Waldman said much of the company’s recent growth has been fueled by a federal security directive that last year began to require businesses working with the federal government to protect their cyber data, or have a detailed plan for doing so.
The directive is called “NIST 800-171” — or sometimes just “rule 171” — and it controlled whether companies from defense engineering firms to janitorial outfits can do business with the federal government.
MORE: PHOTOS: Check out this luxury home in Washington Twp.
Nearly 500 area companies were expected to comply, said Philip Raterman, director of the University of Dayton Research Institute’s Fastlane division, told this news outlet in May 2017.
“That got us quite a bit,” Waldman said in a recent interview. “We ended up getting quite a bit of business nationwide from that.”
He estimated that his company worked with 30 aerospace companies in the space of just six months.
MORE: New polls show Sherrod Brown is up big over Republican opponent Renacci
“We started the push in the summer, with the (Dayton Daily News) article, and I think the majority of the people waited until the last second,” the CEO said. “Probably from October to December was just all on — that’s pretty much all we were doing, aerospace (customer) processing.”
Protecting data
Secure Cyber Defense helps customers identify security threats, fix them — and then monitor those threats long-term. Today, the business monitors 58 companies nationwide and in Canada.
The Miamisburg firm has six employees, and works with two outside contractors.
Waldman declined to give precise revenue numbers, other than to say annual revenue is seven figures.
But his co-founder and Chief Operating Officer William Kelly said that from the company’s first to second year, revenue doubled. It doubled again in the company’s second year, while revenue went up 40 percent in the third year.
MORE: PHOTOS: Take a tour of the local factory that makes a billion SlimJims each year.
The need to protect one’s data — and the data of one’s customers — is no less an imperative today. Any business working the Pentagon has to comply with some 110 “controls” or directives in the realm of cyber-security.
“Regardless of (a company’s) size, and no matter what they are doing, if they had a contract with the DoD (Department of Defense), they had to comply with that directive,” Waldman said.
The rules are even more important today, he said.
The early push to comply concerned mostly companies with existing DoD contracts. Today, new contracts are being awarded, and those new companies also have to meet requirements.
Said Waldman, “So it’s never going to end.”
Hacking headaches
The hacking headlines have only intensified. “Cyber-criminals” stole into Equifax, a large credit bureau, last summer, stealing the personal data of 145 million people. Last year, Yahoo said all of its 3 billion accounts had been hacked in 2013.
Hacking intrusions were also reported last year by Uber, the U.S. Department of Education, the National Security Agency and many others.
The threats that we don’t know about remain the most dangerous. Intellectual espionage and theft of designs aren’t going away, Waldman said.
But as the “Internet of things” and “smart” vehicle designs expand, so will the threats, Waldman said.
“If you look at the manufacturing industry now, just within the last couple of weeks, BMW cars had a serious security vulnerability,” he said. “You had to bring in your BMW to get a patch” on vehicle computers.
Secure Cyber Defense focuses on businesses serving the DoD or working in the financial arena and manufacturing.
In time, the automotive industry will also have to comply with federal cyber-security regulations, Waldman predicted.
About the Author