How To Build A Cybersecurity Company



Similar documents
SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles

An Accelerated Pathway to Careers in Cybersecurity for Transitioning Veterans. NICE Annual Conference November 2015

Contents. Facts. Contact. Company Biography...4. Qualifications & Accolades...5. Executive Leadership Team...6. Products & Services...

Cyber R &D Research Roundtable

Cybersecurity Strategic Talent Management. March, 2012

GIAC Certification. Enterprise Solution

Professional Services Overview

SECURE POWER SYSTEMS PROFESSIONALS (SPSP) PROJECT PHASE 3, FINAL REPORT: RECRUITING, SELECTING, AND DEVELOPING SECURE POWER SYSTEMS PROFESSIONALS

What We Do. security. outsourcing. policy and program. application. security. training & awareness. security solutions

2014 CYBER INDUSTRY SURVEY

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

GIAC Program Overview 2015 Q4 Version

of Highly Effective Security Professionals By Sondra Schneider CEO Security University

FedVTE Training Catalog SUMMER advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

Cyber Security Solutions Integrated. Proactive. Resilient.

SANS CyberTalent VetSuccess Immersion Academy. VetSuccess

Penetration Testing Guidelines For the Financial Industry in Singapore. 31 July 2015

Information Security Engineering

Business Case Outsourcing Information Security: The Benefits of a Managed Security Service

Everything You Wanted to Know about DISA STIGs but were Afraid to Ask

FedVTE Training Catalog SPRING advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

A COMPLETE APPROACH TO SECURITY

JOINT EVENT WITH IIBA-LA. Trends & Best Practices in. Cybersecurity for networks, cloud computing and mobile

Developing a Mature Security Operations Center

Auditing After a Cyber Attack JAX IIA Chapter Meeting Cybersecurity and Law Enforcement

Security Transcends Technology

(BDT) BDT/POL/CYB/Circular

Cybernetic Global Intelligence. Service Information Package

Course Descriptions November 2014

State Agency Cyber Security Survey v October State Agency Cybersecurity Survey v 3.4

C ETS C/ETS: CYBER INTELLIGENCE + ENTERPRISE SOLUTIONS CSCSS / ENTERPRISE TECHNOLOGY + SECURITY

Cyber Security Management

Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services

Course and Service Portfolio Specialized IT courses for IT professional and organizations willing to take benefit from the competitive advantages

Report on CAP Cybersecurity November 5, 2015

IT Risk Management: Guide to Software Risk Assessments and Audits

Paul Vlissidis Group Technical Director NCC Group plc

Cybersecurity Certificate Programs

MASTER S DEGREES & GRADUATE CERTIFICATES REGIONAL ACCREDITATION FUNDING OPTIONS

On Demand Penetration Testing Applications Networks Compliance.

The fast track to top skills and top jobs in cyber. Guaranteed.

HP Fortify application security

CFIR - Finance IT 2015 Cyber security September 2015

Case Study: Hiring a licensed Security Provider

SCOPING QUESTIONNAIRE FOR PENETRATION TESTING

The fast track to top skills and top jobs in cyber. Guaranteed.

Network Management and Defense Telos offers a full range of managed services for:

Presented by Evan Sylvester, CISSP

Security Architecture: From Start to Sustainment. Tim Owen, Chief Engineer SMS DGI Cyber Security Conference June 2013

Actions and Recommendations (A/R) Summary

CyberSecurity Solutions. Delivering

Scoping Questionnaire for Penetration Testing

CBEST FAQ February 2015

S A N S Results for Calendar Year 2008

Middle Class Economics: Cybersecurity Updated August 7, 2015

Access FedVTE online at: fedvte.usalearning.gov

THE 411 ON CYBERSECURITY, INFORMATION SHARING AND PRIVACY

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

BlacKnight. Cyber Security international A BUSINESS / MARKETING PRESENTATION

Application Backdoor Assessment. Complete securing of your applications

Worldwide Security and Vulnerability Management Forecast and 2008 Vendor Shares

CESG CIR SCHEME AND CREST CSIR SCHEME FREQUENTLY ASKED QUESTIONS

NIST National Institute of Standards and Technology

Cybersecurity: Protecting Your Business. March 11, 2015

Presented by Frederick J. Santarsiere

Computer Security and Investigations

Compliance. Review. Our Compliance Review is based on an in-depth analysis and evaluation of your organization's:

Procuring Penetration Testing Services

Testing the Security of your Applications

Cybersecurity Workforce Training Partnership

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

Cybersecurity: Considerations for Internal Audit. IIA Atlanta Chapter Meeting January 9, 2015

NIST Cybersecurity Framework & A Tale of Two Criticalities

DoD Directive (DoDD) 8570 & GIAC Certification

FFIEC Cybersecurity Assessment Tool

Appendix A: Gap Analysis Spreadsheet. Competency and Skill List. Critical Thinking

Examining the Evolving Cyber Insurance Marketplace

MEMORANDUM. Date: October 28, Federally Regulated Financial Institutions. Subject: Cyber Security Self-Assessment Guidance

OVERVIEW DEGREES & CERTIFICATES

WHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY?

Reliable, Repeatable, Measurable, Affordable

The Emergence of the ISO in Community Banking Patrick H. Whelan CISA IT Security & Compliance Consultant

FFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Boards of Directors

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Continuous Network Monitoring

Penetration Testing in Romania

Transcription:

A Service Disabled Veteran Owned Small Business Maryland 2014 The Cybersecurity Industry Window of Opportunity John M. Leitch President & CEO Winquest Engineering Corporation V1.3 1

Agenda Industry Windows of Opportunity Industry Comparison & Conclusion Winquest Engineering Introduction Business Challenges Lessons Learned Open Forum 2

Detroit in the Early 1900s The Automotive Industry Window of Opportunity - Many large players; Olds, Ford, Dodge, Chrysler, Cadillac, etc. - Large network of parts supply companies - A product in early development (about 20 years old - 1899) - Close to resources (iron ore, copper, coal, etc.) - No corporate taxes until 1909 & no incentives - Very little education support available, or needed - Culture of competition 3

Silicon Valley in the 1980s-90s The Minicomputer Industry Window of Opportunity - Many large players; HP, Intel, Apple, Sun Microsystems, Silicon Graphics, etc. - Large network of electronics supply companies - A product in early development (About 20 years old - 1976) - Close to resources (knowledge & funding) - No specific tax incentives for R&D - Extensive community college and state university system to support high technology industry - Culture of cooperation and collaboration 4

Maryland in 2014 The Cybersecurity Industry Window of Opportunity? - Many large players; NSA, U.S. Cyber Command, NIST, DISA, Lockheed Martin, Northrup Grumman, General Dynamics, SAIC - Developing network of cybersecurity companies - A product in early development (About 21 years 1993) - Close to resources (knowledge & funding) - Specific cybersecurity tax incentives - Extensive community college and state university system to support high technology industry - Culture of cooperation and collaboration? 5

Specific Maryland Advantages - Unique cluster of federal and commercial cybersecurity organizations - State support: - 27 business incubators, two of which are cyber-centric - Several funding & loan programs - Cybersecurity Investment tax credit - Several other tax credits relating to security clearances - Strong computer science educational support including: - AACC - UMUC - UMBC - University of Maryland - USNA - Many others - Increasing government cybersecurity funding 6

Industry Comparison Industry Center of Mass Detroit 1900s Silicon Valley 1980s-90s Maryland 2014 Key Players Support Industries Young Industry Resources Tax Incentives Education Support Collaborative Culture Total Yes Answers Y Y Y Y N N N 4 Y Y Y Y N Y Y 6 Y+ Y Y Y Y Y? 6+ Conclusions: 1. Maryland 2014 has all the ingredients to become the Cybersecurity Industry Window of Opportunity 2. Adding the right amounts of talent, capital and entrepreneurial spirit to these ingredients can replicate the formula around which entire industries have been born 7

Winquest Introduction Winquest Engineering Corporation (Winquest) provides U.S. Government and Commercial clients with Cybersecurity Services, Intelligence Analysis, Program Management and Engineering Services Winquest s cybersecurity services mission is to provide expertise to our clients to help them protect their critical IT infrastructure, intellectual property and reputation against a dynamic and increasingly sophisticated threat Winquest s Cybersecurity Services Group (CSG) was founded in 2012 to provide expertise to our clients to help protect their critical IT infrastructure, intellectual property and reputation against a dynamic and increasingly sophisticated threat 8

CSG Services & Personnel Winquest is focusing our government cybersecurity expertise on the commercial sector due to increasing threats The CSG provides a variety of cybersecurity services including: Consulting Network Recons Vulnerability Assessments Penetration Testing Regulatory Compliance Audits Mobile Device Protection and Forensics Computer Forensics Red Teaming The average CSG engineer has 15+ years of experience and several certifications to include; CISSP, CEH, GAWN, GCIH, GCIA and/or GPEN CISSP = Certified Information Systems Security Professional, CEH = Certified Ethical Hacker GAWN = GIAC Auditing Wireless Networks, GCIH = GIAC Incident Handler Certification GCIA = GIAC Certified Intrusion Analyst, GPEN = GIAC Penetration Tester 9

Business Challenges Determining what you re going to do (Software, Hardware, Services or Combination) Funding Amount needed largely depends on what you re going to do Retaining ownership Finding qualified personnel (Developers, Assessors & Penetration Testers, Business Developers, etc.) Finding Professional Liability and E&O insurance Finding customers (Target a sector and plan for time to develop trust) Educating your customer base Developing and executing repeatable processes 10

Relevant Founder s experience was/is important 1990s Army Computer Network Operations and DoD policy experience Prior business experience with start-up companies including a 1999 company providing computer security services (which was too early to the marketplace) Strong Navy Cryptology & Security experience Trust amongst our core founder group was/is essential Our personal and professional networks needed to grow quickly Outsourcing was right for us (accounting, payroll service, assistant FSO) We established banking relationships early and applied for a LOC ASAP Most things haven t happened as fast as we wanted them to Partnering will be key to our (and our partners) rapid growth Lessons Learned Keep overhead costs low (We will remain a virtual office as long as practical) 11

The Winquest Advantage Experience Our professionals have decades of computer security experience, conducting hundreds of assessment and penetration tests for government and commercial clients and finding vulnerabilities 100% of the time Trust Our professionals offer security clearances and professional certifications Over-the-Horizon Early Warning Our professional s work in different sectors enables them to cross-level knowledge and predict some attacks before they happen An Unbiased Opinion Winquest does not sell software or hardware products enabling us to give you a neutral assessment of your network s strengths and weaknesses and an unbiased mitigation strategy 12

Why? Our personnel have a strong service ethic dedicated to protecting our nation s way of life and Our nation is facing a new and unprecedented threat 13

Net Recon Service The Net Recon service is a no risk, lower cost capability to improve and maintain your network security against an ever-increasing cybercriminal threat at a fraction of the cost of staffing your own in-house Cybersecurity Team. Net Recon subscribers receive the following benefits; A complimentary on-site abbreviated vulnerability assessment to determine if vulnerabilities exist on your network and specific recommendations on how to fix the ten most dangerous ones A 20% discount on remediation services to help you remove vulnerabilities Four hours per month of consulting services via Winquest certified cybersecurity professionals Annual follow-on abbreviated vulnerability assessments to measure progress and discover new vulnerabilities Optional services can be added: More frequent full vulnerability assessments/penetration tests (quarterly/bi-annual) On-site employee cybersecurity awareness training Additional hours of consulting services A 30% discount on Computer Incident Response Team deployment in case of cyber attack Other customized services upon request including Mobile Device Management (MDM) services The monthly subscription cost will be determined by any optional services and the size and complexity of the client network (Point of Sales devices may add additional cost). 14

Contact Info Winquest Engineering Corporation Cybersecurity Services Group (CSG) info@winquestengineering.com or via mobile 410-718-0565 15

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information