Valley companies on cutting edge of cybersecurity | Crain's Phoenix

Valley companies on cutting edge of cybersecurity

Reports of internet hacks and massive data breaches have become increasingly common — and expensive. Last year, the average cost of a data breach in North America was $1.3 million for enterprises and $117,000 for small and medium-sized businesses, according to a report from Kaspersky Lab.

That’s made for robust business in the internet security industry. Cybersecurity spending is expected to exceed $1 trillion from 2017 to 2021, according to Cybersecurity Ventures, which researches and reports on cybercrime costs. Consequently, Scottsdale-based SiteLock is very much in demand.

“We started this company to help small businesses combat exactly those issues,” said Neill Feather, the president of SiteLock, which provides website security solutions for business. “It’s absolutely top-of-mind for me. As a consumer, it concerns me from a data-privacy perspective. But from a SiteLock perspective, we’re aiming to help business owners protect their interests and their customers’ data, as well.”

Modern businesses rely on the internet, which puts lots of sensitive customer information at risk. Businesses that use or collect such data are supposed to protect it. That creates both an opportunity and a challenge for SiteLock, which is charged with protecting over 12 million websites around the world.

“We offer a variety of products to help small businesses keep their websites fast and safe for their customers,” according to Feather. “We try to help businesses prevent breaches from occurring through their websites, which are often a weak link in IT infrastructure. It’s a public-facing IT asset, whereas most IT assets are kept behind firewalls, making them less exposed than a website might be.”

Aside from helping to prevent hacks and breaches, SiteLock also deals with the aftermath, helping businesses recover from those events. While cybersecurity is an expense that most companies have to bear, the burden of internet hacks and data breaches is even more expensive. The cost of cybercrime damage is projected to reach $6 trillion annually by 2021, according to Cybersecurity Ventures.

Complacency poses major threat

“My biggest concern is the lack of awareness and complacency that we see among some small and medium-sized businesses,” Feather lamented. “Though they are the targets of attacks, they tend to believe that it only happens to the big guys. This is what they see with the Targets and Sonys. So, they’re conditioned to think these are all targeted attacks, aimed at large companies.” 

In reality, Feather says most attacks are aimed at small and medium-sized businesses with 100 or fewer employees. However, those attacks don’t create headlines, which leads to the lack of awareness. If a 50-person firm experiences a website hack, no one hears about it. When a large company is compromised, we all hear about it.

In Feather’s view, internet hackers are business people too and they are always looking for the greatest return on their investment.

“A lot of times, they’re looking for weaknesses in popular software and then attacking those weaknesses across a wide variety of targets. It’s a little bit different from the past, where they would try to focus on one large-value target and go after that," Feather said. "Now, it tends to be more dispersed. With the amount of automation that cybercriminals are able to employ, they’re able to attack hundreds or thousands of businesses they identify as having the same weak spots that they can exploit over and over again.”

Many cybercriminals are looking for ransom to recover data or to even access a compromised computer network. The cost of global ransomware damage was expected to exceed $5 billion in 2017, up from $325 million in 2015, according to Cybersecurity Ventures. That’s a 15-fold increase in just two years.

However, Feather says hackers are also looking for “eyeballs” or traffic, as well as access to additional computing resources that allow them to expand their attacks. 

“From our perspective, websites offer a lot of those things because they have a lot of customer data that’s inputted into databases. They also get a lot of traffic, which makes them a good distribution point for additional attacks against end users. If hackers are able to compromise someone’s PC, they get a certain amount of computing resources. If they’re able to compromise someone’s website server, they’re getting that times 100 or 1,000. It enables them to launch much broader attacks.”

Feather says that hackers are actually able to monetize website traffic. The most innocuous example would be putting cookies into your browser for having visited a website, which gives them credit for any purchases you make. Sometimes they might even get an affiliate kickback for a purchase. 

“Some outlets just pay for traffic,” Feather said, “so they’ll send you to a third-party website that you didn’t intend to go to."

Hackers are continually evolving their methods, making cybersecurity a game of cat and mouse. Companies in the field need to employ a variety of approaches to keep up with these progressive threats. 

“Because we scan over 12 million websites every day, we have access to a lot of data about what’s happening on the internet, what threats are evolving and what new strains of malware may be out there,” Feather said. “So, we’re able to put it all together and either predict or act very quickly to changes in the cybersecurity landscape.”  

In order to be proactive and get ahead of the attackers, SiteLock has implemented a risk profile for each of its website customers. Based on its data, SiteLock is able to determine how likely they are to suffer a compromise. SiteLock also enforces a strict privacy policy to be sure that its own customers’ data remains protected. “We have a variety of security protocols in place to make sure that data is both secure and private for our customers,” Feather said.

'Hacks are growing in complexity'

Another company on the forefront of cybersecurity is Scottsdale-based GoDaddy, which offers domains, websites and online marketing. The company has over 17 million customers worldwide and 73 million domain names under management. 

“Hacks are growing in complexity,” said Tony Perez, the head of GoDaddy’s security product group. “It’s becoming harder for small business to stay ahead of the problem. We’re concerned, but it’s an opportunity for us to position ourselves as a service provider to our customers. We recognize that it’s very difficult for our customers to stay ahead of all the moving parts.”

Perez says GoDaddy believes that security should be transparent to its customers. The company recognizes that a variety of threats — from data breaches to ransomware — continue to evolve and GoDaddy's job is to alleviate these concerns for its customers. To that end, GoDaddy uses a variety of tools and methods to address the challenge of cybersecurity.

“Every time one of our customers goes online, they become part of what we consider the largest supply chain for the internet,” Perez said. “We’ve seen contributions from hacks into larger networks. So we’re spending our time asking what key things we should be focusing on.” 

According to Perez, GoDaddy looks at the world through four domains: presence, communication, identity and continuity. In the company’s view, when someone begins a new venture, they need to establish a presence and communicate securely across multiple platforms.

“At a minimum, we have to ensure that if anything does happen, we provide them continuous continuity,” he said. "If a customer has an established website or online plan, we have to ensure that we keep it protected and mitigate any potential attack that would exploit it.”

Perez’s biggest concern is educating customers and getting information to them. Like Feather, he is troubled by the vulnerabilities of small business. 

“Security, unfortunately, is not revenue-generating for a lot of organizations,” he says. “So, we’re constantly fighting to get that visibility within small businesses, trying to get them to apply the right level of energy toward it. It’s not a technological problem that we have; it’s often an education and a people problem.”

While many attacks are attributed to China, Russia or Eastern Europe, Perez says attacks can originate from anywhere in the world, including the U.S. In his view, hackers are always seeking to make money from their criminal endeavors. They seek to hack the point-of-sale systems of small businesses and steal account numbers and magnetic information on credit cards, as well as Social Security numbers, financial statements and other similar data. 

"If they breach a large network and take information from millions of accounts, they can sell it on the black market and make money that way," Perez said. "If they compromise a small business with 10-15 employees, they can hold that data hostage from the business, which becomes the victim. If that business doesn’t have some form of backup or way to ensure continuity over time, then they’ll be forced to pay ransom to get the data back.”

Perez does not believe that cutting-edge technology is necessarily required to keep up with the evolving threats. “You could say we employ a very pragmatic approach. We focus on the things that we know for a fact are affecting our customers and we target them. We focus on what the attackers are trying to accomplish and work backward from there.”

In Perez’s estimation, the hackers aren’t always a step ahead and those in the cybersecurity field aren’t always trying to play catch up. At the same time, he recognizes that the odds favor the cybercriminals.

“In the cybersecurity world, we have to be right every single time," he said. "The hackers only have to be right once. As the internet continues to expand and more people go online, it’s impossible to stay ahead of everything. We just have to use a very pragmatic approach.”

February 26, 2018 - 10:54am