802 Secure: Company of the Year 2016

We have disruptive technology that provides a spectrum agnostic software defined radio solution that protects all wireless devices regardless of frequency. With technology reseller agreements in place with AT&T and Optiv, 2 of the largest US network security providers, 802 Secure is poised to be the defacto standard in securing the IOT transmission layer.” Founder and CEO, Garry Drummond.

With General Electric estimating that the “Industrial Internet” has the potential to add $10 – $15 trillion to global GDP over the next 20 years, and Cisco increasing to $19 trillion its forecast for the economic value created by the “Internet of Everything” by the year 2020, this is potentially the largest new technology growth in human history. Research firm Gartner predicts that the Wireless network security market is projected to grow from $8.47 billion in 2014 to $15.55 billion by 2019. Wireless networks are the largest and fastest growing segments of the global network technology sector.

Based out of Livermore, California, 802 Secure Inc. is focusing on security in the emerging Internet of Things (IoT) market. With the number of active wireless connected devices expected to reach 50 billion by 2020 and the related solution forecasted to grow to $7.1 trillion, the company is set to capitalize on this growing market. The company’s technology was selected at DEFCON and Black Hat 2015 to provide visibility into wireless threat intelligence. Through proactive attack-tool profiling, combined with target-aware deceptive networking, this solution was effective in assessing new advanced wireless risks.

With the 802 Secure Spectrum Management Cloud Platform utilizing customized software-defined-radio and MIPS risk engine {Multi-frequency Interpretation Protocol Score), 802 Secure is uniquely positioned to take advantage of the new wireless threat market opportunities. The target markets of 802 Secure are large enterprise and government customers.

Why 802 Secure

• Customers are moving away from reactive controls to a more proactive defense-in-depth security approach with the ability to stop attacks at the mobile edge. The reason for this is that it is far easier to manage and fix the few vulnerabilities and exposure states created by wireless technologies than trying to keep up with the latest hacks plus the speed at which wireless vulnerabilities are being exploited demands faster new vigilance. Existing legacy solutions do not protect the brand by offering after-the-fact post mortem forensics on how assets where exploited or how much data was stolen.
• Customers are now interested in not only monitoring the 2.4Ghz and 5.0Ghz wireless frequencies but also looking for solutions that provide visibility into the new attack vectors created by IoT on non-standard frequencies. Visibility into the broader radio frequency spectrum allows for discovery of previously unobserved attack on-ramps. Existing legacy solutions are blind to these new attack vectors and have no mitigation or corrective controls.
• In addition, 802 Secures platform is changing-the-game by moving customers from intrusion detection to intrusion deception which is an early warning system capturing and detecting unknown or “zero day” exploits such as new IOT or advanced wireless threats. AirDecoy™ mimics the customer’s networked environment to trap intruders. All activities are recorded for optimized wireless threat intelligence decision making.
• Finally, customers no longer require expensive on premise server hardware. 802 Secures offer a scalable cloud architecture allowing IT and Security Operations organizations to scale with the solution without over burdening their staff.

802 Secure Key Benefits

Visibility: Real-time RF coverage and awareness provides comprehensive insight into the enterprise IoT landscape. Forensic analysis provides actionable data for incident response teams.

Assessment: Through the use of AirShield’s Vulnerability Assessment, potential risks can be easily identified prior to loss before they impact a network. Fingerprint RF emissions and inventory of all IoT devices and their attack behaviors can be assessed.

Mitigation: Alerts and notifications allow for quick response to IoT threats. Easily integrates with existing enterprise security SIEMs.

Providing end-to-end Secure Solutions
802 Secures AirShield™ provides the customer with a hackers mind-set to help detect, assess and prevent risk from IoT and mobile attack vectors such as malware, risky apps, operating system compromises, network attacks, and user behavior. Information collected from within AirDecoy™ a deceptive network.

This provides the basis for then outlining countermeasures for defining a holistic IoT security methodology that encompasses proactive protections, response mechanisms, live monitoring, and incident response via integrated SIEM technologies.

Through target-aware deceptive networking and attack-tool profiling, the AirShield (TM) solution is effective is providing wireless threat intelligence and pin-pointing attackers who change MAC and IP address across multi properties.

AirDecoy (TM) is air-gaped from the customers production network. No Ethernet is required and therefore, there is no impact to production operations.

Existing legacy wireless intrusion detection solutions fail to support proactive auditing, exposure state validation, and corrective mitigation. Legacy solutions only provide monitoring of the 2.4GHz and 5.0GHz wireless frequencies, therefore, not providing complete visibility into new attack vectors created by IoT connected devices.

Industry Recognition for Innovation
Security Products Guide, the industry’s leading information security research and advisory guide, has named 802 Secure and its product three winning categories of the 2015 Global Excellence Awards:

• Start-up of the Year: Gold Winner
• Internet of Things (IoT) Security: Bronze Winner
• Wireless, Mobile, or Portable Device Security: Bronze Winne

Client Testimonials
“IoT presents a vast opportunity for organizations to improve internal efficiencies, serve customers better, enter new markets, and build new business models. AT&T Control Center is a sophisticated, cloud-based platform that enables businesses to rapidly scale, manage and launch connected-device deployments. 802 Secure is using AT&T Control Center because it is a highly secure platform they can utilize to offer security and visibility in IoT deployments, helping in detecting and mitigating the risk associated with the Internet of Things.” – Tina Hampton, AVP
Product Marketing Security Solutions, AT&T Business Solutions.

“As the “internet of things” entices consumers with new ways to connect with everyone and everything, the wireless space becomes the hinge pin to customer satisfaction and the point of entry for those who wish to do harm. Having a way to identify risk and mitigate that threat quickly is the key to preventing service disruption and keeping customers and the business safe. 802 Secure gives you that level of visibility and grants you the capability to provide protection to this critical service everyone must offer.” – William Worthington, Director of Security Advisory
Services / CISO Services

The Road Ahead
Founder and CEO, Garry Drummond shared his thoughts and insights on the roadmap ahead:

I believe that wireless is fast becoming (if not already) the #1 way to back-door the wired-side of your network. It’s so easy these days to hi-jack a wireless connection and install a root kit before any layer 3 agents like personal firewalls, malware or anti-virus agents kick-in (it’s too late by then), so I think the plan will be to share the wireless threat intelligence gathered with 3rd party security technologies such as SIEM (Security Information Event Monitoring) and Mobile Security apps vendors to start building a real-time trusted eco-system:

• Build trusted client list that are malware free, detection of DLP (data loss prevention) via the airwaves.
• Enforcing spectrum management to ensure 1st line of defence.
• Improved wireless to wire correlation.
• Innovation of our Cloud Spectrum Manager.

Founder Speaks:

Give us a brief history on the company from its inception till now.
The journey started for me in July 2014 after I left AirDefense. I was approached by several fortune 500 clients seeking help in reducing false positives from their legacy wireless intrusion detection systems. They required help in prioritizing the wireless threat information collected and identified as well as pin-pointing the highest level of risks with immediate impact to the business. With the massive adoption and growth in IoT connected devices – new innovation was required in order to address the new threat landscape that was emerging. I realised that existing solutions didn’t solve the problem in a way that I felt the IoT problem should be addressed. With a small dedicated team of wireless security professionals we began working on an IoT sensor prototype to deliver on a unique value proposition. The ability to be spectrum agnostic and provide proactive wireless intelligence –prior to incident.

Why do customers buy your product and services?
The mobile threat landscape is evolving bringing about new forms of data loss. No longer can organizations rely on security policies designed during the PC era. Mobile and IoT enable devices are different and therefore require a revised approach to countermeasures to mitigate data loss. Understanding these differences is fundamental to creating a new defense-in-depth strategy designed for mobile and IoT.

The Goal of the AirDecoy™ solution is to create a highly controlled network. Within that network, you place productions systems and then monitor, capture, and analyze all activity that happens within that network. Because this is not a productive network, but rather our deceptive network any traffic is suspicious by nature.

Who are some of your biggest clients? In which vertical do you see the most traction in?
The 802 Solution has been sold and tested across multiple vertical markets: Hospitality, Finance, Transportation and Logistics, Energy and Retail. What this demonstrates is that wireless security is a horizontal problem affecting all industries that use wireless technologies. Due to the fact that 802 is leading the way in stopping these new IoT attacks we are not prepared to release client names. We don’t want to tip-our-hand.

What’s made you successful over the years, what makes you stand out?
First of all, you have to love what you do for a living and I do. I fully embrace the solutions I sell and offer to my clients. I learn everything I can about the technology and surround myself with people who know more than me. Over the years I have come to realize that I enjoy selling innovative and new products from

unknown companies and influencing and persuading these marquee accounts to buy. My colleagues think it’s all down to my Scottish accent and that I have the ‘gift-of-the-gab’ but I know differently. Having sold over a $250M dollars of new business product for my past 2 network security hi-tech start-ups – it takes more than an accent. My customers respect my suggestions, opinions and honestly, they get value from me every time I show up, it’s a win-win.

Who are your Competitors?
We have a couple of new start-up companies moving into the SDR (software-defined-radio) security space but most competitors still utilize legacy wireless intrusion detection solutions. They fall short of delivering an effective IoT security solution because they have limited visibility into broader radio spectrum. Competing solutions are reactive controls by design and lack the ability to identify the vulnerabilities prior to loss or incident occurring. In addition, traditional wireless intrusion detection systems (WIDS) only map known attacks to known signatures, with NEW IoT threats such as Smart Watch hacking where there is no signature to correlate against a threat database, therefore making WIDS an ineffective security tool. With data breach costs increasing each year there needs to be a shift in philosophy to combat these new attack vectors.

Bottom line: With the 802 Secure Spectrum Management View and Cloud Platform, utilizing software defined radios and IoT customized MIPS risk engine (Multi-frequency Interpretation Protocol Score), 802 Secure is uniquely positioned to take advantage of the new market opportunities.

What advice would you share with others who are thinking about setting up start-up?
Rule #1 – Follow through until you win. Don’t give up, you’ll hear no, not interested, let me talk with my research partners first and I’ll get back to you. No one believes in your idea until you prove them wrong either with purchase orders, strategic partnerships and revenue, ideally all 3.

Rule #2 – Never lose sight of the point of impact on where the dollar is made. We can all keep ourselves busy doing stuff. Throughout the day, ask yourself – what is the most important use of my time –RIGHT NOW. Call a customer!!

Rule #3 – Stay humble. Always respect and treat others as you would like to be treated yourself. Never take advantage of your position.

Rule #4 – Never lose respect for cash. Run the company as if you were poor and don’t over extend the business. Build early, build often, fail fast, learn, and evolve.

Revenue Model
802 Secure operates a SaaS-based cloud model, offering 1, 2, and 3 year subscriptions for its premium cybersecurity solution. Think of the solution as a cable service; pricing includes hardware and software with pre-configured components for ease-of-use scanning of Wi-Fi, Bluetooth and Zigbee. Add customized software-defined-radios for broader radio spectrum management and now you have broader visibility into 900Mhz, 800Mhz, 700Mhz, 600Mhz all they want down to 60Mhz.

• AirShield ™uses LTE / GSM back0haul for connectivity (no Ethernet required)

• Hardware replacement with 24/7 technical support

• Optional: Fully Managed Wireless Security Service

All sales are sold through our growing Partner Network.

Upcoming Events
802 Secure has been recognized as a thought leader in the disruptive wireless security space and has been selected to host a panel discussion at this year’s SINET conference – IT Security Entrepreneurs Forum (ITSEF) 2016 on April 19-20, 2016 at the Computer History Museum, Silicon Valley, Mountain View, CA.

Event – IT Security Entrepreneurs Forum (ITSEF) — is designed to bridge the gap between the Federal Government and private industry. Supported by the US Department of Homeland Security Science & Technology Directorate

Topic of discussion – Future of Wireless Security: Securing the Enterprise from new attack vectors such as Internet of Things (IoT).

Background on Founder:

Garry Drummond has been working in the Network Security industry for over 20 years. He is a Certified Information Systems Security Professional (CISSP) as well as Certified Wireless Network Security Professional. He has helped many enterprise organizations implement a best practice approach to proactive risk management.

In 1998, Mr. Drummond joined Silicon Valley start-up nCircle Network Security (pioneers of Vulnerability Management) to help build customer traction for its IP360 Vulnerability Management product line. Mr. Drummond was at nCircle for 7 years. The company later acquired by Tripwire, April 2013.

In January 2006, Mr. Drummond joined AirDefense (Wireless Intrusion Detection) to help his clients better understand the risks and threats associated with wireless technologies. Mr. Drummond was there for almost 10 years. Motorola acquired AirDefense in Sept 2008.

“We are developing the most intelligent technology for securing the Internet of Things, combining Software Defined Radios with Big Data analytics to detect, assess, and prevent risk from new and advanced wireless threats.”