Ask Synoptek’s cybersecurity chief Drew Williams about protecting tech-based systems and he’ll point to a 363% increase in ransomware attacks—the kind that demand money with a threat to shut the business down.
“We had to chase four of them away in less than a week,” Williams said, after fending off three attackers threatening clients, and one at a business that quickly became one.
Synoptek is an Irvine-based IT consulting and services provider.
The 363% boost is a year-to-date figure through June from Santa Clara-based internet security firm Malwarebytes, in its quarterly report released on Aug. 8.
More than half of all such attacks hit the U.S. and more are aimed these days at companies “as consumer detections were poised to dip below business detections of ransomware for the first time,” Malwarebytes said—“an expression of lost interest from cybercriminals on individual targets as they look to higher value opportunities.”
Williams said some vulnerabilities can be traced to Amazon or Microsoft-based “computing architecture,” signaling a need to introduce security best practices earlier in the development process.
He said business leaders need to wake up to the broad array of threats to computer networks.
Attackers can range from simple computer fans to hostile foreign governments—with some danger from employees themselves.
“Insider threat is the No. 1 most pervasive and most difficult to manage issue in security,” he said. This is “anything from people not being aware of what the rules are to people being downright culpable [from] malice or avarice.”
Greg McCord, director, IT and product security at CalAmp Corp. (Nasdaq: CAMP) in Irvine, said “the threat landscape is continually evolving both internally and externally,” and while companies can amp up cybersecurity efforts, applying “thousands of controls, manual processes and procedures … it’s important to keep it simple.”
Connecticut-based research and advisory firm Gartner Inc. said worldwide spending on information security products and services will grow 9% to $124 billion this year.
McCord said software and telematics maker CalAmp relies on the National Institute of Standards and Technology’s five-step Cybersecurity Framework: identify, protect, detect, respond, and recover.
As Williams’ experience at Synoptek and other events show, OC companies aren’t immune from the threat.
Irvine-based CorVel Corp. (Nasdaq: CRVL), a $1.6 billion market cap workers’ compensation risk manager, said on July 30 some of its computer systems suffered a “security incident” forcing the firm to take affected systems offline. That very week it had worked on the “containment and eradication of the threat.”
CorVel said that systems were incrementally coming back online, gave a few additional details of the incident and cautioned, “There can be no assurance of the ultimate impact of this attack on our business.”
OC has also been at the forefront of network security, from firms such as Cylance and CrowdStrike, both in Irvine.
Canada-based BlackBerry Ltd. (NYSE: BB) thought enough of Cylance to buy it this year for $1.4 billion—a price many now see as a bargain. On June 26, BlackBerry said Cylance produced $51 million in quarterly non-GAAP revenue, almost a fifth of the parent company’s total.
“Today, BlackBerry took a giant step forward toward our goal of being the world’s largest and most trusted AI-cybersecurity company,” Chief Executive John Chen said in February when the purchase was completed. “By adding Cylance’s technology to our arsenal of cybersecurity solutions we will help enterprises intelligently connect, protect and build secure endpoints that users can trust.”
Chen confirmed during a June earnings call that several new cybersecurity products from Cylance will roll out this year.
CrowdStrike (Nasdaq: CRWD), meantime, went public in June and now sports a $21 billion market cap.
It was founded in 2011 in Irvine and relocated to Sunnyvale in 2017. Its products are designed to detect, prevent and respond to security threats and attacks; and provide monitoring, cyber intelligence services, and big data analytics.
Key execs maintain an R&D center in the Spectrum area.
“Several of our executives, including myself, work out of our office in Irvine and [we] continue to support our local employee base and facilities,” Chief Operating Officer Colin Black told the Business Journal in June.