Battling Cybercrime

Michigan takes it on

By Matthew Totsky


Every aspect of our lives — communication, travel, the economy, national security, just to name a few — depends on a stable and safe cyberspace. Yet, cyberattacks dominate the headlines. Consumer credit card information is regularly compromised. Private celebrity photos are stolen from the cloud. Even the National Security Agency (NSA) has fallen under attack, with former Central Intelligence Agency System Administrator Edward Snowden leaking classified information in 2013 as a prominent example.

Experts agree that cybercrime is a multi-faceted challenge and one of the most critical issues facing information technology professionals today, citing four different categories of cyberattacks:

•     Organized crime: Largely foreign-based hackers dealing in bulk identity thefts or credit card fraud.
•     Fanatics: Individuals or organizations with no clear profit goal but instead driven by a specific cause or motive.
•     Terrorists: Large-scale disruption of computer networks and personal computers by the means of tools such as computer viruses.
•     Internal threats: Most often involving insiders with clearance to sensitive information, which is stolen and distributed for various reasons.

These types of cybercrime not only expose sensitive personal and business information, but also are capable of disrupting critical government operations and imposing high costs on the economy. As these threats — and the cybercriminals behind them — become more intelligent and resilient, the need to combat and control them escalates. And Michigan is making great strides in the battle.

“Several years ago, Michigan Gov. Rick Snyder opened the conversation about the need to prioritize cybersecurity,” says Sean Carlson, vice president, federal procurement, Michigan Defense Center (MDC), Michigan Economic Development Corporation (MEDC). “Whether a bank, a state agency or a private individual, information is now the world’s primary commodity and the security of it is paramount. Michigan — with its cybersecurity ecosystem, talent pool and experience with the kind of advanced IT that is present in every car designed or manufactured in the state today — is perfectly poised to assume the lead in this growing environment.”

The Michigan Defense Center

The Michigan Defense Center is an operation of the MEDC that helps the state’s businesses to grow within the Department of Defense (DoD) and Department of Homeland Security marketplace. Created in 2006 by the MEDC with the mandate to create jobs in Michigan by targeting statewide defense and homeland security opportunities, the MDC focuses on developing the state’s cybersecurity industry.

The MDC’s team of business development managers identifies long-range bid opportunities, strategic partnerships and matchmaking possibilities with a dedicated focus on the cybersecurity industry — including military cybersecurity and other advanced technologies. The MDC team works closely with a network of Michigan Procurement Technical Assistance Centers (PTACs) as well as other stakeholders to prepare Michigan businesses to compete for government contracts by informing them of the opportunities, requirements and processes necessary to become a government contractor. Its Bid Targeting System (BTS) helps small companies decide on what bids to pursue and serves as a prioritization tool for the MDC staff and PTACs to identify opportunities for companies well in advance of the bid posting.

A growing local sector

“The Michigan Defense Center is working with great Michigan companies that are leading global efforts in cybersecurity,” says Carlson. “As we understand their unique capabilities, their interests in supporting the federal government and their need for cybersecurity talent, Michigan will continue to lead the way in this important, burgeoning field.”

OpTech in Troy, MI, is one company benefitting from the MDC’s efforts. OpTech specializes in commercial and federal work focused on IT and cybersecurity. “The security of ‘high-value’ corporate data is one of the highest priorities of today’s CIO,” says Scott Goodwin, vice president of government services at OpTech. “The liability associated with significant breaches can cost an organization millions of dollars and directly affect the value of the business and the CIO’s job itself.”

For more than 15 years, OpTech has assisted its clients in the areas of compliance; developing successful strategies and policies to protect their critical data; assessing their current security posture; conducting penetration testing; continuous network monitoring; incident response; and cyber forensics. The company is constantly developing new solutions to combat the continuing and evolving threats from cyberattackers and was awarded a prime contract with the Department of Homeland Security to provide mission-critical IT and cybersecurity services in 2013.

“We get involved in helping develop incident response plans and answer the question, ‘What do we do if someone gets through a firewall?’” Goodwin says. “We provide continuous monitoring of our clients’ networks, disrupt and deter confirmed attacks and create a game plan for every known scenario — developing effective responses for when incidents do occur — and finally we switch into forensics mode to assess the damage and discover what was lost and who it was lost to.

“In the commercial sector, one of the biggest cybersecurity problems we face is getting organizations to admit they were hacked,” Goodwin says. “They need to understand that other companies and organizations have the same problems, and it would keep people safer if they shared information with law enforcement and others in their industry to combat the problem. Even though this kind of transparency can come with some unwanted bad publicity, it is helpful for the industry overall.”

A new kind of cyberworld

Pontiac, MI-based RazorThreat was founded in 2007 by Greg Guidice, president and CEO. RazorThreat’s Actionable Threat Intelligence solution addresses the most pressing issues facing network security personnel: too much data, too few resources and the various types of ever-increasing threats. RazorThreat’s solutions strive to provide chief information officers and chief information security officers with the confidence that their actual network activity reflects the intended activity, that they have visibility into any misuse of assets and that their critical information assets are monitored and protected.

“Our niche identifies unknown and unauthorized activity to and from critical digital assets on a network, whether it’s an external attack from a malicious actor or a credentialed employee that has gone rogue,” Guidice says. “RazorThreat provides visibility into all unknown and unauthorized activity and puts it into context for immediate action.”

Guidice has noticed a distinct change in the industry since RazorThreat was launched. “When we started, cybersecurity products were signature-based, meaning they could only stop what they knew about it. One had to know what to look for to stop it,” he says.

“We decided to take the opposite approach and focus on detecting what you don’t know, making it easier to identify targeted, customized attacks to the network. We developed positive control analytics that analyze the accepted data from signature-based solutions, detecting the unknown and unauthorized activity they miss. Our approach was early in the market and not well received. We had to wait until signature-based technology went through its lifecycle and the threats became more targeted and customized before we gained greater acceptance.

“Now there are more and more companies coming up with a similar approach to ours, and that is thrilling,” Guidice says. “It validates our approach and makes it more acceptable. Organizations have finally realized that breach is inevitable. It is not a matter of if, but when. The market has validated the requirement for solutions like RazorThreat that compliment signature-based solutions.”

Guidice is pleased about the way the state and Gov. Snyder’s leadership have embraced entrepreneurs and the whole cybersecurity ecosystem. “It’s not all about capital, although that is an important piece,” he says. “You need the infrastructure and support system — coaching and mentoring younger entrepreneurism. We certainly wouldn’t be here without Automation Alley and Ann Arbor SPARK. They were on the forefront of commitment investment to early-stage companies. Without them, RazorThreat wouldn’t have gotten its start. And the state is continuing to make wonderful strides in support of entrepreneurism.”

The anti-cloud

3LG Tech Solutions in Oak Park, MI, is another local company with a unique approach to combat cybercrime. “We are the anti-cloud,” says CEO Stuart Newman. “A lot of people and organizations are trending toward the cloud, taking data and moving it somewhere else and relying on someone else’s security protocol. We feel that the more you move data, the more likely there’s a chance for it to fall into the wrong hands. If the data is staying in-house and if you’ve screened your employees, you can manage it better. At some point you have to ask the question ‘Why send your confidential data into the clouds when you can keep it safer, more secure and more actionable within your own IT infrastructure?’”

Newman knows what sets 3LG apart from other companies in the cybersecurity sector. “Our compression is unique,” he says. “It makes data small and is designed for performance. Each column of data is compressed differently, making it more efficient. If anything happens to the laptop or person, the data is protected because it’s never been decompressed. There are audit trails for compliance and service management. An auditor can see every inquiry in a database and check it out for any unusual activity.

“The brains behind our software is Jack Olson, who literally wrote the book on database profiling,” Newman says. “He conceived and created it, and people in the IT community know who he is. We offer a dual-purpose technology because it’s for the office and it’s mobile. The most underutilized IT resource in almost every organization is the untapped power of its PCs and laptops. Our SecureTech database unleashes that power.”

3LG is a niche business that classifies itself as a startup, and all signs point to a bright future for the company.

“Michigan is a great state for an IT company,” Newman says. “Automation Alley has been so helpful and supportive, and the state has bent over backward to help us and other companies succeed. Gov. Snyder has been aggressive with his leadership role, allowing Michigan to make a mark in the cybersecurity sector. If we were in a different state, we would be a different company. Other states are not doing the things as much or as well as Michigan is.”