[ISN] We're Watching You

From: InfoSec News (isnat_private)
Date: Fri Apr 26 2002 - 01:09:29 PDT

  • Next message: InfoSec News: "Re: [ISN] Teen Hacker Packs Feminist Punch"

    Joseph C. Anselmo
    Washington Techway
    Thursday, April 25, 2002; 10:45 AM 
    The security chief at a big name brokerage firm in New York had a
    problem. Proprietary information was being leaked from the trading
    floor to a competitor and he didn't know how.
    Enter SilentRunner, a Linthicum-based startup that has developed
    software to enhance network security.
    "We took a look at the 400 [Internet] addresses on the trading floor,"  
    says Jeff Waxman, SilentRunner's president and CEO. "Just before the
    trading shut down at 4 o'clock we watched an e-mail go from one of his
    traders to a competitor with all of their internal information." The
    offender was escorted out in handcuffs and SilentRunner had won
    another customer.
    Protecting corporate computer networks from outside intruders has
    become a big business these days. But information technology security
    experts say it's also crucial to know what's going on inside the
    "Every survey that's ever been done says that two-thirds or
    three-quarters of security [breaches] involve insiders," says Paul
    Connelly, who runs PricewaterhouseCoopers' Technology Security
    Practice for the southeast region. "What an insider can do is much
    more damaging because they know your network and what's critical to
    your network."
    The SilentRunner software was released in June 2000 by defense
    electronics giant Raytheon Co., which spun it off as a wholly owned
    subsidiary last November. The idea for the commercial software came
    from Raytheon's work on top-secret signals intelligence programs,
    which sift through massive amounts of communications to intercept
    conversations from targets such as al Qaeda terrorists. For workers
    goofing off on the job - or worse - the software is downright scary.  
    Loaded onto a laptop, it runs undetected. Twenty five algorithms map
    out how a network is being used - from keeping tabs on intellectual
    property down to every e-mail, every Web site visited and the location
    and make of computers logged on remotely. The software translates huge
    amounts of data into simple illustrations to help network
    administrators spot trouble.
    "This technology will let you determine if [a breach] has happened and
    reverse engineer what's happened with the date, time and sequence so
    that you can see exactly what took place," says Waxman, a veteran
    Silicon Valley software executive. "It also lets you look at your
    network from a high level and say, 'Are there any security issues that
    I need to fix before something happens?'"
    But it doesn't come cheap. A SilentRunner license retails for $65,000;  
    an optional maintenance and support package runs another $13,000 per
    year. Larger customers may need multiple licenses.
    And while SilentRunner enhances security, it does not replace
    firewalls, which can cost $20,000 or more to install. SilentRunner
    doesn't disclose revenue, but says it has sold 240 licenses. Business
    is equally split between government and commercial customers.
    Waxman says the company is "strongly profitable" and executives are
    eyeing an initial public offering after sales ramp up. It's a
    promising market. While security efforts still account for less than 1
    percent of overall IT spending, International Data projects global
    spending on IT security will reach $46 billion by 2005, up from $14
    billion in 2000.
    Michael Rasmussen, director of research and information security at
    the Giga Information Group in Chicago, says SilentRunner's two closest
    competitors are Niksun of Monmouth, N.J., and Sandstorm Enterprises of
    Cambridge, Mass. "In my opinion, SilentRunner leads the field," he
    Some IT security veterans caution that software alone cannot do the
    job. "Having a product without having it monitored 24 hours a day,
    seven days a week radically reduces the effectiveness of that
    product," says Elad Yoran, founder of Riptech, which manages IT
    security for hundreds of clients from an operations center in
    And then there are employees who grouse about privacy. Waxman waves
    off such concerns, noting that companies have a right to monitor
    equipment they own.
    "Some employers don't want their people going to 'SpankMe.com,' some
    employers don't want jokes sent out," he says. "This is simply a
    technology that allows the employer to enforce whatever they choose."
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Fri Apr 26 2002 - 04:31:45 PDT