News by Professionals 4 Professionals

hacking

Optiv Security acquires East Coast cybersecurity firm

Optiv Security said Monday that it will boost its presence in the northeast with the acquisition of Comm Solutions, a much smaller security firm in Pennsylvania that offers similar cybersecurity services to large businesses. Terms of the deal were not shared. The move is part of Optiv s growing expansion, which started with two companies merging in 2015 to create Optiv.

This is really about expanding our presence and accelerating our execution in North America. This market is a huge opportunity for what Optiv does, said Tim Hoffman, Optiv s executive vice president of worldwide client solutions. Optiv, which is based in Denver, is a massive security-services firm that offers anything from anti-hacking services to monitoring networks and cleaning up breaches after an intrusion.

The company was born in 2015, when Denver s Accuvant merged with FishNet Security[1] of Overland Park, Kansas. It started with customers and became a $1.5 billion player[2] in the industry, according to trade publication CRN. Last year, Inc. magazine ranked Optiv at No. 3,375 on its Inc. 5000 list[3] of America s fastest growing companies. Its revenues reportedly totaled $1.8 billion over three years. In November, Optiv filed to become a publicly-traded company[4], listing pro-forma net income for the first nine months of 2016 at $643.8 million and a net loss of $5.7 million. But it reversed direction a month[5] later, selling a majority stake to private investment firm KKR. Comm Solutions, meanwhile, is no startup. The Malvern, Penn., company was founded around 1980 and started as a small cable assembly company. Over the years, it morphed into networking and then securing the network. It now operates on the East Coast, from Virginia to New York.

We do the same thing Optiv does, but on a smaller scale, Comm Solutions CEO Paul Black said. What we add to the mix is a regional presence.

But Black added that it s a two-way deal. Comm Solutions gets access to the resources that a billion-dollar company can offer, such as a legal department, access to Opitv s information security services and the relationship with more than 350 vendors.

We just don t have the breadth of capabilities that Opitv has, Black said.

Comm s 71-person team will be integrated into Optiv by the second half of 2017. But for the most part, Optiv plans to keep Comm Solutions operating as a regional office. Optiv employs 1,800 people globally, including about 250 in metro Denver.

References

  1. ^ Accuvant merged with FishNet Security (www.denverpost.com)
  2. ^ became a $1.5 billion player (www.crn.com)
  3. ^ No. 3,375 on its Inc. 5000 list (www.inc.com)
  4. ^ become a publicly-traded company (www.reuters.com)
  5. ^ reversed direction a month (www.optiv.com)

World View: China’s South China Sea Policy Related to Food Security in Times of War

SIGN UP FOR OUR NEWSLETTER

This morning s key headlines from GenerationalDynamics.com[1]

SIGN UP FOR OUR NEWSLETTER

  • Vietnam protests China s fishing ban in the South China Sea
  • China s fishing ban related to food security in times of war
  • North Korea fires four ballistic missiles into sea near Japan

Vietnam protests China s fishing ban in the South China Sea

World View: China's South China Sea Policy Related To Food Security In Times Of War
Chinese fishing fleet in the South China Sea (Hakai Magazine)

China, whose claim of sovereignty over the South China Sea has been declared illegal by the United Nations Permanent Court of Arbitration (PCA) in the Hague, has imposed a fishing ban on the North China Sea, including regions that are in the exclusive economic zones and historical fishing grounds of Vietnam and the Philippines. China s announced ban begins on May 1 and ends on August 16. The South China Sea is estimated to hold 11 billion barrels of oil, 109 trillion cubic feet of natural gas, and 10 percent of the world s fisheries. Furthermore, 30% of the world s shipping trade flows through the South China Sea. Vietnam s foreign ministry spokesman said, Vietnam resolutely opposes and rejects the regulation issued by China. Vietnam will dispatch fisheries surveillance ships across its territorial waters, focusing on areas where China has issued its fishing ban. The fisheries surveillance ships will protect and assist Vietnamese fishermen in these areas.

News reports do not indicate what form this protection will take. China has blocked other nations from fishing in their traditional fishing grounds by using armed coast guard vessels, and ramming fishing boats or threatening military action. It s not known whether Vietnam s fisheries surveillance ships will be armed, and whether there will be a possibility of a military confrontation that could escalate. According to reports last year, Vietnam is deploying mobile rocket launchers on five of its bases in the Spratly Islands, in order to confront China. VN Express (Vietnam) and AP and VN Express[2][3]

Related Articles

China s fishing ban related to food security in times of war

For years, China s has had a goal of food self-sufficiency, but with 20% of the world s population, but only 9% of the world s arable land, this kind of food security has always been out of reach. Thus, while China s grain production has increased by 44% between 2003 and 2015, its grain imports (including soybeans) during the same period skyrocketed by nearly 400%, indicating that growth in domestic grain production is unable to keep up with population growth. The history of agriculture in the 68 years of the People s Republic of China has been dismal. The worst episode was the Great Leap Forward in 1958-59, a man-made famine where Mao Zedong killed tens of millions of people through starvation, slaughter, and executions. In the past 30 years, China has achieved a remarkable increase in grain productivity, but that achievement was accomplished through overuse of chemical fertilizers and pesticides coupled with intensive farming practices that have contributed to severe degradation of land quality, and an even larger scale of land pollution. Today, China s agricultural sector is dominated by hundreds of millions of small household farms, low and inefficient management at the rural level, and severe corruption of local government officials. In addition, China is facing a water crisis, with China s agriculture using two-thirds of the country s water resources.

According to the International Public Policy (IPP) organization in Singapore, China should abandon its tight control over agricultural resources, and resort to using the global agricultural market, as other countries do. However, the IPP points out that this will be insufficient in times of war (a full-scale war with the United States or other big countries) which leads to the total collapse of the global food markets, and will have to take further steps to prepare for war with the U.S. or other countries:

To prepare for the worst case scenario, the Chinese government needs: 1) to maintain sufficient strategic food reserves which can meet the country s food needs based on subsistence consumption levels during the period that new food products are produced; 2) protect key agricultural resources, particularly arable land and fresh water so as to develop agricultural potential which can be quickly utilized to produce enough food for the country in times of war. Control of the South China Sea is important to China not only for its energy deposits but for food security depending on massive amounts of fish from the SCS to supplement its agricultural output, especially in case of war.

However, China s huge fleets of fishing boats have overfished the SCS, and have depleted a number of species. Thus, food security is at the heart of China s demands for a moratorium on fishing in the South China Sea from May 1 to August 16. However, China s is also using military means to enforce its moratorium on other countries, notably Vietnam and the Philippines. Vietnam is making its own military preparations to confront the Chinese, as described above. In the case of the Philippines, access to fish has become a bargaining chip. Last fall, Philippines president Rodrigo R. Duterte announced a cutoff of relations with the United States, and also announced that the relationship with the U.S. would be replaced by a relationship with China. As a result of that agreement with China, Philippines fishermen were once again permitted to fish in the country s traditional fishing grounds around Scarborough Shoal.

Nonetheless, the Philippines military still has close ties with the U.S. military, and several Philippines ministers are expressing alarm that China might military the Scarborough Shoal, and gain military control of the entire South China Sea. International Public Policy Review and Jamestown and Hakai Magazine (Canada)[4][5][6]

Related Articles

North Korea fires four ballistic missiles into sea near Japan

As I m writing this article on Sunday evening (ET), North Korea has launched four ballistic missiles into Japanese waters, once again in violation of UN Security Council resolutions.

Once again, this is a new embarrassment to China. This is particularly true right now, as China s National People s Congress is in session, during which China s leaders are undoubtedly giving speeches condemning South Korea s decision to deploy the Terminal High Altitude Area Defense (THAAD) antimissile system, which China hates. Thus, these missile launches can only be seen as a message that North Korea s child dictator Kim Jong-un is sending to China, presumably to get revenge for China s decision to halt coal imports from North Korea.

Once again, North Korea s child dictator Kim Jong-un is a major problem for the Chinese government, and sooner or later China may decide to do something about it. Reuters and Yonhap News (Seoul)[7][8]

Related Articles

KEYS: Generational Dynamics, China, Vietnam, South China Sea, Spratly Islands, United Nations Permanent Court of Arbitration, PCA, Mao Zedong, Great Leap Forward, Philippines, Scarborough Shoal, Rodrigo R. Duterte, North Korea, South Korea, Terminal High Altitude Area Defense, THAAD
Permanent web link to this article
Receive daily World View columns by e-mail[9][10]

References

  1. ^ GenerationalDynamics.com (www.generationaldynamics.com)
  2. ^ VN Express (Vietnam) (e.vnexpress.net)
  3. ^ VN Express (e.vnexpress.net)
  4. ^ International Public Policy Review (www.ippreview.com)
  5. ^ Jamestown (jamestown.org)
  6. ^ Hakai Magazine (Canada) (www.hakaimagazine.com)
  7. ^ Reuters (www.reuters.com)
  8. ^ Yonhap News (Seoul) (english.yonhapnews.co.kr)
  9. ^ Permanent web link to this article (GenerationalDynamics.com)
  10. ^ Receive daily World View columns by e-mail (GenerationalDynamics.com)

Minnesota’s computer systems are often old — and at risk

Many of the state of Minnesota s data centers are vulnerable to both intruders and water damage. The state s crack cybersecurity team doesn t have a night shift. And the only people who know how to maintain code handling billions of dollars in state transactions are near retirement or long past it.

Things haven t changed that much, said Mike Arlett, a retired 79-year-old programmer who still comes into work periodically because he s one of the few people left who can update the venerable COBOL code[1] he s worked on for decades. It s basically the same as it was many, many years ago. It s just running on a bigger, faster platform. These cybersecurity risks and antiquated technology are front and center at the Legislature this spring, where lawmakers are considering whether to spend more than $100 million bringing the state s software into the current decade. Members of both parties agree it s a priority to provide secure and modern technology for a state government that does just about all of its work on computers. But it s not the only priority as lawmakers decide how to split up a projected $1.65 billion surplus[2] between tax cuts, schools, roads and bridges, technology, and a range of other popular programs.

That s not a new issue, which is part of why the need has gotten so big.

With the politically driven budget process, it gets very hard to schedule (technology upgrades) on a proper basis, said Steven Bellovin, a professor of computer science at Columbia University who has researched cybersecurity. About the time when you say it really should be done, it s rarely urgent to do it right then. It makes perfect sense to postpone it once but that keeps happening. Gov. Mark Dayton and the department of Minnesota IT Services have requested more than $125 million for technology upgrades in the next two-year budget. Lawmakers are likely to approve at least some of it but how much remains an open question. The requests primarily fall into two areas:

  • $74 million to improve the state s cybersecurity
  • $51 million to upgrade antiquated hardware and software

SECURITY NEEDS

The most urgent tech problem facing Minnesota is cybersecurity.

Recent events from Target s massive data breach[3] to the hacking and leaking of Hillary Clinton s campaign chairman John Podesta s emails to an attack last year that knocked out the internet for much of the East Coast[4] highlight the potential risks from lax cybersecurity.

Minnesota's Computer Systems Are Often Old — And At Risk

Pioneer Press: Scott Takushi

Security engineer John Israel monitors threats to Minnesota s cybersecurity in the state s Security Operations Center in St. Paul.

And Minnesota s computer systems present plenty of targets for criminals. State computers process billions of dollars of transactions each year and store data on students, vendors and benefit recipients.

A major breach would require our state to cover millions of dollars in identity theft costs and lead to millions of dollars in consumer fraud losses, Thomas Baden, Minnesota s chief information officer, said earlier this year. It would also diminish the trust Minnesota has in government. Cyberattacks today are much faster than a decade ago, said Christopher Buse, the state s chief information security officer. They re certainly more sophisticated. They re more targeted, and they re more frequent. The state responds to these attacks from a dimly lit operations center tucked inside an office building near the Capitol. From there, a core team of nine cybersecurity workers monitors a feed of network data and responds to attacks pre-emptively if possible, reactively if necessary.

But Buse said he feels he could do a much better job protecting the state s data with more resources. Dayton has proposed $74 million to bolster Minnesota s cybersecurity. That includes adding more staff, consolidating data centers that a recent audit[5] found weren t secure from potential intrusion or damage, and making general upgrades to the state s software.

A very high percentage of successful attacks exploit flaws for which a fix is available but hasn t been deployed, Bellovin said. Another shortcoming that more money could fix: the team has no night shift. Computer attacks can come at all hours of the day and from anywhere in the world. But Minnesota s Security Operations Center is only fully staffed during day hours.

Skimping on security is foolish, warns Bellovin.

Your best touchstone for this is what the private sector is doing, because they ve got a bottom line, they ve got profit and loss, and they are spending more and more on security because they have to, Bellovin said. Minnesota has fewer than 60 total cybersecurity staff working for all of state government. Minneapolis-based U.S. Bank, whose annual revenue is roughly on par with Minnesota s annual general fund revenue, has more than 550 cybersecurity staff.

OLD SOFTWARE

Arlett s experience coming in from retirement to maintain decades-old code is far from unusual. Many of the state s computer systems are really old.

A couple of these systems predate the internet, Baden said. Several of these systems predate the mouse.

Minnesota's Computer Systems Are Often Old — And At Risk

Pioneer Press: Scott Takushi

Mike Arlett, 79, still consults for and manages a decades-old computer system for the Department of Human Services in St. Paul. Arlett chooses to come in part time in his retirement to maintain the system for which he s written thousands of lines of code over the decades.

There are 123 state government applications running on old, outdated or dead computer languages, said a representative for MN.IT, the state information technology agency. There s the Medicaid claims system running code that dates to the 1970s, an equally old Department of Education mainframe, and the statewide accounting system scheduled to go out of date in January 2018.

This poses less-dramatic problems for the state than cybersecurity vulnerabilities. In fact, by virtue of being obsolete, some of these systems may actually be safer than more modern software since no one targets them.

There s not a lot of hackers who understand 1970s-era COBOL at this point, Bellovin said, referring to the computer programming language. But old systems pose other problems. The same obscurity that makes them hard for hackers to breach also makes them hard for state workers to maintain, because students don t learn old computer languages like COBOL anymore.

Personnel wanted to know, how come we didn t have any entry-level people? Arlett said. Well, nobody trains them. All we have are, basically, senior people with 10, 20, 30 years experience. These senior-level staff are more expensive. And around 90 percent of them will be eligible for retirement within five years. It s a similar story at many other state projects.

If a system s hardware is old, that can cause problems when parts break that aren t made any more. Bellovin mentioned an example of how the FBI was once reduced to buying spare parts on eBay.

The upgrades of these obsolete systems is going to save money, Bellovin said. You are going to spend a little bit of money now you re going to save money going forward. In Minnesota s case, though, it s more than a little bit of money. Dayton is requesting $51 million in upgrades to the state s computer systems. But Bellovin warned that these upgrades, while a good idea, would likely take more time and money than projected.

The conversion is likely to be a disaster, he said. Software development is very hard to manage. If you contract it out, it s harder unless you have very good management of the whole process.

Minnesota has seen several troubled technology rollouts in recent years, most notably the debut of MNsure.org[6]. In a statement, MN.IT Deputy Commissioner Jesse Oman acknowledged that tech upgrades can be challenging but said Minnesota needs to step up to the challenge. Making upgrades now, Oman adds, would also make future conversion projects easier.

SUPPORT IN LEGISLATURE FOR UPGRADES BUT HOW MUCH?

Dayton s $125 million request is expensive, both in its own right and as a share of the projected $1.65 billion budget surplus[7]. And there will be lots of rivals for the cash.

Minnesota's Computer Systems Are Often Old — And At Risk

Courtesy photo

Senate Majority Leader Paul Gazelka, R-Nisswa

Republicans like Senate Majority Leader Paul Gazelka say they want as much as possible of the surplus for tax cuts while also funding education and transportation. Dayton s pushing hard for money for conservation, preschool, higher education, rural broadband and other topics. But in Minnesota s divided government, tech upgrades are a matter that has support in both parties even if people don t always agree on exactly how much to spend. Even as Dayton pushes for more tech funding, Republican House Speaker Kurt Daudt of Crown is pushing an technology initiative aimed at modernizing state government. Complicating matters is that it isn t just one decision about how much to spend on IT. Each part of the budget education, health and human services, public safety, environment and natural resources and more goes through a different committee. And each committee gets to decide how much of its budget share goes to technology.

Some key lawmakers are looking skeptically at putting more money into IT. Rep. Sarah Anderson, R-Plymouth, said she s not convinced MN.IT has achieved all the efficiencies it should have by consolidating state IT functions into a single agency. That makes it more challenging for her to support millions of dollars in additional funding for cybersecurity even though she agrees that improving the state s cybersecurity is a key goal.

We re not getting the full information, and we need to have that to make sure we re not making bad decisions, said Anderson, whose budget committee is considering a $22 million cybersecurity request from MN.IT.

Minnesota's Computer Systems Are Often Old — And At Risk

Courtesy photo

Sen. Michelle Benson, R-Ham Lake

Oman said MN.IT is saving around $15 million per year through consolidation.

We agree with Chair Anderson on the importance of making Minnesota more efficient, he said. This proposal will help get the state there faster.

Sen. Michelle Benson, R-Ham Lake, said the key to securing funding is a champion for it on legislative budget committees. She oversees the Senate s health and human services budget committee and said she d try to be that champion but can do only so much.

I have a big budget I have to manage, Benson said. I will try to make room for IT and security priorities within that budget. I hope that other chairs look at it similarly.

References

  1. ^ COBOL code (en.wikipedia.org)
  2. ^ a projected $1.65 billion surplus (www.twincities.com)
  3. ^ Target s massive data breach (corporate.target.com)
  4. ^ an attack last year that knocked out the internet for much of the East Coast (www.wired.com)
  5. ^ recent audit (www.auditor.leg.state.mn.us)
  6. ^ the debut of MNsure.org (www.twincities.com)
  7. ^ projected $1.65 billion budget surplus (www.twincities.com)
1 2 3 19