The Silicon Review
“Our solutions are built on a multi-layered approach to cryptographic security that provides maximum assurance for communications in Zero Trust Environments, where networks are assumed to be proactively compromised.”
Adam Such, President and COO of Communication Security Group (CSG), Cellcrypt’s parent company, spoke exclusively to The Silicon Review. Below is an excerpt.
Q. Explain your services in brief.
CSG is the leader in mutually authenticated, end-to-end encryption for any kind of data in motion. We’re best known for our Security as a Service (SECaaS) platform, Cellcrypt, which provides military-grade encryption for voice/conference calls, instant messaging, and file transfers. We offer these solutions through an enterprise-ready architecture, with a set of tools and services that are ideally suited for distributed workforces, and which expand an organization’s secure network to a remote or mobile team. Our solutions are built on a multi-layered approach to cryptographic security that provides maximum assurance for communications in Zero Trust Environments, where networks are assumed to be proactively compromised.
‘Military-grade’ is a term that is often misused; however, in the case of Cellcrypt, it is accurate. For over five years, we have provided voice encryption solutions (VoSIP) to the United States Department of Defense—in partnership with the Defense Information Systems Agency (DISA)—for use within Classified Secret and Top-Secret networks. Our products are in active service within the US military, federal agencies, and at the highest levels of the US and other governments worldwide.
Q. So, this is a government-only solution?
Outside of the government sector, Cellcrypt has been adopted by some of the largest organizations, including finance and telecommunications companies. For example, Verizon white-labels Cellcrypt as its own product, Verizon Voice Cypher Ultra. Similarly, in the finance sector, customers include one of the largest banks in the US and one of the largest insurance companies globally. Part of the reason for our success in the commercial sector is that we provide the same standard of certified encryption for commercial customers as we provide to our military and government customers. In fact, our standard cryptography exceeds the requirements of the Commercial National Security Algorithm Suite (CNSA) cryptographic standard as defined by the NSA (US National Security Agency) for protecting classified information up to Top Secret. We can also integrate into existing network architectures through a suite of enterprise management tools and products, such as a secure gateway to empower PBX phone networks.
With Cellcrypt, organizations can provide the tools their users demand while avoiding the issues associated with Shadow IT.
Q. This must be an exciting time for Cellcrypt, then?
This year, we’ve seen an extraordinary increase in interest from companies across the private sector in response to the on-going global health crisis. This has been driven by the requirement to communicate and collaborate easily in a secure, encrypted environment, no matter how distributed the team. As working from home (or anywhere) becomes the new normal, organizations must turn to trusted, certified solutions to maintain business continuity.
One feature that is a source of particular interest is the ability to hold secure, encrypted conference calls without the need for PINs and passwords. This is augmented with our PBX gateway that allows desk and conference phones to join a conference call with remote Cellcrypt users. But users also love the ability to share large files of any type, fully encrypted end-to-end. Where you can’t usually send these via corporate email, the ability to share files of over 500MB is transforming the way remote teams can work together.
With our secure, encrypted instant messaging you can send these large files as easily as sending a text message and can also share photos, videos, and voice notes, either one-to-one or within a group. Like voice calls, messages are fully encrypted with a new key for each message and without the need for complex key management.
To support organizations through the Covid-19 crisis, we have launched a new Secure Communications for Home Workers quick-start program, offering an enterprise-ready, rapid deployment of Cellcrypt at an unprecedented discount.
Q. What is it that motivates you in the development of Cellcrypt?
At our core, we are privacy and security advocates who take industry-leading innovation from the most demanding niche involving national security to broader use by governments, businesses, and individuals globally. We are secure by design, particularly in the fine details, and start from a true security perspective as opposed to one of convenience or marketing hype. At CSG, we use our decades of technical expertise and experience in this space to solve security issues, often long before they are widely known or understood. In addition to numerous industry firsts since our founding in 2004, we have always been proud of how Cellcrypt allows countless organizations to proactively respond securely and safely to opportunities and threats in real-time. That has, of course, been recently highlighted as governments endeavor to protect their citizens, and businesses strive to continue trading and safeguard jobs.
Q. Where do you think most communication security is lacking, and how is Cellcrypt filling the void?
The health crisis has forced businesses and governments to support a newly distributed workforce. In doing so, they often rely on consumer or freemium apps that are not designed for use within an enterprise. This introduces a severe risk to organizations as these uncertified and unsuitable tools, which do not integrate into their IT infrastructure, put their data and their users’ privacy and security at risk.
The use of these apps is often driven by the end-user instead of the IT department and is, therefore, outside the organization’s oversight. Although we don’t yet know the actual figure, Gartner has estimated that by this year, “one-third of successful attacks experienced by enterprises will be on data located in Shadow IT resources.”
Unlike consumer apps, Cellcrypt offers a whole host of tools that put the organization back in control, including user administration, archiving for regulatory purposes, reporting, PBX landline integration, support, and certification.
Also, when it comes to security, the mere presence of an encryption algorithm does not indicate these consumer messaging platforms are secure; in fact leading industry analysts describe their use as akin to having a conversation in a public space.
Encryption is not an add-on that can be pinned to an offering and be expected to provide meaningful protection. It must be at the core of the design and fundamental to the architecture. A false sense of security creates more risk than an understanding that a platform is not truly secure.
Q. Do you have any new services ready to be launched?
The next year is set to be a fascinating one for Cellcrypt and our users, as we introduce a range of ground-breaking functionality, enhanced cryptography, and improved quality of service. One example is end-to-end encrypted video conferencing, which will be an industry first. We’re incredibly proud to launch this feature as it will transform how enterprises can collaborate securely. For instance, it will enable the C-suite to meet virtually to discuss subject matter that is highly sensitive when they need to, rather than physically in approved, secure locations. It also enhances team building, cohesion, and collaboration, particularly when coupled with our dynamic collaboration suite, without fear of intrusion or unauthorized visitors disrupting the conference.
We will soon launch our software developer’s toolkits to empower developers to integrate advanced Cellcrypt security and cryptography in third-party systems and products. This will provide mutual authentication and military-grade encryption of any kind of data in motion through our Secure Common Data Fabric for applications ranging from infrastructure, sensor suites, mobile apps, and the Internet of Things. These APIs will not just protect that data in transit but will enable embedded communications across networks.
The Leader at the Helm of CSG
Adam Such is the President and COO of CSG (Communication Security Group). Adam is a retired Special Forces Lt. Colonel, having served 20 years in the US Army. He earned a bachelor’s in general engineering from the US Military Academy at West Point and a Master of Security Studies as an Olmsted Scholar from the University of Ljubljana in Slovenia.