Getting A Firm Handle On Internet Threats

June 21, 2002
| By Katy Rent |
Print
Text Size:
A A

GRAND RAPIDS — With security being a top buzz word in the community’s vocabulary lately, it is important to take note of every form of the word, including Internet security.

Internet Threat Management (ITM) was recently formed to play a role in the Internet security market. The company, led by a group of local investors, combines the acquired technology and assets of EVINCI Inc. with the necessary resources to build a successful security company.

Led by the team of John Pritchett, marketing and sales, Tim Crothers, Internet security expert and Rik Foote, business development and strategic alliance, ITM has seen rapid growth since forming earlier this year.

By using what it calls “Collective Intelligence,” ITM sets out to identify and manage Internet attacks.

“This goes to really a forgotten part of the Internet,” Pritchett explained.

“Over the past several years, what has happened is a large number of organizations have developed products like firewalls, various encryption devices, virus detection, software on that type of stuff, organized at a very specific type of function on the Internet security side of things.

“The truth of the matter is that because of the change in nature of technology, which changes every day, and because of the increase in sophistication of those people who are intent on getting into networks, those products really prove inadequate for those businesses.”

Accordingly, he said, what ITM does is set up software sensors.

He told the Business Journal the sensors detect certain data patterns and notify the company that someone is attempting to enter the system. Thus alerted, ITM develops a plan of attack to defend its client.

“The number of people trying to hack into systems is incredible,” Pritchett said.

Many companies already have a sensor in place, Pritchett said. However, it may be an intrusion detection device that alarms the customer every time a certain pattern of data comes across — many times, falsely.

“We did some work with a bank in Canada where these things alarmed, I think, 3,000 times a month.

“Now that’s bad because you have to investigate every single one, because a few in there are real and there are an awful lot that are not,” Pritchett said

“There are organizations that manage the networks for larger numbers of clients, whether the government or private enterprise. And they manage the intrusion detection, and they may have 3,000 of these devices out there.

“That means investigating 3,000 alarms on 3,000 machines every year. You don’t need me to tell you the difficulties in dealing with that data.”

Pritchett said companies face another worrisome trend in the kind of attack where a hacker gets into a company’s network, not necessarily to do any damage to that network but to use it as a jumping-off point to launch a more serious attack on other networks.

From there, the networks that are attacked as a result of a launch from another network may end up suing the unknowing originating network for damages.

“Now, the liability shifts from losing a few of your own assets, losing some of your information or sort of having your Web site defaced,” Pritchett said, “to suits from other Web sites because your network was used and because you weren’t protected.”

With ITM’s Collective Intelligence, every end-user’s network is continuously monitored for Internet attacks, and ITM’s centralized system analyzes the activity on every network in real time.

If one network is attacked in a new way and an appropriate defense is determined, ITM’s central analysis system immediately applies the identification and defense of this threat to every other end user.

Therefore, Pritchett explained, every company using ITM’s technology solution is protected against future attacks of that kind.

He said ITM’s solution is also efficient as it significantly reduces the number of false alerts, allowing each engineer to monitor the Internet networks of more companies than other available technology.

“Our technology has been designed to enable organizations that manage multiple networks on behalf of other clients in a way that does not inundate them with data,” he said.

“It is a layer of intelligence over and above intrusion detection and vulnerability assessment; by combining those two functions and adding an over-layer of intelligence, I can reduce the number of alarms significantly so people can manage their business more effectively. It is almost like a collective brain,” Pritchett said.

By creating the software and then allowing clients to sell it under a different label, ITM enables clients to focus on other important areas of business, including customer relationships.

“If you are in an organization with multiple clients,” Pritchett explained, “your crown jewels are the relationships you have with those customers, and we didn’t really want to get in the way of that relationship.

“So we enable organizations to brand the service under their own brands in a way that really strengthens their relationship with their customers,” he added.

In this type of structure there is also a revenue-sharing benefit for each client, Pritchett said. He believes that in the marketplace there is a general feeling between companies that each one needs to pay attention to Internet security.

“What you have is a pent-up demand between the customers and their preferred service provider for Internet security,” said Pritchett. “We enable organizations to take advantage of that whether or not they have the capability.”

Recent Articles by Katy Rent

Editor's Picks

Comments powered by Disqus