Experts recommend that companies adopt a “trust but verify” mentality when it comes to electronic transactions to deal with proliferating espionage, cyberattacks and hacking schemes that target consumers, businesses and even political campaigns.
Even trusted business partners such as vendors and clients could unknowingly provide a company or group with infected data and files, for which specialized tools are needed to fix.
Lookingglass Cyber Solutions Inc., a cyberthreat suppression company based in Baltimore and Arlington, Va., is expected to deliver that message at the annual Black Hat security conference at Caesars Palace. It begins Saturday and runs through Thursday. About 6,500 cybersecurity professionals are expected to attend, and more than 100 sponsors, including big names like IBM and Microsoft, signed up.
Derek Gabbard, CEO of Lookingglass, said there’s a “castle and moat” strategy with data threats that isn’t always effective.
Under that model, electronic transactions are inspected to see if streams of data contain malicious software. Similar strategies are used to prevent the transfer of intellectual property to outside, unauthorized parties.
“Unfortunately, these systems lack the ability to reliably and on a scalable basis inspect the data as it passes through network perimeters,” Gabbard said. “There is too much data to sort through to find all of the malicious software or intellectual property. The end result is that as we communicate with our business partners, we unwittingly allow malicious software into our networks and lose our intellectual property.”
Solutions sold by Lookingglass allow companies to analyze and search for threats in partners’ networks and data. Threats can include “botnets,” also known as “zombie armies,” which are interconnected and compromised computers used to send spam, viruses and other malicious material.
Searching for threats outside a company’s network is called “over-the-horizon threat suppression” because it involves a company looking outside of its own data perimeters.
Gabbard said the Lookingglass solutions, including products called ScoutVision and CloudScout, complement broader security solutions provided by big companies like Cisco Systems and Oracle.
“Most of those security solutions are focused on the inside of the customer’s network, which is still and will always be very important. But bringing external intelligence and allowing the customers to start to deal with issues before it hits their networks allows them to be even better at dealing with the internal security issues,” he said.
Lookingglass offers its service mainly to Fortune 500-sized companies and to government agencies. The cost depends on the size of the client and other factors and can run from $5,000 to $10,000 a month to several million dollars per year.
Formerly called Soteria Network Technologies, Lookingglass launched in 2006. It now has 25 employees, and its customer count is in the double digits and growing, Gabbard said.
“We believed the ability to see beyond the traditional security boundaries was a gap in the industry,” Gabbard said. “As enterprises have become more interconnected and dependent on outside partners, vendors, providers, etc., there was not a really good way to understand the threats and risks to those networks. You can’t manage risk you don’t see, and it has been hard to see outside your network. We wanted to help organizations fix that.”
As Lookingglass has grown, events like Black Hat have been important for it to gain exposure. Lookingglass may be looking at other opportunities in the city.
“There are potential customers and new markets headquartered in Las Vegas, including the gaming industry,” Gabbard said.
Cybersecurity also could be important for job creation.
“Because these threats will constantly evolve, our defenses must constantly evolve with them,” Gabbard said. “So this industry will continue to grow and will provide good, high-tech jobs for talented, motivated people. Without them, we don’t have a chance of better defending our economy, our intellectual property and our national interests.”
As part of its marketing campaign during Black Hat this year, Lookingglass is partnering with mixed martial arts fighter Randy Couture and his Xtreme Couture G.I. Foundation to raise money and awareness for American troops wounded in action and their families.