Cloudflare expands zero trust platform with Area 1 Security acquisition

Area 1 Security’s cloud-native platform is designed to work seamlessly with any email offering, stops phishing attacks by pre-emptively discovering and eliminating them before these can inflict damage in a corporate environment.

In 2021 alone, the company blocked more than 40 million malicious phishing campaigns spanning business email compromise, malware, ransomware and other advanced threats.

Email is the largest cyber attack vector on the internet, which makes integrated email security critical to any true zero trust network, according to Matthew Prince, co-founder and CEO of Cloudflare.

“That’s why today we’re welcoming Area 1 Security to help make Cloudflare’s platform the clear leader in zero trust.

“To us, the future of zero trust includes an integrated, one-click approach to securing all of an organisation’s applications, including its most ubiquitous cloud application, email.

“Together, we expect we’ll be delivering the fastest, most effective and most reliable email security on the market,” Prince said.

Data from the FBI’s Internet Crime Complaint Center 2020 Internet Crime Report shows that malicious phishing campaigns including business email compromise are the costliest – with US businesses losing more than $1.8 billion.

Well known incidents of the last decade include the JPMorgan Chase breach, where a phishing attack impacted 76 million households and 7 million small businesses; SolarWinds, where phishing led to the compromise of 18,000 customers including multiple government agencies; Sony Pictures, where a phishing attack reportedly led to more than 100 terabytes of proprietary data being stolen; and in the US elections, where phishing has been cited as the cause of damage inflicted upon the United States’ electoral process.

VIEW ALL

As email continues to be an attractive entry point for increasingly sophisticated cyber attacks, businesses of all sizes need to consider how to integrate email solutions into their overall security stack and bolster it with global threat intelligence.

Chris Rodriguez, research director for IDC’s Network Security Products and Strategies explains that email is often the largest cloud application for any organisation and also represents the largest attack vector.

“Instead of viewing email security as a standalone issue, more businesses realise that it needs to be part of their holistic security strategy.

“The combination of Cloudflare and Area 1 Security offers customers a uniquely differentiated and comprehensive zero trust offering with coverage across the entire threat lifecycle,” Rodriguez said.

Today, email is a business’ most-used cloud application and it’s unfortunately unprotected, according to Patrick Sweeney, CEO and president of Area 1 Security.

“We estimate that more than 90 per cent of cyber security damages are the result of just one thing: phishing.

“By combining our leading phishing protection and threat intelligence capabilities with Cloudflare’s global network, data capabilities, and zero trust platform, we truly believe that together we can help companies of any size better secure their entire network infrastructure and better protect against the most destructive cyber risks,” Sweeney said.

Cloudflare entered the email security market in 2021 with the launch of its Advanced Email Security Suite and additional tools to create custom email addresses, manage incoming email routing, and prevent email spoofing and phishing on outgoing emails.

Cloudflare’s global network blocks an average of 86 billion cyber threats each day, the company has unique threat intelligence data that can allow it to more effectively filter out targeted phishing attacks (spear phishing) and other security threats that legacy email security solutions and API-only email security offerings can miss.

Area 1 Security has long taken a pre-emptive approach to email security to stop phishing campaigns during the earliest stages of an attack cycle. By combining Area 1 Security’s highly scalable technology and years of experience in email protection with Cloudflare's global network, the two companies aim to provide a holistic zero trust solution that customers can enable through Cloudflare’s global edge.

Under the terms of the agreement, Cloudflare will acquire Area 1 Security for approximately $162 million, subject to customary adjustments, with 40-50 per cent of the price payable in shares of Cloudflare's Class A common stock and the remainder payable in cash.

The acquisition is expected to close early in the second quarter of 2022 and is subject to customary closing conditions.

[Related: State of the Phish report reveals email-based attacks dominated 2021]