Looking at the threat of cyberattacks, BlackStratus CEO Dale Cline noticed a Catch-22: Small- to medium-sized businesses are more likely to be attacked than their larger counterparts, but often lack the resources — financial or otherwise — to develop a strong defense.
So, his company looked to design a software service that addressed the issue, which can have serious ramifications for the future of those companies.
“Eighty percent of all small and medium-sized businesses that suffer a cyberattack go out of business within 18 months,” Cline said. “And when you get your smaller companies, they just don’t have the resources.
“If General Electric has a hard time hiring a qualified security professional, you can imagine what the manufacturer down the street is going through.”
One of the ways the company managed to keep costs down for its clients was to move its software to the cloud, as opposed to the more traditional hardware-based solution for monitoring networks.
“The hardware will tell you the (jeopardized) IP is somewhere inside this customer,” he said. “You don’t know if it’s the server or the printer, because that IP address might be used five or six times within the customer, but you know it’s that customer.
“We addressed that through software innovation where they can send their data to us through the cloud, so from an overhead perspective, we’re not maintaining or updating hardware.”
That concept has led to the company’s product, CYBERshark, which also allows its medium-sized customers to select the services they need and simply pay for those.
Biz in brief
One last thing: The original company was called Net Forensics, which was formed in 1999 and — through growth and a series of acquisitions — became BlackStratus in 2013.
“CYBERShark is the exact same technology that (we have) securing the infrastructure of British Telecom, and we’re providing that to medium-sized companies on a buy-as-you-need basis for hundreds of dollars a month,” Cline said.
It’s a type of Security Information Event Management platform, or SIEM, which is a part of the cybersecurity industry focused on bringing a comprehensive view of all the security events that are going on across an organization or a company.
“A simple example would be a firewall would block traffic to a certain event, as much as it knows how to, but what SIEM does is ties together lots of events and correlates them to determine whether or not those events taken together constitute a risk,” Cline said.
One common incident that involves a series of events is called a denial of service, where a website is flooded with, and ultimately shut down by, authorization requests.
BlackStratus’ technology is designed to connect those dots.
“With our technology, what you’d be able to see is that there’s an attack on a firewall, but we could also note that, somewhere else in the network, someone tried to get into the network three or four times with a failed password and then were successful,” he said.
“Then we could notice somewhere else in the network that data was being extracted out to the same location that just had the failed authentication.
“What our technology could do is look at that and show that it’s an escalating threat, because what happened was they used a denial of service as a distraction while, at the same time, they were breaching the network with a bunch of old passwords until they got in and, once they got in, they started extracting data out of the network.”
That doesn’t mean BlackStratus can stop cyberattacks before they happen, but Cline said understanding the attacks early can mitigate the costs of a breach.
E-mail to: firstname.lastname@example.org