1021Capital Cybersecurity Summit Logo 3Leading up to our Capital Cybersecurity Summit on November 2-3, 2016, we’ll be sharing a weekly roundup of some of the top cybersecurity stories. Here are the last week’s top headlines. Tweet us interesting cyber articles at @NOVATechCouncil.

IoT:

As cyberthreats multiply, hackers now target medical devices  CNBC

Leaky IoT devices help hackers attack e-commerce sites   CIO

Election:

Connolly: cybersecurity at stake in election  FCW

Government:

U.S. CISO wants to lean on freelance hackers to improve .gov security  FedScoop

CIA Prepping for Possible Cyber Strike Against Russia  NBC

General:

Internet of Things Malware Has Apparently Reached Almost All Countries on Earth   Motherboard

 

Want to learn more about NVTC’s 2016 Capital Cybersecurity Summit? Click here or watch the video below.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

We’re thrilled to share our latest cybersecurity guest blog post written by Rick Howard, chief security officer at Palo Alto Networks. Howard will be sharing his expertise at the Capital Cybersecurity Summit on November 2-3, 2016 on the CISO Sidebar panel.


Rick Howard HeadshotIn today’s cybersecurity landscape, where attacks are increasing in number and sophistication, the network defense model developed over the past 20 years has become overwhelmed. Commonly referred to in cybersecurity circles as the “Cyber Kill Chain,” the model uses what was originally a military concept to help network defenders find a cyber attack and fix any damage it caused and then track, target and engage with the cyber attacker.

Over time, cyber adversaries’ capabilities grew. Soon, they were routinely finding ways to circumvent the Cyber Kill Chain model. This happened for several reasons:

  • Too many tools for defenders to manage. As network defenders struggled to keep up with evolving cyber attackers, more security tools were implemented on the network, and the man-hours spent ensuring those tools were operating correctly and analyzing the data they provided quickly became a burden with which most network defense teams couldn’t keep up.
  • Too much complexity for security. As new security tools were added, the complexity of the network grew. The more complex the network, the easier it is for network defenders to make a mistake that can expose the network to cyber attacks.
  • Too much wasted time. As vendors launched new security tools, customers entered into a kind of arms race in which they were constantly evaluating new “best of breed” security products against each other to determine which was the most effective. These evaluations could take months, with more time and money wasted after a decision was made in order to remove legacy security tools and replace them with new ones, and then train teams on how to use them effectively. It was a process that became more complex – and expensive – every year as cyber threats evolved and new tools were developed to address them.
  • Too inefficient at crossing the last mile. Cyber attackers often leave clues when they penetrate a network’s defenses, which are called “indicators of compromise.” Once an indicator is found, network security vendors develop prevention and detection controls that address the indicator and deploy them to customers—a process the industry has referred as “crossing the last mile.” But when an indicator affects multiple products from different vendors, or a new indicator of compromise is discovered, keeping track of the status of each tool and whether or not that tool has the most updated controls installed becomes a logistical nightmare.

Much of the complexity that currently overwhelms the Cyber Kill Chain model can be solved with an integrated security platform. “Platform” is a buzzword many vendors use, but I define it as a way to combine tools that network defenders have previously implemented as point solutions from different vendors into a platform built and maintained by one vendor. The “secret sauce” is that integration – when the platform components work together – makes each component more effective as a result of its integration with the others and it makes the network easier to defend by reducing the number of tools to be managed.

More advanced security platforms have the additional ability to automate the deployment of prevention and detection controls, making the process to cross the last mile much less labor-intensive. By replacing an ad hoc collection of independent, patched-together tools with a well-integrated, automated security platform, the problems described above become much simpler to resolve or disappear altogether. Partnering with one vendor gives network defenders leverage in terms of contract negotiations. They can use longer term contracts to get significant discounts from the vendor and, because of that, they can insist on creative fulfillment models that are advantageous to themselves in defending their networks.

The challenge for automated security platform adoption is primarily cultural. Network defenders are familiar with the best-of-breed security tool model, and many see the constant evaluation of new tools as a sort of “survival of the fittest” contest that ensures they’ll find the best tool for their network. It will take a lot of education and mind-changing, a process that may require support from an organization’s board of directors or C-suite, to ensure it happens. But it’s a change that needs to happen in order to protect our way of life in this digital way more effectively and efficiently in the future.


Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

1021Capital Cybersecurity Summit Logo 3Leading up to our Capital Cybersecurity Summit on November 2-3, 2016, we’ll be sharing a weekly roundup of some of the top cybersecurity stories. Here are the last week’s top cyber headlines. Tweet us interesting cyber articles at @NOVATechCouncil.

NSA Contractor arrested; charged with stealing top secret info  Cyber Scoop

How did the Feds Get past Yahoo’s encryption? Yahoo!  Wired

Which country has the most malware-infected devices?  CNBC

Johnson & Johnson warns of insulin pump hack risk  USA Today

Hackers used the IoT to create an unprecedented DDoS attack—Now what?  IOT Journal

Federal cybersecurity workforce should be more than just IT degrees  Federal News Radio

Want to learn more about NVTC’s 2016 Capital Cybersecurity Summit? Click here or watch the video below.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

This week’s blog is written by Connie Pilot, executive vice president and chief information officer at Inova Health System. Pilot will be sharing her expertise on the “The Coming Storm from IoT” panel at the Capital Cybersecurity Summit on November 2-3, 2016


Pilot_Connie UpdatedWith billions of data-generating devices connected to the Web, the Internet of Things (IoT) is changing the way we do business. No industry is immune, including healthcare. The Food and Drug Administration estimates that 500 million people around the world use some sort of mobile health app on their smartphones and millions more have embraced wearable health technology. Inside the hospital, Internet-connected medical devices such as MRI machines, CT scanners and dialysis pumps provide critical patient monitoring and support and as wireless technology proliferates in healthcare, so too does risk. The Web is fertile ground for stolen medical records, which are now more valuable to hackers than credit cards. Providers must find new ways to secure private data in an ultra-connected world.

The IoT offers important benefits for healthcare delivery and efficiency. It provides new avenues for patient communication, improves patient engagement and compliance, and enhances value-based care and service. At Inova, we use it in many ways: to monitor fragile newborns in the neonatal intensive care unit, control temperature and humidity in the operating room, deliver pain medication post-operatively and measure heart rhythm in cardiac patients, to name just a few. Medical data tracking enables us to intervene when necessary to provide preventive care, promptly diagnose acute disorders or deliver life-saving medical treatment. The benefits extend beyond our hospital walls into the community, where the IoT drives telehealth advancements that improve access for patients, such as virtual visits, eCheck-In, patient portals and electronic health records.

Balancing the benefits of greater connectivity with the need to protect critical data is a growing priority for healthcare providers. Opportunities exist for instilling interoperability and security standards that will seamlessly facilitate the sharing of necessary patient care information, while continuing to safeguard it from cyber-attacks.

Enabling connection and communication among different information technology systems and software applications can be daunting. While healthcare organizations can use proven security protocols in other domains, differences between IoT devices and traditional computing systems pose significant challenges. The IoT introduces innovative technology that requires emergent, often untested, software and hardware. Wearables, such as consumer fitness trackers and smartwatches, are a case in point. They present non-traditional access into the technology environment. While they use existing communication protocols that can be secured, there are challenges with multi-factor authentication and control of the devices in case of loss or theft.

Additionally, with millions of people using wearables, the volume of data generated can easily overwhelm an organization’s network, leaving it vulnerable to a potential denial of service attack. In this scenario, hackers attempt to prevent legitimate users from accessing information or services. Methods must be developed to limit data transmitted from wearables solely to those devices that should be transmitting and solely to information that is required for patient care.

Clearly, developing new methods of securing devices and the information they generate is a formidable task. We are fortunate to do business in an area that is well positioned to tackle this growing cybersecurity threat. With one of the most sophisticated technology workforces in the country, pioneering start-ups, world-class educational resources and a large government infrastructure, the National Capital region stands at the epicenter of innovation, policy and research. Our collective expertise can help us meet healthcare privacy and security challenges, and keep our patients and community safe.

 

Connie Pilot is executive vice president and chief information officer at Inova Health System. As the leader of Inova’s technology services division, she oversees all aspects of technology, including IT applications, change and quality management, information security, enterprise architecture, service delivery and informatics. 

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

This week’s cybersecurity headlines spanned Yahoo’s massive data breach, growing election cyber threats and a major IoT hack. Leading up to our Capital Cybersecurity Summit on November 2-3, 2016, we’ll be sharing a weekly roundup of some of the top cybersecurity stories. Find an interesting cybersecurity article? Share it with us in the comments or Tweet us at @NOVATechCouncil

Want to learn more about NVTC’s 2016 Capital Cybersecurity Summit? Click here or watch our event video below.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Recent data breaches – from the telecommunications and healthcare industries to the Office of Personnel Management (whose breach impacted over 4 million people) – have left no industry immune to cyber attacks. NVTC recently published a cybersecurity infographic on the rising impacts of cyber threats and the federal government and Great Washington region’s elevated response to these threats. One of the most astounding statistics highlighted in this infographic is the 2016 federal cybersecurity budget, which increased by $5 billion in the last year alone.

The National Capital region is at the intersection of innovation, policy and research and that is why NVTC is hosting the first ever 2016 Capital Cybersecurity Summit on November 2-3, 2016 at The Ritz-Carlton, Tysons Corner.

This region is THE capital of cybersecurity because it is home to:

  1. One of the most educated cybersecurity and tech workforces in the country (55% of tech openings in Virginia are in cyber!)
  2. A large number of Fortune 1000 companies
  3. An incredible number of startup tech firms and entrepreneurs
  4. U.S. Cyber Command
  5. The Department of Defense and intelligence agencies like NSA and CIA, addressing both defensive threats to our classified information and infrastructure as well as offensive cybersecurity capabilities employed against our adversaries
  6. Political and regulatory infrastructure that addresses policy issues surrounding cybersecurity
  7. Unparalleled research infrastructure through institutions like DARPA, IARPA, ODNI, ARL, AFRL (Did you know – The Internet came out of a government-focused research effort at DARPA?)
  8. World class local universities including George Mason University, George Washington University, University of Maryland, University of Virginia and Virginia Tech
  9. Leading Incubators and investors like MACH37, In-Q-Tel, Carlyle Group, Arlington Capital (46% of Greater Washington venture capital funding supported cyber solutions in 2015!)
  10. An underlying commitment to innovation among all members of our region: private companies, government organizations and universities

We’re just over ONE month to go until the Capital Cybersecurity Summit. Planning is well underway and each week we are announcing new panels and speakers. Click here for the latest agenda and to register.

 

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

This week on NVTC’s blog, Alex Castelli, CPA, is partner and Technology and Life Sciences Industry Practice Leader at NVTC member company CohnReznick, explains how crowdfunding has become such an attractive financing vehicle for technology companies.


7K0A0597[1]The technology industry stands out as a major beneficiary of this promising method of capital raising. In 2014, technology was a leading sector in terms of capital commitments – at around $98.5 million – and led the number of raises that have been offered since inception, according to Crowdnetic’s Quarterly Private Companies Publicly Raising Data Analysis.2 Capital commitments in the technology industry trailed only behind the services industry.

So why has crowdfunding become such an attractive financing vehicle for technology companies? And what is required to launch a successful crowdfunding campaign?

Proving legitimacy and demand

Obtaining financing from traditional lenders such as banks, angel investors, and venture capital firms can be difficult for some early-stage technology companies. Crowdfunding offers an additional source for raising capital. Many investors are eager to support innovative ideas or services, and the growing legitimacy among accredited investors to provide financial backing through the internet has contributed to the popularity of crowdfunding. For tech startups, crowdfunding is an effective way to demonstrate to lenders the demand for a product or service and also to justify the company’s financial projections. Technology companies that have successfully secured accredited investors via the web are especially attractive to traditional lenders as their ideas have reached a level of legitimacy and approval.

Testing the markets and building brand awareness

In addition to raising capital, crowdfunding provides a platform for technology entrepreneurs to test the success of their product or service once it is officially on the market. Through this process, an entrepreneur can determine whether to continue investing time and money in a particular product or service based on feedback from potential customers. Doing so avoids involvement in a venture that may ultimately prove to be futile. The exposure of a product or service through crowdfunding offers the ability to build brand awareness and develop a loyal community of customers right from the start. Developing a loyal following can generate word-of-mouth advertising that can boost a startup business to success.

Finding success

There is a commonality among crowdfunding success stories. Deals receiving funding typically have outside sponsors who advocate on behalf of the deal. These are usually prominent investors who are willing to put their names on the deal and endorse them personally. This signals to other investors that it is a quality opportunity. “This is not so different from the way investments have always been done,” said Steven Dresner, CEO of Dealflow. “In the past, one prominent venture capitalist would put a million dollars in a deal, and then the startup could use that as leverage to attract more VC money. Now it is just taking place in a whole new forum.”

What does the future of crowdfunding hold?

Notwithstanding its popularity within the technology industry, to date, equity crowdfunding may be best characterized as a “growing” source of capital formation available to private companies. Entrepreneurs continue to test the market in determining how best to utilize crowdfunding as an alternative strategy for obtaining financing, gaining exposure, validating their products or services, and ultimately, expanding their businesses. The influence of crowdfunding on the middle market sector has yet to be fully realized. However, crowdfunding is on track to not only transform how privately held companies raise capital and interact with investors, but to also influence how businesses formulate and implement their go-to-market strategies.

1 https://www.fundable.com/infographics/economic-value-crowdfunding
2 http://www.crowdnetic.com/reports/jan-2015-report


Alex Castelli, CPA, is a partner and CohnReznick’s Technology and Life Sciences Industry Practice Leader. He can be contacted at 703-744-6708 or alex.castelli@cohnreznick.com. To learn more about CohnReznick’s Technology Industry Practice, visit the company’s webpage and follow CohnReznick on Twitter @CR_TechInd.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
NVTC is inviting members and industry leaders to serve as guest bloggers, sharing insights and information on trends or business issues relevant to other members. This week, the NVTC Digital Strategy Committee writes about the group’s recent event on digital strategy and public safety, featuring Fairfax City Fire Department Chief Richard R. Bowers, and how it revealed several very interesting and useful challenges for the NOVA business community.


The Northern Virginia Technology Council’s (NVTC) Digital Strategy Committee (#nvtcdigstrat) recent event regarding Digital Strategy and Public Safety, featuring Richard R. Bowers – Chief, Fairfax Fire Department – revealed several very interesting and useful challenges for the NOVA business community.Not least of which was the current challenges around focused, resourced digital strategy planning across the County constituent agencies, and among local jurisdictions.Many targeted capabilities and improvements in “front-end” digital tools, outreach and engagement, plus initiatives on the “back-end” to handle system-specific data and information management are certainly underway, but information-sharing among the public safety stakeholders – businesses, government and the public – remains a strategic planning, governance and education hurdle to address. In other words, a B2G2C digital strategy challenge.NVTC Digital Strategy with Fairfax Fire Chief Richard Bowers

“Simplicity” was a key concept – that seems hard to maintain in the first responder settings, particularly with the profusion of both new technology equipment and situational data. Chief Bowers illustrated the challenge with local EMS responders – on route or on scene -having to quickly use and interact with at least 5 separate kinds of equipment:

  • EPCR (Electronic Patient Care Reporting)
  • CAD (Computer Aided Dispatch)
  • MDC (Mobile Data Computers)
  • NCR (National Capital Region) Patient Tracking System
  • Mobile Phones, iPads and Radios

The variety of interfaces, variety of data granulation, variety of authentication methods – it all adds up to what can be a burdensome expectation on responders, which creates higher risk in areas of data quality and security, process coordination and mission efficiency. This hinders, therefore, the ability of the entire responder community to deliver optimal outcomes – in spite of the number and types of technologies available and in use.

Furthermore, as the technologies available to both the responders and the public become more pervasive, easy to operate and use – for collecting or contributing incident reporting, sensory feedback and overall situational awareness data – it’s simply too difficult to add these inputs to the mix in a way that avoids information overload, or worse, information degradation or errors. There’s no common information architecture that anticipates a proliferation of device inputs, mobile and social channels.

A standard “dashboard” visualization service for use in the field, to quickly access the various systems and growing information sources, was also mentioned as a highly-desirable capability – particularly a dashboard to sensitive systems and protected information in a BYOD environment – i.e. on personal cellphones or tablets. A related need surfaced above the actual dashboard of the response vehicles and fire engines – actually having “heads up” display on the windshield of incident information, particularly GPS and route data.

Fairfax 2015 Police and Fire Games

The Committee was also briefed on the upcoming World Police and Fire Games, coming to Fairfax County at the end of June this year (2015). It’s anticipated that over 12,000 athletes and family/guests (over 30,000 in all) will attend the games, and that Fairfax County will experience tremendous global attention, regional pride and local economic benefit from hosting the event. Over 2000 volunteer slots remain open, along with many sponsorship opportunities for businesses, organizations or individuals. The Fairfax 2015 Games Website maintains all information for athletes and all other participants, from local accommodations and event venues, to a robust social community and online marketplace.

The NVTC Digital Strategy Committee looks forward to more collaboration sessions with the Northern Virginia public safety and First Responder community, and will continue to support information-sharing about B2G2C digital strategies.

Thanks to the NVTC event sponsors, speakers, coordinators and volunteers, including:

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

NVTC is inviting members and industry leaders to serve as guest bloggers, sharing insights and information on trends or business issues relevant to other members. This week, John Beveridge of Rapidan Inbound shares insights both on closing deals as well as developing a business that you want to close from the Nov. 20 Small Business and Entrepreneur and Business Development, Marketing & Sales joint committee event.


One of the most difficult things for tech companies, or any company, for that matter, is creating revenue from your technology. Unfortunately, it’s not a matter of build it and they will come.On Thursday, November 20, the Small Business and Entrepreneur and the Business Development, Marketing & Sales Committees hosted a joint event titled, “The Art of the Deal – How Successful High-Growth Companies Close Deals.”

Hosted by Samantha Smith of Etail Eye, the event featured 3 executives from high-growth companies who shared their experiences on how to best generate revenue. Panelists included:

Marty Kaufman, VP of Operations, WeddingWire

Chris Marentis, CEO, Surefire Social

Carolyn Parent, Chief Experience Officer, Gravy

The panelists shared insights both on closing deals as well as doing the things you need to develop business that you want to close. Here are some of the tips the panelists shared.

  • A good way to start developing business is to develop your personal brand as well as your company brand. Creating good content is a great way to develop your personal brand and anyone can do it. Chris Marentis started Surefire Social with an eBook.
  • Economic down times create opportunities for new businesses. Carolyn Parent recommended that new businesses take what they can get and show results quickly. You may want to land that Fortune 500 account, but if a good SMB opportunity arises, take advantage of it. To close business, find some way to show them value quickly, even if it’s just a needs analysis.
  • New businesses can take advantage of sales technology to qualify new business opportunities. Marty Kaufman shared how WeddingWire’s data scientists use predictive analytics to help them target their business development resources to maximize revenue. Don’t overlook the affordable SaaS sales technology resources available to you.
  • Depending on which market you serve, your sales strategies will vary. B2C companies should look to create viral buzz around their products and services while B2B companies should position themselves as valued business partners to their customers. The B2G market moves at a glacial pace and sellers need to be early to the party.

These were just a few of the insights the panelists shared at the event. Want to learn more about business development, sales and marketing? Come to the next committee meeting on December 16.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

On April 10, the NVTC Business Development, Marketing and Sales Committee held an event entitled “Lead Generation Technology Forum: How to Maximize Your Pipeline.” The event featured a distinguished panel of industry experts and end users, and offered ways to utilize automated marketing and lead generation solutions. John Beveridge, a vice chair of the committee, shares insights from the event below.


The business buying process has changed: a recent study by the Corporate Executive Board found that the average business buyer completes 57 percent of her sales process before ever contacting a salesperson. The NVTC Business Development, Marketing and Sales Committee recently held an event to help business deal with this new business reality.

Marketing executives from Deltek and Sonatype, along with industry representatives from Marketo and Vocus shared their thoughts and experiences on using marketing automation technologies to fill their pipelines and nurture their leads through the customer acquisition process.

The panel shared several insights with the audience:

  • Digital marketing is a process, not a product. Companies starting out with lead generation technology will need to transform their approach. You may need to reconfigure your team’s skills and learn new technologies to successfully implement a digital marketing process.
  • Prior to starting a digital marketing program, it’s important to know who you want to reach and to make sure you have the technology tools to accomplish your mission.
  • Digital, or inbound, marketing is based on the premise of attraction. It matches the modern buying process by providing potential buyers with educational content as they perform pre-purchase research.
  • One of the primary advantages of digital marketing is that it provides intelligence on your lead’s behaviors, which empowers sales people with information to make their outreaches more meaningful to buyers.
  • Digital marketing simplifies the marketing process by automating tasks like email marketing, lead nurturing and lead scoring.
  • Educational content like blogs, whitepapers, eBooks, webinars and videos are the fuel that runs lead generation technology. Companies considering digital marketing need to create high-quality content that educates their audiences and helps move them to a buying decision.
  • Digital marketing software lets companies measure every element of their lead generation process and optimize their process based on marketplace feedback.

Interesting in learning more about lead generation technology and other business development issues? Become a member of the NVTC Business Development, Marketing and Sales Committee.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS