The setting was an auditorium at Howard Community College, in Columbia. The organizer was the
Maryland/Israel Development Center
. And the topic was cybersecurity, with a panel of experts from federal government, private industry and defense contractors who last month highlighted trends and opportunities in the field.
Cybersecurity is reportedly a $55 billion industry in the U.S., although the state economic department does not have a specific breakdown for Maryland. There is also no separate ranking for the cybersecurity industry among the state’s industries.
However, by 2016, the federal government’s cybersecurity budget alone is expected to reach $14 billion. Last month, the National Security Agency at Fort Meade broke ground for a reportedly $3.2 billion cyber command center.
The agency is one of a half-dozen federal defense and intelligence agencies near Baltimore. Also located here are large financial institutions like T. Rowe Price and Legg Mason, and healthcare facilities like Johns Hopkins Medical Institutions and the University of Maryland Medical System – all of which have their own cybersecurity teams.
Ed Jaehne, chief strategy officer of Hanover, Md., defense contractor KEYW Corp., sees opportunities, particularly for small and medium sized companies that can respond to market needs.
“A lot of innovation occurs in them,” says Jaehne, for, in the industry term, agility, meaning programs that identify a cyber attack is happening and implement a course of action.
More than two-thirds of companies aren’t aware of having been the target of a cyber attack until months later, he says, and then only because a third party like a security company notices unusual activity.
“You cannot respond to cyber threats without agility,” says Jaehne. “The absence of cyber awareness is both a management issue and a technical issue.”
Panelist Matthew Speare, chief technology officer of M&T Bank, says the bank’s cybersecurity focus is to prevent attacks on its corporate and commercial customers.
Speare wants protection that is built into the business process. “It should occur automatically without human intervention,” he says.
Panelist Frederick Ferrer of National Security-Cyber Consulting, in Baltimore, says programs must better predict the type of attack and how to prevent it.
“There is great concern at the national level,” says Ferrer, a member of the Maryland Commission on Cybersecurity Innovation and Excellence, a quasi-independent agency, and, at the time of the conference, director of cyberspace for Booz Allen Hamilton Engineering Services.
“Terrorists are becoming better at cyber attacks, and within a year they may have the capability to cripple the U.S. economy by any number of attacks. They don’t want to steal things or be a nuisance. They want to destroy things like the national electric grid or Wall Street.”
Ferrer gives another example of cyber attack. An American steel company has spent millions of dollars and two years to develop a special chemical formula, proprietary information a competitor — business or nation-state — would love to have.
“It doesn’t have to be a Stealth Fighter or a U.S. Department of Defense project” that needs protection, he says.
Sources: Ed Jaehne, KEYW Corporation; Matthew Speare, M&T Bank; Frederick Ferrer, National Security-Cyber Consulting
Writer: Barbara Pash