http://www.washingtonpost.com/wp-dyn/articles/A42202-2002Apr24.html Joseph C. Anselmo Washington Techway Thursday, April 25, 2002; 10:45 AM The security chief at a big name brokerage firm in New York had a problem. Proprietary information was being leaked from the trading floor to a competitor and he didn't know how. Enter SilentRunner, a Linthicum-based startup that has developed software to enhance network security. "We took a look at the 400 [Internet] addresses on the trading floor," says Jeff Waxman, SilentRunner's president and CEO. "Just before the trading shut down at 4 o'clock we watched an e-mail go from one of his traders to a competitor with all of their internal information." The offender was escorted out in handcuffs and SilentRunner had won another customer. Protecting corporate computer networks from outside intruders has become a big business these days. But information technology security experts say it's also crucial to know what's going on inside the firewall. "Every survey that's ever been done says that two-thirds or three-quarters of security [breaches] involve insiders," says Paul Connelly, who runs PricewaterhouseCoopers' Technology Security Practice for the southeast region. "What an insider can do is much more damaging because they know your network and what's critical to your network." The SilentRunner software was released in June 2000 by defense electronics giant Raytheon Co., which spun it off as a wholly owned subsidiary last November. The idea for the commercial software came from Raytheon's work on top-secret signals intelligence programs, which sift through massive amounts of communications to intercept conversations from targets such as al Qaeda terrorists. For workers goofing off on the job - or worse - the software is downright scary. Loaded onto a laptop, it runs undetected. Twenty five algorithms map out how a network is being used - from keeping tabs on intellectual property down to every e-mail, every Web site visited and the location and make of computers logged on remotely. The software translates huge amounts of data into simple illustrations to help network administrators spot trouble. "This technology will let you determine if [a breach] has happened and reverse engineer what's happened with the date, time and sequence so that you can see exactly what took place," says Waxman, a veteran Silicon Valley software executive. "It also lets you look at your network from a high level and say, 'Are there any security issues that I need to fix before something happens?'" But it doesn't come cheap. A SilentRunner license retails for $65,000; an optional maintenance and support package runs another $13,000 per year. Larger customers may need multiple licenses. And while SilentRunner enhances security, it does not replace firewalls, which can cost $20,000 or more to install. SilentRunner doesn't disclose revenue, but says it has sold 240 licenses. Business is equally split between government and commercial customers. Waxman says the company is "strongly profitable" and executives are eyeing an initial public offering after sales ramp up. It's a promising market. While security efforts still account for less than 1 percent of overall IT spending, International Data projects global spending on IT security will reach $46 billion by 2005, up from $14 billion in 2000. Michael Rasmussen, director of research and information security at the Giga Information Group in Chicago, says SilentRunner's two closest competitors are Niksun of Monmouth, N.J., and Sandstorm Enterprises of Cambridge, Mass. "In my opinion, SilentRunner leads the field," he says. Some IT security veterans caution that software alone cannot do the job. "Having a product without having it monitored 24 hours a day, seven days a week radically reduces the effectiveness of that product," says Elad Yoran, founder of Riptech, which manages IT security for hundreds of clients from an operations center in Alexandria. And then there are employees who grouse about privacy. Waxman waves off such concerns, noting that companies have a right to monitor equipment they own. "Some employers don't want their people going to 'SpankMe.com,' some employers don't want jokes sent out," he says. "This is simply a technology that allows the employer to enforce whatever they choose." - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Apr 26 2002 - 04:31:45 PDT