This page contains a Flash digital edition of a book.
Cover Story

Secretary of Technology Karen Jackson. And due to its proximity to the federal government, the Northern Virginia area in particular is dense with cybersecurity firms and professionals. Fairfax County is home to 10 of the

Cybercriminals are attacking businesses of all sizes, says Collin Hite of Hirschler Fleischer.

world’s 500 “hottest and most innovative” cybersecurity firms, according to the Cyber- security 500 list by Cybersecurity Ventures, a leading industry research and market analysis firm. (The top Fairfax-based firms include IKANOW, Booz Allen Hamilton, Northrop Grumman and L-3.) “Most people in the

Growing risks “Every kind of organization is realizing

the difficulty that cybersecurity risks pose to their organization and mission, and we’re helping to mitigate those risks,” says Charles Onstott, a senior vice president with McLean-based defense contractor SAIC who is responsible for the technol- ogy company’s cyber, cloud and data science services.


“The cyber threat landscape has changed dramatically in the last 10 years — the persistence of attacks, the frequency of them and the alarming rate at which vulnerabili- ties are discovered and exploited.” A lot of companies think they’re too

small to be a target, but there’s no such thing. “Credit-card data makes somebody a high-value target,” Hite says. By some estimates, the cost of reme-

diating a stolen data record can be around $270 per file. This includes providing credit monitoring and identity theft protection for customers whose data was stolen. For smaller companies, costs associated with data breaches could be the tipping point in shutting down operations. That’s why Hite recommends that companies not only plan ahead for breaches but that they take out cyber insurance policies. Health-care records in particular

are a prime target, he notes, “because you can truly steal somebody’s entire identity with medical records because you have

26 OCTOBER 2016

so much information: their address, their family members, dates of birth.” (About 39 percent of all data breaches were directed against health-care industry targets last year, according to a study by Symantec, a California-based cybersecurity firm.) And while cyberattacks against large

corporations might be coordinated by organized crime outfits in Eastern Europe and Russia, ransomware attacks like the one launched against the Reston dermatology practice are more likely to be the work of lone actors seeking a quick score, Hite says. Ransomware attacks have “become so

prevalent,” he says. “It’s allowing anyone to become a cybercriminal. So you don’t have to be all that sophisticated or have monetary backing to do ransomware. You can pretty much get [the hacking tools] off the internet and become a cybercriminal overnight. The bar to entry into the criminal element is lowering every day.” Adds Hite: “2016 is going to be the

year of ransomware. Because a lot of this stuff is on a smaller scale, you never hear about it. Nobody wants to admit it, so they just pay the ransom and try to go on. You don’t have the time or the resources to fix the system. You just pay the $10,000.”

Opportunity for Virginia Virginia is likely one of the best places

to produce a pipeline of workers to fight these threats. There are more than 650 cyber-related companies in Virginia, according to state

industry recognize that the national capital region has more cybersecurity talent than any other place on Earth, and that’s a great place to seek innovation,” says Rick Gordon, managing partner of the Mach37 cybersecurity busi- ness accelerator in Herndon, an initiative of the Center for Innovative Technology. Since 2013, Mach37 has helped


launch 35 cybersecurity companies that collectively employ more than 100 workers. Companies participating in the accelerator, which helps them with education, seed money and venture capital contacts, agree to establish a significant presence in Virginia within two years of graduating from the 14-week program. Mach37 also announced last summer a new partnership with the University of Virginia’s College at Wise that will work to strengthen the cyber industry in Southwest Virginia. Despite the number of cybersecurity

firms in the state — or perhaps because of it — Virginia has an immediate need for about 17,000 more cybersecurity profes- sionals, with each job paying an average of $88,000 per year, according to a Virginia government-sponsored study by Burning Glass Technologies. “This is a complex issue, and it’s not

going to go away. We need to harness all of the workforce and all of the capabilities we can to make sure we can defend against those who would do us ill through cyber, and that need is only going to grow,” says Jackson, the secretary of technology. In addition to business development,

Virginia companies and the state govern- ment are focused on education and early outreach efforts to build the common- wealth’s cybersecurity workforce.

Photo by Rick DeBerry

Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66  |  Page 67  |  Page 68  |  Page 69  |  Page 70  |  Page 71  |  Page 72  |  Page 73  |  Page 74  |  Page 75  |  Page 76  |  Page 77  |  Page 78  |  Page 79  |  Page 80  |  Page 81  |  Page 82  |  Page 83  |  Page 84  |  Page 85  |  Page 86  |  Page 87  |  Page 88