Backing a new approach to email security with Sublime Security
Email scams are fast on the rise in 2024, as bad actors begin harnessing the power of AI to create more personalized and curated phishing schemes.
According to cyber intelligence firm SOCRadar, there has been an 856% increase in the number of malicious emails sent so far this year. Despite advances in threat detection, public and corporate bottom lines remain greatly impacted by cybercrimes in which email is one of the primary threat vectors: in 2023, Americans lost more than $12.5 billion from cybercrimes, while business email compromise (BEC) events cost companies nearly $3 billion, per the U.S. Federal Bureau of Investigations.
While the leading email security vendors have made significant advances in detection algorithms, the form factor and user interface for security teams has remained largely the same. Many solutions still take a one-size-fits-all approach, despite increased customization seen in other security segments like Endpoint Detection and Response (EDR) and Security Information and Event Management (SIEM). In email security today, if a customer asks for a specific detection rule change, they often have to discuss it with the vendor then wait while the vendor incorporates changes into their model and rolls them out in their next product release. Most critically, that change needs to be suitable for all the vendor’s customers — an incredibly tall order.
In sum, the email security platform most companies are running is the same as their competitors’ and is certainly not tailored to their individual business or industry needs. The email security market — approximately $4.3 billion in 2023 and set to grow to $10.8 billion by 2032 at an 11% CAGR — is thus ripe for innovative, ready-to-scale solutions that take on the status quo.
Sublime Security (Sublime), an adaptive, AI-powered email security platform, is doing just that. Unlike traditional email security tools, which tend to be static and opaque “black boxes,” Sublime enables its customers to adapt to the changing threat landscape without vendor bottlenecks.
Sublime’s open architecture gives security teams the transparency and flexibility to construct defenses specific to the threats their business faces. In addition, Sublime deploys via API directly connected to Google or Microsoft email systems, allowing companies to quickly integrate the platform and start realizing value.
Sublime’s next-gen features set it apart from all other email security tools. No other platform empowers users to truly customize their email security approach with such granularity. Sublime gives users:
- Out-of-the-box protection – Companies deploying Sublime can immediately deploy Sublime’s AI-powered detection engine to detect threats in real-time, as well as to analyze historical data.
- Transparency – Users get a window into what is inside their email security tool, which they don’t get with legacy tools that take a “black box” approach to safeguard proprietary information.
- Customization – Unlike previous cyber security solutions, Sublime’s platform allows Security Operations Centers (SOCs) to develop custom rules on the fly and define the application of those rules by department or subgroup, recognizing that some groups within a business may need greater protection from phishing and other threats.
Sublime helps companies act quicker, be forward-looking and benefit from a like-minded community that is also seeking to defeat cyber threats. With Sublime, companies can implement:
- Back-Testing – Companies deploying Sublime can immediately test 400+ out-of-the-box and user-generated rules against historical email traffic. This accelerates deployment and eliminates the need to wait for new email traffic to test against.
- Threat Hunting – Rather than wait for an attack, companies using Sublime can be proactive and create rules and queries to proactively seek out potential threats.
- Collaboration – Sublime offers a community-based platform, similar to a GitHub code repository, where users can elect to share email security rules. This “network effect” not only helps Sublime’s product improve with each user added, but also encourages collaboration among organizations in the same industry (i.e., banking and healthcare) facing similar threats.
Such a game-changing idea often comes from personal experience, and here Sublime is no exception. The company’s co-founders, Josh Kamdjou and Ian Thiel, founded Sublime in 2019 based on the decade-plus Josh spent in offensive cyber security with the U.S. Department of Defense and the private sector. Throughout his career, Josh learned how to bypass the most secure email systems in the world — experience he, Ian and the rest of the Sublime team now bring to bear on protecting companies from the next generation of cyber attackers. Ian, an experienced startup executive leading product and customer teams, was the former Head of Product at Optimizely (a Citi Ventures portfolio company) and Head of Customer Growth at Alto Pharmacy.
With the email security landscape fast evolving, Citi Ventures is delighted to announce our participation in Sublime Security’s Series B funding round alongside lead investor IVP and existing investors Index Ventures, Decibel Partners and Slow Ventures. Our congratulations to the entire Sublime team! We look forward to supporting the company’s journey in the years ahead.
For more information, email Matt Carbonara at matt.carbonara@citi.com, Nick Sands at nick.sands@citi.com or Max Mailman at max.mailman@citi.com.
To see Citi Ventures’ full portfolio of companies, click here.