BLOG

UK Lawtech Startup industry report by Thomson Reuters and Legal Geek

By | Business, Cybersecurity, Email | No Comments
CheckRecipient is featured in this recent report put together by Legal Geek and Thomson Reuters on the state of the UK Lawtech Startup industry.

 

The report highlights:

  • UK Legal Services market worth £26bn a year
  • Legal start-up map for technology showcases 64 useful young technology companies for law firms including CheckRecipient
  • Lawtech is bringing efficiencies across the legal services value chain, particularly where legal services are more commoditised
  • There are 8 risk and compliance start-ups including CheckRecipient (12% of the overall report) to assist with the “ever-growing burden of regulation”
  • Increased efficiency and cost-reduction are the two key market drivers that continue to intensify and there is no evidence to suggest these pressures will reduce – creating a period of sustained growth for UK Law Tech

“CheckRecipient, an Accel Partners backed company, prevents users from sending highly sensitive information to the wrong people over email”

CheckRecipient wins InfoSec 2017 Most Innovative Cyber Security Company!

By | Award, Cybersecurity, Event | No Comments

CheckRecipient is honoured to win the UK’s Most Innovative Small Cyber Security Company of the Year 2017 at InfoSecurity Europe 2017!

The final was held at Infosecurity Europe, where CheckRecipient CEO Tim Sadler pitched to an expert judging panel.

The competition final was chaired by Martin Chalmers, Managing Director, Aerospace Defence, Security & Technology, Atkins, and comprised of judges, Nicola Whiting, COO Titania Ltd; David A Cass, Vice President & CISO, Cloud, SaaS Operational Services, IBM, Paul Crichard, CTO & Head of Technical Strategy, BT Security and Gary Steel, Assurance & Information Security, UK Ministry of Defence.

CheckRecipient raises $2.7m to tackle enterprise email security threat with machine learning

By | Business, Cybersecurity, Fundraising | No Comments
  • Most data breaches in 2016 arise from misaddressed emails*
  • Huge EU data protection shakeup in 2018 opens door to CheckRecipient
  • Accel and LocalGlobe co-lead investment allowing company to double team, with focus on hiring engineers

Full Press Release: London, 5 April 2017

CheckRecipient, a machine learning startup that aims to end the problem of misaddressed emails once and for all, has raised $2.7 million in a round co-led by Accel and LocalGlobe, with the participation of Winton Ventures, Amadeus Capital Partners and Crane.

Started in 2013 by three engineering graduates from Imperial College, CheckRecipient has developed an email security platform that uses machine learning to make sure sensitive or confidential data cannot be sent to the wrong individual.

CheckRecipient scans historical email data to understand conventional usage patterns and behaviours in companies’ email systems. Using machine learning allows CheckRecipient to spot anomalies and give users a chance to correct problems before sending. Unlike existing rule-based systems or encryption platforms, the system requires no administration or end user behaviour change.

Following rapid take-up in the City of London, CheckRecipient is working with multinational companies across the legal, healthcare and financial services worlds, with a view to launching in the US shortly. It is also developing CheckRecipient’s technology to address additional security concerns that organisations have identified with email and documents.

While there are daily scare stories about cyber attacks and the potential cost to business, basic human error and misaddressed emails are a much greater problem for companies in the financial services, legal and healthcare sectors. According to the Information Commissioner’s Office, misaddressed emails were the leading digital security incident reported in 2016. A wrongly addressed email can lead to a loss of clients, revenue, and serious reputational damage.

From May 2018, the new EU General Data Protection Regulation will impose a mandatory requirement for organisations to report data breaches involving personal data to the Information Commissioner’s Office (ICO), and fines for the worst breaches will increase to up to 4% of an organisation’s global turnover. While there are lots of products on the market designed to make email more secure, they all require a high degree of behaviour change from end users or significant administration from IT teams, meaning that their effectiveness is diminished.

Tim Sadler, CEO of CheckRecipient, said: “It’s human nature to fear the shark when we go swimming, but it’s crossing the road, an activity we do daily almost without thinking, that is more likely to kill you. There’s currently an obsession with the detection of malicious insider and external attackers, but the most common data security incidents reported to the ICO are all linked to human error. CheckRecipient allows organisations to demonstrate diligence to both clients and regulators by managing the risk of misaddressed emails. It also helps firms to protect staff from mistakes, which could cost them their career, in highly regulated, reputation driven sectors such as law and finance.”

Luciana Lixandru, partner, Accel, said: “CheckRecipient is developing an extremely effective product that resolves one of the corporate world’s biggest problems. As the technology is developed, there are a number of additional possible applications which will turn CheckRecipient into a gold-standard email and data security product.”

Ophelia Brown, partner at LocalGlobe, said: “For any company dealing with sensitive information, particularly in the professional services industries such as finance and the legal sector, CheckRecipient provides clear and immediate value. CheckRecipient is quickly proving itself to be the next generation email security suite that no company can afford to do without.”

Nick Saunders, Chief Operating Officer at Winton Group commented: “We became aware of CheckRecipient through their participation in the WintonLabs programme. CheckRecipient’s product covers an area of potential data loss that few companies protect at all. The team’s innovative approach to the problem led us to invest in the company, and implement their product as part of our wider information security strategy.“

CheckRecipient is already used by blue-chip names in the City and legal circles including a FTSE 100 financial services company, the world’s largest publicly traded hedge fund, Man Group, and Europe’s largest hedge fund, Winton Capital. Law firms who are using the product include Penningtons Manches and Travers Smith as well as some UK Top 10 and Magic Circle firms.

The company will use the funds from Accel and LocalGlobe to double its size to 24 people, with a focus on hiring business development and engineering expertise.

*Source: Information Commissioner’s Office

“CheckRecipient allows organisations to demonstrate diligence to both clients and regulators by managing the risk of misaddressed emails. It also helps firms to protect staff from mistakes, which could cost them their career, in highly regulated,reputation-driven sectors such as law and finance.”

– Tim Sadler, CEO, CheckRecipient

CheckRecipient wins Gold in the Info Security PG 2017 Awards!

By | Business, Cybersecurity, Email | No Comments

CheckRecipient is honoured to win the Gold award for Security Startup of the Year, in the 2017 Info Security PG’s Global Excellence Awards!

Info Security Products Guide, the industry leading information security research, and advisory guide, named CheckRecipient, the Gold winner of the 2017 Global Excellence Awards in the Startup of the Year category.

CEO Tim Sadler said “It’s been a great kick start to 2017 and we are thrilled to be recognised as the Startup of the Year by Info Security Products Guide. This great accolade adds to the recent success we have had winning Wired Security 2016 in the same category and getting recognised in the Forbes 30 under 30 for Technology”

Will Uber be destroyed by Google, because of a misaddressed email?

By | Email, Machine Learning, News | No Comments

Uber has been in the press a lot recently and all for the wrong reasons. Sexual harassment, ‘Grey Balling’ rides, fake apps to confuse regulators, the list seems to be endless, but its main undoing could be silently brewing away in a courtroom in San Francisco.

On the 13th December, 2016, a Waymo employee was copied on an email from one of their vendors, in error. On closer inspection, the email had the subject ‘Otto Files’ and contained detailed schematics of the self driving technology (LidDAR or ‘Laser Based Surveying’) and circuit board design of Waymo’s main competitor in the self driving car space, called Otto. Otto was also a client of the vendor that sent the misaddressed email.

The details contained within these email attachments (including machine drawings of an Otto circuit board), bore a striking resemblance to that used by Waymo. This instigated an investigation and lawsuit filed by Waymo, which is owned by Google (Alphabet) against the parent company of the recently acquired Otto, Uber Technologies.

The plot thickens when the backstory is overlaid. The man at the centre of the storm is Anthony Levandowski, a former senior Waymo engineer, who resigned 11 months earlier to set up his own autonomous vehicle startup (which was sold to Uber for $680 million, 6 months after its inception). His startup is called… you guessed it, Otto!

A statement by Waymo was posted on Medium and alleges that:

“… six weeks before his resignation this former employee, Anthony Levandowski, downloaded over 14,000 highly confidential and proprietary design files for Waymo’s various hardware systems, including designs of Waymo’s LiDAR and circuit board. To gain access to Waymo’s design server, Mr. Levandowski searched for and installed specialized software onto his company-issued laptop. Once inside, he downloaded 9.7 GB of Waymo’s highly confidential files and trade secrets, including blueprints, design files and testing documentation. Then he connected an external drive to the laptop. Mr. Levandowski then wiped and reformatted the laptop in an attempt to erase forensic fingerprints”

If the allegations turn out to be true and proved in court, it can have devastating consequences for Uber. Not only could the financial cost of litigation be crippling, but there could be an immense amount of reputational damage which could have far reaching impact and implications for everyone from Uber’s current and future investors, to its customers. Furthermore, Google could file for an injunction and prevent Uber from any further development of its self driving technology, at least until the matter is resolved in court (which could take years), thus slowing down its competitive position in a multibillion pound, rapidly growing market.

Copying an incorrect recipient into an email is one of the most common forms of misaddressed emails. CheckRecipient’s Guardian platform analyses millions of data points across the entire email network of an organisation and from this unstructured information, categorises and maps key data relationships. Guardian applies data science and machine learning algorithms to detect patterns of behaviour and anomalies across the network. In the case of the misaddressed email sent to Waymo, Guardian would have detected that the intended recipient was in fact not copied in with the other recipients as a matter of normal behaviour. Guardian would have detected that the subject matter and attachments were not usually associated with the normal pattern of communication between the vendor and the Waymo employee. Critically, had CheckRecipient been installed, the software would have picked up the anomaly and flagged it as a warning in real time, before it had been sent.

“The email, which a Waymo employee was copied on, was titled OTTO FILES and its recipients included an email alias indicating that the thread was a discussion among members of the vendor’s Uber team”

  • From the legal complaint filed by Waymo’s lawyer

CheckRecipient is a Finalist in the Info Security PG 2017 Awards!

By | Business, Cybersecurity, Email | No Comments

CheckRecipient is a Finalist for Security Startup of the Year in the 2017 Info Security PG’s Global Excellence Awards!

CheckRecipient has been named a finalist in the 13th Annual 2017 Info Security PG’s Global Excellence Awards. As well as being the only British startup to qualify as a finalist (one of only two European startups), CheckRecipient is also the only startup in the 1-10 employee bracket to be chosen. 

The team is thrilled to be recognised for our efforts during 2016 and would like to thank the Info Security PG team for the nomination.

Could CheckRecipient have curtailed the Clinton email scandal?

By | Cybersecurity, Email, Food for thought | No Comments

Email security has been in the news an unprecedented amount lately, and the need for those dealing with sensitive data to take precautions when using email has never been higher.

Reports confirm that human error and bad email-hygiene are among the leading causes of data breaches. The enormous fines faced by companies like Talk Talk and the reputational damage associated with such breaches (84% of Brits would reconsider brands affected by data breaches) show just how seriously both regulators and the public take the handling of sensitive data.

And that’s before we get to the Clinton scandal.

To summarise, Clinton set up and used a private email server which was then used to transmit classified and sensitive data, instead of using an official state.gov email account (which would have been hosted on servers owned and managed by the US government). Furthermore, investigative records show that Clinton aide Huma Abedin sometimes transferred emails from her State Department account to either her Yahoo account, or her account on Clinton’s server, in order to print emails. In fact, “Of the more than 160 emails in the latest Judicial Watch release, some 110 emails – two-thirds of the total – were forwarded by Abedin to two personal addresses she controlled”.

CheckRecipient can’t stop people setting up private servers. However, had the State Department been using CheckRecipient’s ‘RuleBuilder’ and ‘Guardian software’, it could have detected, warned, and stopped data being sent from the secure State Department email servers to external and personal email addresses.

It is yet to be seen whether the recently uncovered data transmitted this way was classified (and therefore in breach of federal requirements), but CheckRecipient could have stopped the data leaving government servers – and alerted the State Department immediately that the data was being transferred, by whom, and to whom.

“CheckRecipient could have stopped data leaving government servers – and alerted the State Department immediately that data was being transferred, by whom, and to whom.”

The problem, however, ranges further afield than the Clinton scandal; it seems that this behaviour is far from unique. Whether it’s classified information or restricted intellectual property, without barriers in place, this data is being allowed to leave the secure, closed systems where it is meant to remain. For example, a 2015 survey of US government employees shows a significant number of had used personal email accounts for government business.

With all the press attention on state-sponsored hackers, advanced persistent threats and sophisticated tools to identify malicious behaviour on networks, it’s important to remember that in fact, “Data sent by email to incorrect recipient” was the number one cause of digital data security incidents reported to the Information Commissioner’s Office and the vast majority of breaches and improper removal of intellectual property are in fact, related to human error.

WIRED Security 2016 Award Completes Hat Trick Week for CheckRecipient!

By | Award, Business, Machine Learning | No Comments

Winning an award is set to make anyone’s week, but last week, CheckRecipient succeeding in winning a whopping three.

On Tuesday CheckRecipient won the LegalGeek award for Best Machine Intelligence Start Up, before doubling up on Thursday to win the FUSE 2016 Best Start-Up Pitch and the WIRED Security 2016 Start-Up Stage Award!

Needless to say, it was a fantastic week for CheckRecipient, and wonderful to see our team and software gain a range of accolades and recognition. The company would like to say a huge thank you to everyone involved in the three events, the organisers, judges, our customers, attendees and the CyLon team for their support at the awards.

We’re very proud to be acknowledged at this stage but we are excited for the next step of our journey!

“We do it 20 times a day. Some of us have been doing it since we were born. Many of you are doing it right now… Emailing!”

– Tim Sadler, CEO, CheckRecipient

CheckRecipient Wins WIRED Best Security Startup

By | Award, Cybersecurity, Email | No Comments

CheckRecipient was named winners of the WIRED Security 2016 Best Startup Award. Competing against 15 other fantastic cybersecurity startups, CheckRecipient stood out across a panel of judges including representatives from KPMG, Wayra, and Intel Venture following a pitch from CEO Tim Sadler.

After receiving the award, CheckRecipient’s Head of Business Development,  Abhirukt Sapru presented on the main stage at last Thursday’s WIRED Security 2016 Event in Canary Wharf after winning the award.

The CheckRecipient Team would like to thank everyone at Wired Security 2016 for organising a fantastic event.

CheckRecipient Wins Award for Best Machine Intelligence Start Up

By | Award, LawTech, Machine Learning | No Comments

CheckRecipient has won the Legal Geek Award for best Machine Intelligence Start-Up.

The award was a culmination of receiving the most votes in the machine intelligence and cyber security categories on the Thomson Reuters/Legal Geek Start-Up Map.

CheckRecipient was asked to present as a result of this effort with 2 other companies up for nomination in the category. Following a successful pitch from CEO and Co-Founder, Tim Sadler, and after a well-received stand at the Legal Geek Conference 2016, CheckRecipient were given the award.

The CheckRecipient team would like to thank the judges, Jimmy Vestbirk and the Legal Geek team, and the sponsors – Freshfields and Thomson Reuters – for a great event and for the honour.

Redefining Data Security

By | Cybersecurity, GDPR, Regulation | No Comments

Data security and privacy tends to be associated with defence against external actors. Sufficient investment in the protection of networks against hackers provides the most robust cyber security, or so the logic goes. Human error is part of the problem, but mainly in the form of opening ‘dodgy emails’ that are actually intended to attack a computer.

In truth, human error plays a far greater role. Between May 2014 and March 2016, over 3000 incidents were reported to the Information Commissioner’s Office (ICO). 2066 – or 68% – of these were categorised as ‘disclosure of data’ rather than a ‘security’ incident.

This means that the vast majority of data security breaches were not so-called ‘cyber attacks,’ but rather human errors like losing devices, insecure disposal or verbal disclosure. Chief among these errors was data being sent to an incorrect recipient.

In the last quarter, whereas ‘cyber incidents’ like phishing or DDoS attacks made up 9% of data security incidents reported to the ICO, data being sent to the wrong recipient comprised over 30%. Indeed, incidents involving data being emailed to the wrong recipient increased by 60% over the last quarter. As the ICO noted:

“A particular risk factor for incidents within this category is the use of ‘autocomplete’ rather than typing in an individual’s full name into the ‘to’ field. Often, the sender of the email will not realise their error until alerted to it by the recipient. Disabling ‘autocomplete’ may reduce the likelihood of such an error occurring.”

Worryingly, this was especially prevalent in the health sector. There was a 26% increase in data security incidents in health compared to the previous quarter, representing 43% of all incidents in Q1 2016/17. Data being sent to the wrong recipient was the most common type of incident reported in healthcare. Aside from health, other types of security incident reported across all sectors included ‘failure to use bcc when sending email’, ‘failure to redact data’ and ‘inadvertent publishing of data on website.’ This is not data theft by nefarious state actors,

Aside from health, other types of security incident reported across all sectors included ‘failure to use bcc when sending email’, ‘failure to redact data’ and ‘inadvertent publishing of data on website.’ This is not data theft by nefarious state actors, cyber criminals or hactivists – this is sheer human fallibility. Moreover,

Moreover, inadvertent disclosure is likely to be woefully underreported. There are two reasons for this. First, people are often unaware they have done so. Second, people are embarrassed to admit it. Part of the reason the health sector continues to account for the most data security incidents is because of the NHS actually making it mandatory to report breaches. However, this will soon change. The General Data Protection Regulation (GDPR), which came into force in May this year, makes notification to the regulator mandatory for breaches of personal data. Moreover, fines will be introduced of up to 4% of worldwide turnover or 20 million euros – whichever is higher. Several actions are required to begin to address these challenges, especially as the GDPR comes into being.

First, we need to reconsider our collective understanding of data security. Continuing to focus exclusively on protecting against perceived external threats – and ignore the scale of inevitable human error – misses the point. So many of our other technologies now have inbuilt mitigations against human mistake. Cars that alert the driver when he or she is reversing towards a wall; GoogleMaps directions that readjust when you take a wrong turn; even the caution put to most computer users on a daily basis: ‘do you want to save changes?’

Second, we need to invest in technologies to deal with these challenges. It is impossible to teach humans not to make honest mistakes, yet reducing speed and efficiency in favour of caution is far from ideal either. The technology to deal with this problem does exist. CheckRecipient learns from historical user sending patterns to build a graph of the sender’s social network. It then intelligently detects any recipient mistakes when the user clicks send, and gives him or her the opportunity to correct their error. Organisations should be signposted towards such providers, to accelerate the take-up of such technology.

Third, the GDPR will accelerate the wave of increased data breach reporting. As the true scale of inadvertent data loss is becoming clear, other forms of data security incidents are as well. We should avoid hyperbole, and use this as an opportunity for an honest appraisal of what can be done. Part of the reason why individuals and companies are loath to admit such mistakes is concern for reputational damage – discovering they are not alone makes it easier to do so. Conversely, recognition of best practice by different organisations should be heavily encouraged, and the new era of increased reporting should be used to spark such conversations.

There is a great deal that can be done to reduce data breaches. The GDPR makes taking action all the more urgent. We’re only human – recognising this is the first step.

CheckRecipient: Insights from CloudSec 2016

By | Cybersecurity, Email, Event | No Comments

CheckRecipient attended CloudSec 2016 at the Park Plaza hotel in London. An insightful event, there were numerous lectures, panel discussions and breakout sessions that wholly supported some of the key threats that our company is focused on.

“‘[Artificial Intelligence] is a big trend. You need to use cloud level security for threats that exist in the cloud world. Investment around Machine learning and AI will give you access, starting at cloud “

– Michael Wignall, National Technology Officer, Microsoft

One of the more insightful panels at CloudSec 2016 was a segment on key questions every CEO should be asking about cybersecurity. The speakers on the panel were Darren Argyle (Global CISO of Markit), Troels Oerting (Global CISO of Barclays), Michael Wignall (National Technology Officer at Microsoft), and Rik Ferguson (VP Security Research of Trend Micro.
There were a few particularly interesting and relevant questions asked including (with paraphrased answers):
Do you think executives at organisations are aware and what they need to do?
Darren Argyle: CEOs now understand and are now asking the questions. They are more informed than you expect. They want to drill down to next detail, which mission critical assets and parts of the business are most at risk. We as CISOs need to communicate better to them
When you talk to the board what is the pressing topic when it comes to cyber threat?
Darren Argyle: Our very first discussions were that security was a cost of doing business, but I now position it internally as an investment in the brand. The board then  starts viewing this very differently. The board is also looking for some formal education. This is both what I say and what third parties say, so its key to leverage the big 4 to combine that message and get it across. Boards are always interested in benchmarking. They want to know how much are we doing compared to our competition. They don’t want to spend too little but also do not want to spend much more so that balance is important. 
Does the board understand you always think cybersecurity when you start a new service?
Troels Oerting: Any road to a successful digital future leads to security and a needs to offer security, privacy and to build customer trust. The process used to be build first and pen-test subsequently. Now we build and pen-test concurrently, and then red team the processes. It’s a different biz model. We are interested in what is hitting me now, but what WILL hit me later. It’s the real threat, otherwise I am  preparing for the past and while I do that, criminals are preparing for future
What are you doing to help customers with security in the cloud?
Michael Wignall: It’s about core table stake.  You Need to ensure 2 things.
1) building to ensure security  and
2) doing it for our customers.
Compliance and trust all go hand in hand. We will independently audit everything and then share this with customers. This gives them some comfort and security. We provide more evidence than everyone else so they understand everything in the context of their business. Explaining this is harder.
With GDPR do you think more customers will use cloud services? 
Rik Ferguson: There is a great temptation to outsource, because people don’t realise you cannot outsource accountability. The move will carry on, but as process changes people need to realise that the big problem is that security has been an afterthought, and in a business context it is still a bolt-on. How do I build security awareness in all the silos? Security must stop be a bolt-on and become embedded in the business. Then regulatory compliance will be more straightforward as security and biz will understand each other.
What trends are we seeing and is IoT the best threat?
Michael Wignall:  Artificial intelligence, outside of IoT, is a big trend. You need to use cloud level security for threats that exist in the cloud world. Investment around Machine learning and AI will  give you access, starting at cloud.
Darren Argyle: What keeps me awake is the education piece because it’s a continuous process. Boards and executives change. Dynamically allocating education is important so that you keep the risk aware customer. Knowing where our crown jewels are is what keeps me awake. Constant M&A creates a fluid movement of assets. Machine Learning has great opportunities to understand the context of data to get understanding of sensitivity and where it is shifting in your environment.

CyLon, Farewell, Auf Wiedersehn, Goodnight

By | Business, Cybersecurity | No Comments

This Spring, CheckRecipient participated simultaneously in two accelerator programs, Winton Ventures, and Cyber London (CyLon).

Cyber London is Europe’s first cyber security accelerator and incubator space, and CheckRecipient was one of 7 companies chosen to participate alongside the other 16 alumni.

The three-month accelerator, alongside an intensive curriculum, allowed CheckRecipient to continue to grow its network through CyLon’s mentorship calendar, and was exposed to a range of new partners and customers through the process.

CheckRecipient participated in the

CyLon Accelerator Program from

May 2016 to July 2016

CheckRecipient culminated the the CyLon experience during Demo Day, an event for potential customers, investors, partners, government officials, CyLon alumni and cybersecurity experts, to engage with the most recent cohort of companies coming out of CyLon.

Our CEO, Tim Sadler, was given the opportunity to present CheckRecipient to over  230 of these professionals – you can watch his presentation in the video above.

The CheckRecipient team would like to thank the CyLon team for their support, professionalism, and exemplary programming throughout the accelerator program.

5 Ways to Conquer Your Employees’ Greatest Fears

By | Business | No Comments

As the old adage goes, people are your greatest asset. It is in the interest of every company to keep employees happy, motivated and most importantly, fearless to perform their duties to the best of their abilities. Fear can be debilitating to productivity and impact job performance. CheckRecipient has compiled a quick guide from our experience with our staff on how best to reduce fear in the workplace.

“By failing to prepare, you are preparing to fail”

– Benjamin Franklin

5. Have a Structured On-boarding Process

When a new employee joins your company it is essential to make sure their transition to the workplace is as smooth as possible – after all, this is where they will be spending most of their waking life. Be sure to showcase the work culture to the new hire, introduce the employee to as many people in the team as you can, and lock in a social event so that the employee feels welcome and invested in the company. It is good to make sure the employee understands his/her roles and responsibilities, the software and internal processes, and the key people for each function so that they can do their job well and with minimal assistance. You should set aside some time as the employee joins to make sure they are comfortable with this before they start contributing to revenue.

4. Keep Employees Abreast of Key Business Decisions

When an employee is putting in the hours, developing stellar work product and coming up with innovative solutions to business problems, there is nothing more frustrating with not understanding the reason for nondeployment or a lack of time. By keeping employees in the loop on some of the challenges that managers and leaders are facing, it ensures the team can work towards a common goal while keeping morale as high as possible.

3. Make Sure to Have Detailed Policies – and Build in New Ones When Needed

Employees can inherently panic when confronted with new situations, or cultural changes, or business continuity decisions within a firm. By setting up a set of guidelines and processes for events to manage uncertainty and curb risk, employees can feel comfortable in their environment and can optimize their time by not disturbing management with simple and readily available answers to frequently asked questions. It is also important to remain flexible in policy approach, and build in new ones as the need arises to avoid a similar situation down the line, or should customers request comfort during their due diligence process.

2. Throw Employees in at the Deep End but Make Sure They Have Adequate Support

It is good to challenge your workforce and allow them to work to the best of their abilities and for your firm’s key needs. But it is also essential to reassure them that they are free to make the occasional mistake and have the support around them to answer any key questions – when writing a new line of code, creating new content, or pitching to a new client.

1. Put in Preventative Measures to Reduce the Chance of Human Error

Mistakes happen all the time in business – they are important in developing new processes and in learning how to grow a company. However, there are certain mistakes that are clerical, technology related, or administrative that can be easy to address with the correct infrastructure in place. By investing in preventative measures – in the form of new processes, software, training or tools – that can reduce the risk of human error, you can provide a degree of comfort to your employees and allow them to work faster and more efficiently with considerably less stress.

British CyberSecurity : What’s on the Horizon?

By | Cybersecurity, Policy | No Comments

As part of the Information Security Week’s festivities in June, the American Embassy had put on an event that CheckRecipient were kindly invited to by CyLon. The speaker, Conrad Prince, the UKTI Cyber Ambassador, gave the audience an overview of the foundations being laid by the British Government to help drive British Cybersecurity:

“The British Government spent £400mm on

cybersecurity efforts in the last year”

– Conrad Prince, UKTI Ambassador

1. Foster Transatlantic Partnership

According to Prince, The U.K. spent around £400mm on cyber security in the last year and almost 2/3 of that expenditure was spent on U.S. imports. It remains a priority for the British Government to prioritise this relationship.

2. Build the New National Cyber Security Centre (NCSC)

Announced in November, the NCSC will be open and ready to go in October this year. It will bring the nation’s experts together to transform how the UK tackles cyber security issues. According to the GCHQ it will “be the authoritative voice on information security in the UK and one of its first tasks will be to work with the Bank of England to produce advice for the financial sector for managing cyber security effectively.”

3. Grow Skills, Education, and Training

People are just beginning to understand how important cybersecurity is and will be going forward and to keep the UK as an information security leader, to protect the UK’s government and industry, and to pioneer change in the industry there is a lot of work being done between the government, academia, and industry players around skills, education and training. Apprenticeships and retaining schemes are being pushed, doctoral studies are being funded, and young people aged 14–17 are being focused on for skill development to support the three verticals.2. Your Compliance & Information Security Divisions Can Get Overloaded

4. Support Vibrant British Industry

The government wants to push startups and SMEs towards growth and find ways to support exports from our businesses. There are new innovation funds being set up to invest in cyber startups and plans to focus on support within the NCSC. The challenge for the government comes with identifying the right startups and businesses to support.

5. Proactively Take on Proactive Measures around Cyber Warfare

He echoed George Osbourne’s November speech to GCHQ about building up immunity from and deterrence to hostile cyber attacks, post the tragic Paris attacks. It remains a concern for the UK that innovation needs to run to stand still, in light of the ever-increasing sophistication of cyber attacks.

It remains an interesting time in cybersecurity and it is great to see the government focusing on strategy to support industry, skill development, and trade. The CheckRecipient team will continue to follow this space closely.

10 Business Mistakes You Can Make on Microsoft Outlook – A Quick Checklist

By | Business, Email | No Comments

Microsoft Outlook is used by most organisations as their go to for email.  While Outlook has many benefits – it plays well with Active Directory, it’s easy to organise emails, it is efficient to manage workflow, and it has a great integrated calendar system, there are inherent human risks associated with using the software. The below list highlights 10 of biggest mistakes employees can make when using Microsoft Outlook.

A study by Radicati showed that there are

almost 1 billion business email accounts in use.

10. Copying and Pasting the Wrong Content into an Email

With thousands of emails in your inbox that need a reply, sometimes it gets easy to copy and paste standardised responses to distribute en masse. Always double check the message body with the recipient lines before you click the dreaded send button!

9. Using the Incorrect Signature

Certain clients demand more professional signatures in an e-mail, particularly when prospecting potential customers or when it is imperative to include contact details. Make sure that you use the correct signature when dealing with those emails.

8. Inadvertently Messaging the Person You Are Talking About

It’s common to refer to other people – such as a boss or customer – in an email. Perhaps a project is due next week or a customer has provided some negative feedback that needs to be escalated. It’s always best to double check that you haven’t copied in that person in your email.

7. Attaching the Wrong File

With PDFs and documentation being proliferated over email, documents with multiple versions and similar file names exist in your company’s database. Make sure to triple check the version of the file, the file name and file size to ensure you are sending across the correct attachment.

6. Sending an Email to the Wrong Distribution List

Distribution lists are becoming more and more common when dealing with deal teams and with confidential projects. These project names are sometimes numerical so it is imperative to check that the content matches in all fields in an email.

5. Sending an Email to a Personal Rather Than a Professional Email Address

Sometimes, you interact with your customers and business partners on a personal level as well – dinner, golf games, and other social activities. Make sure that when you are sending across confidential and work related emails that you’ve put in the person’s correct email address.

4. Sending an Email to the Wrong Person at a Customer’s Company

When cross-selling products, or working on multiple deals with one company you could be liaising with different departments or segments of an organisation. It’s always best to look through historical email chains to see who the right party for the specific email is.

3. Sending an Email to the Wrong Person with a Similar Name

Some names – John Smith for example – are very common and there could be multiple customers or even people within your organisation that have the same or similar names. Make sure the John or Jane Doe in question is the correct one by checking the handle or department code at the end of the email.

2. Incorrectly Cc-ing or Bcc-ing the Wrong Person

Sometimes a trailing mouse-pointer can lead to a typo in the incorrect field, so make sure to always watch your Cc and Bcc lines when sending out a message. It is also common to Cc a person when the message should be addressed to the recipient so it is worth checking to ensure the recipients are in the correct part of the email.

1. Auto-completing the Wrong Person

This is probably the hardest problem to stop. When separating names, make sure there is a space between the semi-colon and the next email, and that a semi-colon is being used rather than a comma on Microsoft Outlook. It is also good practice to check that an email address is complete, and that Outlook has underlined and recognised the sender before the email goes out.

Can We Eliminate the Typo?

By | Email, Fun | No Comments

If you say the 6 letter acronym ‘QWERTY’ to almost anyone in a professional setting, they’ll instantly think of their work device – a keyboard on their computer, the pop-up on their tablets, and their numerical pads on their BlackBerrys.

If you ask most people why their keyboard is laid out in such a way they wouldn’t know the answer. In fact, it stems back to the mid 19th Century when budding entrepreneurs Christopher Sholes, Samuel Soule and Carlos Glidden came together to create the Remington 1, the first commercially successful typewriter. Their reason for the QWERTY keyboard? Telegraph operators used machines to transcribe Morse code over a series of iterations. The common misconception is that the keyboard was created to prevent keys jamming and for a mechanical reason.

What is extremely interesting and frustrating is that the keyboard has been designed as a reactive tool, and this has lead to what some argue is an inefficient typing mechanism. There are solutions – the Dvorak and Colemak keyboards are designed for frequent key use near the bottom row, but the opportunity cost in re-training yourself to type is too high to justify the switch.

But does changing the design and the frequency correlate to our ability to make typo? After all the curse of the “fat finger” happens away from the keyboard and when opening applications on a mobile device. It seems that there is no cure for the incessant problem grappling users across the globe.

But what if there is? Autocomplete is a function where an application predicts the next part of a string of text or numbers in order to prevent a user from typing in full. A time-saver, it also acts as a tool to eliminate typos by reducing the overall time it takes to type. But with autocomplete comes a whole new set of problems –  incorrect changes, the wrong word, a homophone or a different syntax.

Introducing machine learning and artificial intelligence – two buzzwords that are well integrated into the technology ecosystem. As demand has pushed business to focus on speed, it is important to ensure accuracy in an age where information is easy to send and therefore easy to send incorrectly. Machine learning allows users to continue using tools like autocomplete to maintain high speeds, but to reduce some of the risks – and sometimes key risks – when acting in such a velocity-driven environment. Typos are now being identified, caught, and changed correctly or with guidance.

But in answer to the question can we eliminate the typo, the answer is simple: no. But can we reduce the risks associated with typos? That’s a resounding yes.

5 Biggest Reasons Why You Should Invest in Preventing Email Mistakes

By | Business, Email | No Comments

Email is the main way people in organisations communicate with each other and with external parties including customers, partners, investors and more. Everytime an employee writes an email, there is a propensity to make a mistake. Here are the 5 biggest reasons why it is important for your company to invest in preventing email mistakes.

“‘Amen’ is like the ‘Send’ button on an email.”

– Steve Toltz, Fraction of a Whole

5. Email Mistakes Can Damage Your Personal Reputation

If you send out an incorrect e-mail, you can give off the perception that you are careless and lack attention to detail – even if it is due to a technical mishap. Don’t let a simple mistake ruin the years of hard work and care that you’ve put in building your personal brand!

4. Email Mistakes Can Damage Your Company’s Reputation

It’s not just your personal brand that’s in jeopardy, but your firms. If you seem careless, your company starts to be viewed as negligent with information. This filters into your company’s overall brand perception and can cause your firm to lose out to competitors in both the short and long term as competitors capitalize on the mistake.

3. A Big Mistake Can Cost Your Company Millions in Fines

There have been cases in the press of financial services firms sending out detailed non-disclosure agreements to the wrong firms and medical companies sending out patient data to the incorrect recipients – all due to an innocent typo when sending an e-mail. Not only would you lose your customers’ business, regulators can throw you all sorts of fines for information security breaches – from the hundreds of thousands to the millions.

2. Your Compliance & Information Security Divisions Can Get Overloaded

Alongside the damage done externally, your company’s resources will be stretched in the event of a misaddressed email or other e-mail mistake. The long process of reporting, clean-up, interrogation and explanation internally can cost the firm highly in wages, and prevents a core part of the business in doing its job fully and effectively.

1. You Could Lose Clients and New Business Opportunities

Legendary American entrepreneur Harvey Firestone said that “fundamental honesty is the keystone of business.” Without trust in data and personal information protection, existing customers will choose other service providers, or shun your solution all together. Without existing customers and with a damaged reputation, it will be increasingly difficult to source new business opportunities.