5 SAN DIEGO FIRMS FIGHTING FOR CYBERSECURITY
BY MIKE FREEMAN
August 2016
There are 104 core cyberfirms employing 4,230 workers currently in the region, according to the San Diego Regional Economic Development Corp. Private sector cybersecurity job growth topped 19 percent last year. Here’s a look at five of these San Diego County companies — what they do and what they consider the biggest threat in the cybersecurity world.
VIASAT
The Carlsbad firm is best known as a satellite Internet Service Provider and supplier of inflight Wi-Fi to JetBlue and other airlines. But it also has a diverse cybersecurity business.
ViaSat makes high speed encryption gear, mostly for government networks but also for civilian data centers. It also makes portable, tactical encryption boxes to scramble communications in remote locations or in the field.
It has been in the encryption business since 2004 and has more than half of the government market for tactical encryption products, said Jerry Goodwin (pictured above), chief operating officer for ViaSat’s Government Systems Division.
ViaSat also custom designs networks for government customers and utilities, baking cybersecurity into network architecture and operations.
That expertise also is being applied to ViaSat’s own internal networks — including its 700,000-subscriber Exede satellite Internet service.
The company has established secure operations centers where cyber experts hunt for bad guys attacking its networks.
“We have a number of people in the company who do that for our networks,” said Goodwin. “That part is growing because as our networks grow, we become more of a target.”
ViaSat doesn’t break out cyber revenue. It employs “a couple hundred” people in cybersecurity company-wide, said Goodwin.
CYBERFLOW ANALYTICS
Tom Caldwell is co-founder and executive vice president of CyberFlow Analytics, which uses machine learning algorithms to spot abnormal communications on corporate networks and flag it as a possible breach.
Founded in 2012, Cyberflow makes software designed to uncover cyber threats that sneak past an organization’s firewalls and other defenses at the network edge.
It uses machine learning algorithms that learn digital traffic patterns on an organization’s computer network. Once CyberFlow learns what normal traffic looks like — a process that can take a few days to a month — it’s ready to flag odd communication patterns as potential breaches.
“All of the sudden the Russian mob comes in with a new form of the Dyre Bank Trojan,” said Tom Caldwell, co-founder and executive vice president. “It’s marked so legacy tools can’t detect it. But we start seeing finance computers doing strange things that we have never seen before on this network. We are able to see the abnormal communications.”
Hossein Eslambolchi,CQ former chief technology officer of AT&T, co-founded CyberFlow with Caldwell. It employs about 20 workers, including contractors. It has raised $4.2 million in venture capital and has customers in banking, government and defense sectors.
PACKETSLED
Founded in 2013 by cybersecurity veteran Matt Harrigan, PacketSled makes software that allows customers to dive deep into cyber attacks, pinpointing exactly where the attack is coming from, what files are moving around and what devices are impacted, among other intelligence.
“This shows them the immutable truth about what is going on in their networks and lets them actually start to repair those problems before they become detrimental to the business,” said Harrigan.
PacketSled’s business model aims to allow both large and medium size companies to affordably use the technology.
“If you don’t understand the root cause of a problem, it is very difficult to solve it,” said Harrigan.
A San Diego native, Harrigan was credited with inventing the practice of commercial penetration testing in the book “Kingpin” by Kevin Poulsen, a former hacker who became a journalist. He is former president of NSS Labs, which tests how well cybersecurity products work.
The 20-employee company recently raised $5 million in venture capital to expand its market. It currently has clients in financial services, government, health care, defense, aerospace and online services.
ATTACKIQ
Stephan Chenette is co-founder of AttackIQ. The company’s FireDrill platform lets customers run test cyber attacks to validate that their defenses are working.
Founded in 2013 by Stephan Chenette and Rajesh Sharma, AttackIQ makes FireDrill, a software as a service platform that allows customers to test their cybersecurity defenses by running automated attacks that mimic what’s happening in the real world.
The 15 employee company offers prepackaged tests, or customers can a run a customized attack that they are likely to face in their industry.
“If I’m a chief information officer and read about an attack in the news, I can find how I would hold up to it,” said Chenette. “I could run the Target breach inside my networks if I am another retailer to see how I would hold up.”
FireDrill allows companies to make data driven decisions about their security investments, said Chenette.
AttackIQ recently raised about $8 million to ramp up marketing efforts. It’s a new category of product, which Chenette calls continuous security validation.
“Our vision of the future is in five years, every company that has any security technology whatsoever is using FireDrill to validate that their security is working correctly,” he said.
FHOOSH
Fhoosh co-founders Linda Eigner and Eric Tobias aim to make encryption easier and faster so even if a breach occurs, cyber criminals get data dust instead of data diamonds.
Founded in 2012, Fhoosh aims to make encryption mainstream. So even if a data breach occurs, the hackers get “data dust not data diamonds.”
While encryption is used for payments, digital health records and myriad other activities, it has some drawbacks, said Eric Tobias, chief executive and co-founder of Fhoosh.
One is speed. It can slow down a network, which can be an problem as more data moves to the Internet cloud. It also isn’t foolproof. Even encrypted data can be stolen if hackers also gain access to the keys to unscramble it.
Fhoosh has developed a new way to do encryption, backed by 17 patents.
“Basically what we do is we fragment the data, disassociate those fragments, separately encrypt those fragments and distribute them into separate data stores,” said Tobias. “That allows us to transmit and secure data at speeds never seen before.”
It uses the same techniques to manage encryption keys. Fhoosh claims it can apply encryption and transmit data faster than non-encrypted data.
“One of the things about Fhoosh is you not longer need to compromise performance for security,” said co-founder Linda Eigner.
The 10-employee company has been largely self-funded to date.
Because its fast, the company believes its technology can be used not only in data centers but on consumer devices. It is preparing to release three products but is still tinkering to making the software easier to use.
“We are really trying to provide client side encryption to the everyday user,” said Tobias. “We want people to have control over their own data and not just use server side encryption.”
mike.freeman@sduniontribune.com Twitter @TechDiego