Protecting the Sensitive Content That Helps Protect Businesses Worldwide

Enhancing Security for Sensitive Content: Insights From Charles Carmakal, CTO at Mandiant

The threat of sensitive content being accessed by unauthorized users, whether intentionally or accidentally, while in transit or at rest, is real. As more personally identifiable information (PII), protected health information (PHI), and intellectual property (IP) is exchanged, cybercriminals find ways to steal it, sell it, or demand a ransom for it. Historically, organizations employed security mechanisms at the computing edge to secure sensitive, unstructured content.

Charles Carmakal, SVP and CTO at Mandiant, leads a team of incident responders and security consultants that help organizations respond to security events and prepare for and mitigate the risk and impact of those events. Charles and his team use Kiteworks daily to securely share documents amongst themselves, typically when they are dealing with files that are really large. They also leverage Kiteworks when they need to securely exchange communications and files with their clients.

On a regular basis, Charles and his team log into Kiteworks, upload files, send out emails, and securely communicate with organizations. He notes, “It’s hard to secure communications for emails. We can encrypt data from a transmission perspective, but in terms of the storage of emails, we recognize that it’s typically stored in a variety of places in an unencrypted manner. And so, one of the reasons why I appreciate using Kiteworks is I have both the confidence that the data that’s transmitted is encrypted as it is being transferred to myself or my team and then to our clients, but also when it’s stored, it’s stored in an encrypted manner.”

He continues, “I use Kiteworks regularly to send malicious files, because we need a secure way to exchange malicious content. And so, I ask people to compress and archive malicious content, password protect it, and then upload it to Kiteworks so that I could receive it in a secure way without worrying about infecting a computer in the process.”