Atlanta, a nationally-recognized hub for information security (InfoSec) innovation, has seen a number of companies bloom and prosper in this sector over the last 15 years. But despite advances in threat detection and remediation, cyber security threats persist. From the Epsilon spear-phishing data breach, which came to light last April, to October’s malware attack on NASDAQ’s cloud-based communication tool, Director’s Desk; from the spear-phishing attack on RSA’s SecurID authentication system by an “unnamed nation state,” to the hacking of 1.5 million credit card records from Global Payments, 2011 was aptly named, “The Year of the Breach.”
[Click here for infographic on the worst data breaches in the last decade.]
According to Gartner, Inc., cybercrime is set to grow 10 percent per year through 2016 and the cost of even a moderate breach can be enormous. This is especially so if the cost of an investigation, data restoration, the replacement of compromised hardware, software and sometimes culpable personnel are taken into account. The impact can be even graver if the loss of reputation, shareholder value, and customers result from the breach. A serious breach can even destroy a business. With the stakes so high, it is no surprise that the infoSec market is predicted to be worth $10 billion by 2014.
The most obvious targets for cybercrime are financial data: budgets, forecasts, banking information, company credit card numbers, bank accounts and payroll information. But there are other targets, too. Intellectual property, marketing plans, contact information, product specs, disaster recovery plans, data stored in POS systems or transmitted by credit card processing hardware, employee personal data, the contents of every email sent through mail servers, and, potentially the most damaging of all, customer data, are all viable targets for attackers.
Atlanta has had a long history of infoSec leadership. Former members of Internet Security Systems (ISS), which was founded in 1994, and was acquired by IBM in 2006, have launched many other companies in the infoSec field. Damballa, Oversight Systems, Endgame Systems, SPI Dynamics (acquired by HP) and Reflex Systems are just some of the companies in Atlanta with ISS DNA. The founding partners at TechOperators, a leading venture capital firm whose focus includes early-stage infoSec start-ups, includes ISS alums Thomas Noonan and Glenn McGonnigle.
“As the sector grows, talented engineers are starting their own companies, and they’re being very successful because they know the landscape of the industry. There’s nothing but upside for companies that understand where they sit in the space and have solutions that are new and innovative in areas that haven’t been well-addressed, or disrupt the status quo of the existing market space,” said Glenn McGonnigle, general partner at TechOperators.
In recent years, security technology has evolved from firewalls, virus protection, tokens, and implementing secure http to measures to reduce hacktivism, to provide secure platforms and environments for the Cloud, as well as solutions for corporations that are increasingly embracing ‘Bring Your Own Device’ (BYOD). At the forefront of this fight against data theft are Atlanta companies Damballa, Pindrop Security, Social Fortress, Endgame Systems, and Reflex Security. Endgame Systems, Damballa Inc., and Pindrop Security provide data security services. Social Fortress, an encryption solution, and Reflex Systems specializes in virtualization.
But attacks take place in both the virtual and physical world. A 2011 study by the Ponemon Institute reported that 637,000 notebook computers are lost in airports every year, and two-thirds are never recovered. Some of those laptops will contain information that could be personally or professionally damaging to individuals and corporations.
Conversely, many techniques allow cyber criminals to do their dirty work remotely. Phishing, keystroke logging and viral attacks with worms, Trojan horses, malware and spyware all take place in the virtual world and are as popular as ever. The damage inflicted by some of these methods may not always be immediately apparent but can be just as far-reaching as the theft of a data-rich physical device. In fact, studies indicate that data servers are still the primary target for cyber attacks.
According to the 2012 Verizon Data Breach Investigation Report (DBIR), 94 percent of successful attacks were to data servers, and despite the availability of counter-measures — 96 percent were reported as “not high difficulty” — 97 percent of the breaches could have been avoided by implementing simple or intermediate controls. Despite well-documented consequences and known solutions, attitudes toward protecting data assets are dangerously cavalier.
Perhaps the best defense in the fight against cybercrime isn’t just superior technology counter-measures. Adoption of strong data access policies and a well-trained and vigilant workforce are just as essential for a comprehensive defense against attacks.
The continued use of social networks by employees and consumers alike, increased access to the Internet and corporate networks by mobile devices and the rise of the remote worker present cybercriminals with even more points of attack. The infoSec sector is, in turn, presented with ever more opportunities to create value. And for Atlanta’s infoSec companies, the future couldn’t be brighter.
June 2012 Newsletter
- NOTEWORTHY: Information Security Primer
- SPARKS: Damballa’s Non-Signature based Approach to Cyber-Security Gains Momentum
- MONEY BIN: Information Security and Atlanta: Identifying the Next Wave