Valimail - Experts & Thought Leaders

DigiCert, a major provider of digital trust, backed by Clearlake Capital Group, L.P. (together with its affiliates, “Clearlake”), Crosspoint Capital Partners L.P., and TA Associates Management L.P., announced the acquisition of Valimail, a market pioneer in zero trust email authentication delivered as a service.  With more than 92,000 clients worldwide, up 70% this past year, Valimail is recognised as a pioneer in protecting organisations from phishing, spoofing, and domain-based threats. The acquisition advances DigiCert’s strategy of delivering end-to-end digital trust. Valimail adds leadership in zero trust email authentication to the DigiCert ONE platform that already brings together public CA, private PKI, certificate lifecycle management, and DNS to give customers a unified view of digital trust. DigiCert’s strategy "Our strategy has always been to expand our platform's capabilities with technologies that solve emerging threats for customers, and we believe that email authentication is the next logical step for DigiCert ONE,” said Amit Sinha, DigiCert CEO. “This strategy has guided our evolution from the world's largest certificate authority company into a digital trust platform leader. Today, the rise of AI and the looming threat of quantum computing against current encryption have made it clear that the future of digital trust must be built on the belief that every digital interaction requires the right level of protection.” “Valimail is a leader in zero trust email authentication, with durable, foundational technology that is essential for securing email interactions at scale." Protecting global brands Valimail is a pioneer in Domain-based Message Authentication, Reporting, and Conformance (DMARC). Today, the company protects global brands, enterprises, and government agencies, and holds the industry’s most robust portfolio of DMARC-related patents. Valimail is also the only DMARC provider with FedRAMP authorisation, underscoring its leadership in highly regulated environments. Recognising trusted emails DigiCert is also a major global provider of Mark Certificates (MCs) and Verified Mark Certificates  DigiCert is also a major global provider of Mark Certificates (MCs) and Verified Mark Certificates (VMCs), which enable organisations to display verified brand logos in customer inboxes. When combined with DMARC, VMCs power BIMI (Brand Indicators for Message Identification), allowing users to instantly recognise trusted emails. This not only helps prevent phishing but also reinforces brand identity with visual trust indicators such as the blue check mark alongside the sender’s name. By bringing together DMARC enforcement, VMCs, and DigiCert’s leadership in digital trust, organisations can deliver a safer and more trustworthy email experience for their customers. Authenticating the world’s communications “Our mission has always been to authenticate the world’s communications, starting with email,” said Alex Garcia-Tobar, Valimail CEO. “Teaming up with DigiCert helps accelerate our joint mission globally, aligning with the company’s broader trust ecosystem and ensuring that organisations are secure not only in their email, but across all their digital interactions. As a growth company, we’re excited to work closely with Amit and his leadership team to capture a larger share of the $4B+ market opportunity ahead of us.” Sidley Austin LLP served as legal advisor to DigiCert. Piper Sandler served as the exclusive financial advisor to Valimail while Fenwick & West LLP served as legal advisor.

DigiCert, a pioneering global provider of digital trust, announced the availability of its Common Mark Certificate, a new type of certificate designed to help organisations enhance the security and value of their email communications. For organisations with logos protected under prior use–rather than registered trademarks-Common Mark Certificates enable the enhanced brand recognition and email deliverability benefits that come from displaying the sender's logo in the recipient’s inboxes. Benefits of BIMI The industry raised Domain-based Message Authentication in 2012 to stop brand impersonation The 2024 Identity Fraud Study by Javelin Strategy & Research reports that U.S. adults lost USD 43 billion to identity fraud in 2023, a 13% rise from the previous year. Phishing remains a major threat, tricking people into sharing personal data or clicking malware links. To combat this, the industry introduced Domain-based Message Authentication (DMARC) in 2012 to prevent brand impersonation.  Major email providers later supported Brand Indicators for Message Identification (BIMI) to incentivise DMARC adoption, requiring senders to verify logo ownership through mark certificates. Common Mark Certificates unlock the benefits of BIMI for more organisations. DigiCert’s commitment  "DigiCert’s new Common Mark Certificates are a game-changer for organisations looking to enhance the security and branding of their email communications,” said Dean Coclin, Senior Director of Digital Trust Services at DigiCert. “By removing the trademark requirement, we’re opening the benefits of BIMI to a broader range of businesses, allowing them to build trust and visibility in their customers’ inboxes. This offering aligns with DigiCert’s commitment to simplifying digital trust while helping organisations meet critical email authentication standards that are becoming increasingly important for both security and brand reputation." Security and DMARC enforcement "Common Mark Certificates are a significant step forward in making email authentication and BIMI more broadly accessible, empowering businesses of all sizes to leverage this powerful technology," said Seth Blank, CTO of Valimail and Chair of the AuthIndicators Working Group, which develops the BIMI standard. "At Valimail, we understand the importance of building trust and ensuring security in email communications. DigiCert’s new offering will enable more businesses to take advantage of BIMI, helping them boost brand visibility while reinforcing their commitment to email security and DMARC enforcement." Common Mark Certificates While companies must still complete a validation process to verify ownership of their email domain and logo, Common Mark Certificates offer the flexibility to secure logos not formally covered by a registered trademark, such as holiday-themed or cause-related variations.  DigiCert's Common Mark Certificates also align with email authentication standards like SPF, DKIM, and DMARC, meeting the recent requirements set by Google and Yahoo for bulk email senders.

As the commentaries that follow detail, in 2024, Valimail pioneers can expect to see a dramatic escalation in AI-fueled disinformation and sophisticated cyber threats, especially during the U.S. election year. With disinformation spreading more rapidly due to advanced AI tools, email authentication will become critical to safeguard against false narratives. The election season will likely see intensified information attacks, highlighting the need for stringent verification of digital communications. Cyber landscape As cyber threats grow more sophisticated with AI advancements, robust authentication will emerge as a key defence necessary to discern real interactions from AI-generated deceptions. This evolving cyber landscape underscores the urgency of adapting security strategies to outpace these emerging challenges. CEO's comments Valimail’s Alexander Garcia-Tobar, CEO and Co-Founder says, A Rise in Disinformation Influenced by Global Events and AI:  In 2024, there will be an acceleration in disinformation, exacerbated by ongoing global conflicts" “In 2024, there will be an acceleration in disinformation, exacerbated by ongoing global conflicts and the growing availability of AI tools that will create and/or spread false narratives more rapidly and convincingly." "This trend will be viewed against a backdrop of declining public trust in institutions, a phenomenon intensified by the US election year. With email being the primary communication tool used, validating sender authentication will become increasingly more important.” Election Year Vulnerabilities and State Actor Threats:  “2024 brings a national election, which will bring a heightened risk of targeted information attacks, especially given explicit warnings from foreign state actors about their intentions to disrupt or influence the electoral process through information warfare." "With email and social networks as primary attack vectors, there will be an increased need to know the authenticity of the sender/originator of the communication.” A Rise in the Importance of Email Authentication and Transparency in Digital Communication:  The source or authorship of information must be verifiable, reducing the potential for impersonation" “Email authentication will play a crucial role in maintaining the integrity of digital communications, especially as disinformation becomes more prevalent. Ensuring the authenticity of the sender will gain acceptance as a vital first step in building trust and accountability online." "This will include the need for transparency in content creation, where the source or authorship of information must be verifiable, reducing the potential for impersonation and misinformation.” CTO's comments Seth Blank, Chief Technology Officer (CTO), Valimail, Increased sophistication and pervasiveness of cyber threats with AI:  “There will be a significant rise in the sophistication of cyber threats, primarily due to the advancement and widespread use of AI and generative AI. This will lead to an increase in the challenges in determining the authenticity of communications as AI technologies become more capable of imitating real human interactions. The potential for more realistic phishing attacks and the spread of disinformation, leveraging AI's ability to mimic different personas convincingly, will be a part of this." "It’s important to underscore that AI can be used not only for beneficial purposes but also maliciously, making it increasingly difficult to discern genuine communications from fraudulent ones. As email has been abused by generative content for decades, the ecosystem should look at email’s existing protections as a way to protect itself from the new threats of generative AI.” Authentication Will Be the Key Defence Strategy:  Emphasis will be put on the need for more robust and sophisticated authentication mechanisms" “Authentication will become the first line of defence against sophisticated cyber threats. And any communication lacking proper authentication will be treated with suspicion." "This approach will become an accepted crucial measure in filtering out potential threats and reducing the risk of falling prey to AI-generated frauds or disinformation campaigns. Emphasis will be put on the need for more robust and sophisticated authentication mechanisms to keep pace with the evolving nature of cyber threats.” A Shift in Threat Landscape Due to Improved Email Security:  “With advancements in email security, particularly through stringent authentication requirements, there will be a shift in the threat landscape. As email becomes more secure and less susceptible to attacks, attackers will pivot to other, less secure communication channels, such as SMS, phone calls, and IOT communications." "This shift will reflect the adaptive nature of cyber-criminals, who continually seek out the weakest points in the security infrastructure, and highlight the ongoing challenge of maintaining a comprehensive security posture that evolves in response to the changing tactics of cyber attackers.”