Oliver Muenchow, Founder
Despite constant efforts and continuous advancements in security software, risks continue to threaten businesses every now and then; whenever an employee accesses an application that interacts with untrusted networks, it renders the entire business vulnerable to attacks. Employees are the weakest line of defense and hackers find attacking through them to be the easiest way to access business data. The workforce, therefore, needs to be educated and involved in a business’ cyberdefense strategy. When it comes to that, attack simulations are one of the best means to provide a secure learning environment. With its unique understanding that security awareness combined with attack simulations can solve the critical security issue, a company called LUCY Security is enabling businesses to take on the role of an attacker, to uncover and overcome the weaknesses of their technical infrastructure and staff. “We at LUCY understand the need for effective training methods and have the solutions that enable small and large companies to measure risks with manageable budgets and ultimately, minimize it,” states Oliver Muenchow, the founder of LUCY Security.
During the phishing simulations that LUCY conducts, it is often observed that the security policies of companies are not adhered to by the employees when they submit their login information in a “SaaS-based shared environment.” Alongside, the data storage location may often differ from the actual data center, especially in large international corporations.
We at LUCY understand the need for effective training methods and have the solutions that enable small and large companies to measure risks with manageable budgets and ultimately, minimize it
LUCY offers the flexibility and availability that such enterprises require, as its software can be downloaded and installed anywhere around the world—on-premise, SaaS, or any cloud server. Through its fixed subscription fees that are independent of the company size, LUCY helps medium-sized companies to avoid the expense of a four or five-digit annual subscription fees spent on user-based licensing for attack simulations or training. The result is that even businesses with more than 100,000 users can now perform attack simulations and training, with a budget of less than $5,000 per year.
LUCY minimizes the risk of malware entering the company through its Malware Simulation Toolkit (LHFC). The suite allows businesses to test their cyberdefenses in a safe and effective way by emulating various threats equivalent to many of the tools that hackers employ.
While its existing product line does offer a high level of security for businesses, LUCY is continuously enhancing its abilities to help improve employee awareness. Its automated evaluation and risk analyses of reported suspicious e-mails offer noticeable assistance—a testament to this ability is the result of 50,000-60,000 e-mails being reported quickly, for one of its clients with more than 300,000 employees.
Another unique advantage of LUCY is its experienced team, which consists of former penetration testers. Attackers today are bypassing evolved protection mechanisms—like forwarding proxies with whitelists, filtering spam, analyzing behavioral content, and many such security applications—by hiding malicious content such as objects in office files, PDFs, signed applets, or web downloads. LUCY provides security from all such attacks in its software, enabling employees to be aware of such complex attacks.
Muenchow gives a sneak peek into one of the 450-plus features in LUCY’s development pipeline; they are working on the ability to correlate the incidents reports from employees with the data from its dark net cyberthreat research division. “We pride ourselves in covering many more aspects of different attack simulations than any other provider, and at an affordable price,” he adds. The company will continue to focus and build on its vision of making people testing, awareness training, and technology assessments available and affordable to everybody!