell us more about this technology?
Our MicroToken Exchange technology is unique as it solely focuses on protecting any form of data moving between two synchronized endpoints. Many other cybersecurity solutions focus on monitoring and locking up data, but the MTE technology protects your data all the way through the operating system, from the sending application to the receiving application.
Our technology is for anyone that has a login and password and is concerned about that account being accessed by someone else – it is to avoid their sensitive data from being stolen or manipulated.
MTE secures data at the application level with no changes to the user experience and verifies each endpoint connection while protecting against attacks, such as injections, replay attacks, SIM swapping/cloning attacks, and man-in-the-middle attacks. MTE allows you to stop trusting the operating system and communication protocol.
Why is it important for organizations to use MTE to secure their data?
With zero-day and man-in-the-middle attacks rapidly increasing, traditional security methods are unable to protect your organization’s valuable data against these constant vulnerabilities. Unlike most security solutions that use operating system cryptographic libraries, we utilize our own Eclypses Cryptographic Library (ECL) to provide consistent security for all offerings across all platforms. MTE technology provides a patented security solution for your mobile application, website, and IoT devices and/or platforms that help you control the uncontrollable.
In your opinion, what industries should be especially concerned about securing their data?
Our MTE technology is really for any organization that provides account login and passwords to their customers. For these organizations, they must be concerned that if those accounts are accessed by someone else and that information is stolen, it could have harmful effects on both them and their customers. In particular, our data security solution has seen success in the fintech, blockchain, critical infrastructure, government, healthcare, and retail sectors.
In the financial services sector, it has been reported by Intertrust that 77% of financial applications have at least one serious vulnerability that could lead to a data breach. Financial mobile apps are more susceptible than ever to cyberattacks, especially in the wake of the Covid-19 pandemic. Two cryptocurrency exchange companies have recently experienced cyberattacks because of their valuable data and 2FA (two-factor authentication) was likely the source of the breach.
Have you noticed any new threats emerge during the pandemic?
Throughout the pandemic, we have witnessed an increase in certain cyber threats, such as SIM swapping attacks, zero-day attacks, and mobile malware.
There has been a significant increase in SIM swapping attacks in 2021, resulting in over $68M in losses, compared to just $12M from 2018-2020. These types of attacks make MFA (multi-factor authentication) useless and leave users’ valuable data, accounts, and even banking information open for bad actors to steal. (Source: The Washington Times)
Zero-day attacks have more than doubled in 2021 (83 reported attacks) compared to 2020 (36 reported attacks) and will only continue to increase in coming years. While these numbers are concerning on their own, the affected systems, the types of vulnerabilities, and the presumed unreported numbers may be worse. (Source: Zero-Day Tracking Project)
We have also noticed an increase in mobile malware, as many mobile applications use data before it’s protected because the devices people are using are not secured.
As the global climate and the consumption of data change, cybersecurity threats will continue to emerge rapidly, and organizations must seek proactive data security solutions.
Talking about the future, what predictions do you have for the data security landscape for the upcoming years?
I believe zero-day attacks will continue to increase in the future, as we have seen a drastic increase from 2020 to 2021. These zero-day attacks can be highly damaging to organizations as it leaves little opportunity for detection and prevention. We all know cybercriminals are becoming more sophisticated with developing tools disguised as legitimate requests and the reactive data protection strategies we often see will be useless. Many companies have developed an “it’s good enough” mindset on their cybersecurity protocols in place, but this will no longer be enough when it comes to securing data from zero-day attacks.
Multi-factor authentication has become a requirement for many cyber insurances, and with companies relying on this method, hackers have found other ways to steal your data. I believe that in the future, we will see a significant increase in cybercriminals attempting to obtain MFA credentials, leaving many companies who have relied on this method to keep their login information safe feeling defeated. The way we use MFA needs to be improved and cannot be the only method used to protect data.