There are times when a business introduction arranged by a mutual third party can turn out to be fortuitous and such is the case with Mark Jaster and Terry McCorkle, two cybersecurity professionals who are now involved in a unique and potentially game-changing and edge-centric initiative.
Jaster, the founder and CEO of FOUR18 Intelligence Corp. based in Herndon, Va., and McCorckle, the founder and CEO of PhishCloud Inc., which is based in Seattle, Wash. first came together in pre-COVID days during a pilot project for the U.S. Department of Homeland Security that involved an initiative called community crowdsourcing.
The two firms appear to be a natural fit. First, FOUR18 – the name comes from Paul Revere’s infamous midnight ride on April 18, 1775, which Jaster calls the “first successful evidence of an intelligence network operating in the U.S.” – has developed a crowdsourced analysis platform called FourSight.
Five years ago, Accenture in a report entitled Security Technology Vision 2016 noted that the company is developing a platform “capable of modeling the ways adversaries would attack a specific business or industry. The service uses crowdsourcing to work through probable attack scenarios, giving businesses seeking more brainpower access to leading-edge thinking without having to hire full-time thinkers.
“Over the next five years, enterprises need to find ways to reduce the potential cybersecurity risks to acceptable levels. Successful companies will likely employ a core team of security people with high-powered skills augmented with crowdsourced and freelance labour to meet the demands of the digital business more efficiently and effect.”
PhishCloud is an IT security services company that “empowers people to make intelligent decision on digital phishing threats, fortifies IT visibility so they can quickly respond to that threat, and delivers targeted education to reduce the risk of phishing attacks.”
The two company founders’ initial meet-up was at the DHS pilot project at Nicholls State University in Thibodaux, La.
According to Jaster, the relationship was sealed when after only a month in operation students who had limited exposure to cyber security initiatives, helped to track down a live Russian malware site “that was truly trying to download malware in the real world, in the wild,” by using Phishcloud.
The offerings both firms provide was then put to the test earlier this year when the two partners successfully trained and placed more than 80% of a class of beginner analysts from rural Appalachia in Eastern Kentucky into their first jobs as remote cyber analysts.
That set the stage for an announcement earlier this month that the two had signed a strategic partnership that will see PhishCloud incorporated into both FourSight, and a program launched by Four18 called TradeCraft Cyber Threat Analyst Training and Live Internship Program. PhishCloud and FOUR18 are partnering to fill the “massive talent void in cyber-attack detection, hunting and response,” a released issued on Sept. 9 stated.
“FOUR18's TradeCraft, powered by PhishCloud and the FOURSight platform, combines up-to-date training in attacker tradecraft and attack campaigns with real-time coaching and analytics tools in a live threat data internship in FOURSight to develop hands-on skills of new cyber analysts and incumbent front-line critical infrastructure workers.”
McCorkle, who spent 15 years of his career as an ethical hacker with the U.S. military and Fortune 500 companies, said, "the resources gap within IT has reached a critical stage.
“The Four18 platform is really set up to start taking these analysts from nothing to understanding the attack. I came up through the hard knocks. In 1997 I joined the military and from there I started learning about cyber security quickly and just realized that that was that was going to be the place to go.
“A lot of students that out there trying to get into cybersecurity may not be able to join the military to get this type of training.”
Jaster, meanwhile, describes the combination of the two offerings as a “real-time, edge-based anonymized community defense solution that we have piloted that proactively pre-empts phish-borne cyber attacks.”
“From my perspective, it is an immediate fit because their technology on the edge, what they were doing to anonymize data and to bring it in live and the lightweight nature of getting it installed both from an organizational resistance standpoint as well as just the simplicity of an edge-based deployment model, clearly made 100% sense to me. It was clear that our APIs could connect with each other.
“Attackers are inside networks an average of 120 days before being discovered. The damage is often astronomical. Just ask organizations like Home Depot, Target or Equifax. Or better yet, ask their customers.”