Editor’s Note: Sponsored by Monday Properties and written by ARLnow.com, Startup Monday is a weekly column that profiles Arlington-based startups and their founders, plus other local technology happenings. The Ground Floor, Monday’s office space for young companies in Rosslyn, is now open. The Metro-accessible space features a 5,000-square-foot common area that includes a kitchen, lounge area, collaborative meeting spaces, and a stage for formal presentations.

DivvyCloud, an Arlington startup specializing in cloud-based cybersecurity, is planning to more than double in size with a move into a new much larger new headquarters in Courthouse.

It’s is far from the only cybersecurity company working in Arlington, but DivvyCloud carved out a niche as a cloud-focused security option that not only fixes gaps in security coverage but makes it easier for a company to see where its security is weakest.

Today (Monday) the company moved into a new 13,000 square foot office at 2111 Wilson Blvd, an office over six-times larger than its old 2,000 square foot office in Rosslyn. In a press release, CEO and co-founder Brian Johnson said the office expansion is a result of adding new employees, with more expected down the road.

“[Since 2018] the company has grown from 20 to 55 local employees — an increase of 175 percent — and plans to reach at least 120 employees within the next year,” Johnson said.

The company has netted some sizable investments over the last year, along with new contracts with customers from Pizza Hut to Fannie Mae. In an email to ARLnow, Johnson said the expansion is justified by an increasing need in cloud-based coverage — particularly in light of recent major data breaches.

“In our recent report, we found that 77% percent of respondents reported having two or more clouds, yet less than half of respondents were able to accurately identify the risk of misconfiguration in public cloud as higher than the risk in traditional IT environments,” Johnson said. “Countless major data breaches, including Honda and Capital One, have been caused by misconfigurations just in 2019 alone. As a result, more and more companies are realizing the need for an effective solution to prevent misconfigurations and properly secure cloud and container infrastructure.”

This article was written by Sindy Yeh, Senior Business Ambassador for Arlington Economic Development.

In the past few months, we’ve noticed a trend among Arlington’s security technology companies.

Several innovative, fast-growing Arlington companies in the cybersecurity, artificial intelligence and data analytics fields are being acquired by larger companies. In March, BluVector, a network security company applying artificial intelligence to detect cyber threats, became part of Comcast.

In the same month, Deep Learning Analytics, a data analytics company and winner of Arlington’s Fast Four competition three years in a row, was acquired by General Dynamics Mission Systems.

In May, eGlobalTech, a cybersecurity consulting and cloud security company, was acquired by Tetra Tech. In June, the pattern continued as Distil Networks, a leader in bot traffic detection and mitigation, became Imperva. And finally, Endgame, an endpoint security protection company, entered into an agreement with Elastic N.V., a data management firm from the Netherlands.

It comes as no surprise that so many of Arlington’s top cybersecurity firms were targeted for acquisition. These Arlington firms have developed niche products and services that are utilized by both government and commercial customers. Many of these companies are globally recognized leaders in their respective sectors.

By acquiring these firms, it allows the larger companies to further enhance their existing platforms by offering even more comprehensive and specialized solutions to their clients.

They also absorb the companies’ existing customers, often including government agencies whose mission it is to defend the nation from cyber threats, like the Department of Homeland Security and the Department of Defense.

Arlington is home to about 200 cybersecurity companies employing more than 5,000 people. These cyber-based acquisitions will most likely continue as more of Arlington’s cyber companies develop specialized products and solutions targeting industry needs.

It is a testament to Arlington that so many technology companies have not only chosen to locate in Arlington but have thrived and developed a rich ecosystem of innovative companies leveraging federal funding to create and develop new products and services with applications in the private sector.

(Updated at 5:20 p.m.) Arlington County has revealed a cyber attack that penetrated the county’s payroll system.

In a statement, the county says a number of employees were impacted by the intrusion, but did not specify the exact number or impacts. The intrusion appears to be the result of a “phishing” email targeting county employees and not a hack, the press release suggests.

Police are investigating.

Arlington’s cybersecurity division previously told ARLnow that it was staffing up and training county employees in light of the growing number of cyber attacks. The county budgeted $60,000 for the department to teach county employees how to avoid phishing emails, among other security best practices.

The full press release is below.

Arlington County Government recently discovered the existence of an intrusion into the Arlington County payroll system. This intrusion was limited in both the time of the compromise and the number of the employees who were impacted. No resident data was compromised during the intrusion.

All of the impacted employees have been identified, advised of the situation and steps are being taken to ensure the security of their personal data. Based on a joint review by the Arlington County Department of Technology Services and the Arlington County Police Department, the consensus belief is that the intrusion was likely the result of individual employees being targeted through a phishing email.

Since discovery of the intrusion, Arlington County has implemented enhanced cyber security features to safeguard email and other critical computing systems. As part of our education and crime prevention efforts, Arlington County is sharing cyber safety tips and reminding employees and the public not to open any emails from individuals they are unfamiliar with and to not click on links contained with any emails without first verifying their content.

The intrusion is currently being investigated by the Arlington County Police Department. Any information related to this ongoing investigation can be provided to Detective John Bamford of the Department’s Homeland Security Section at [email protected] Information may also be provided anonymously through the Arlington County Crime Solvers hotline at 866.411.TIPS (8477).

Sponsored by Monday Properties and written by ARLnow.com, Startup Monday is a weekly column that profiles Arlington-based startups and their founders, plus other local technology happenings. The Ground Floor, Monday’s office space for young companies in Rosslyn, is now open. The Metro-accessible space features a 5,000-square-foot common area that includes a kitchen, lounge area, collaborative meeting spaces, and a stage for formal presentations.

Fueled by a recent investment, Courthouse-based startup DivvyCloud unveiled a new suite of features to help identify potential cybersecurity weak spots at a glance

The most high profile of the new features is a new “heat map” scorecard to help companies visualize where their cybersecurity defenses are strongest and where they are most vulnerable.

According to a blog post:

This new feature delivers a visual representation of risk aligned with regulatory standards, industry standards, or your own corporate standards; through an interactive heat map.

With fast paced changes in infrastructure, and the need to have flexibility for deployments into cloud platforms, it has become increasingly challenging to remaining compliant to industry standards. DivvyCloud’s Compliance Scorecard helps you audit compliance and identify risks in your cloud environment in a simple, transparent way.

The accounts are listed on the y-axis, while insights — specific behaviors, conditions or characteristics of cybersecurity — are listed along the x-axis. Accounts with less than 85 percent compliance to security standards are listed in red.

In the sample scorecard above, “Bob” has stale Application Program Interface credentials — coding that allows communication between two applications — meaning Bob has access to a program but his credentials to do so may be out of date.

The feature is designed to assist teams, like auditors or security management, in identifying areas where there are potential gaps in cybersecurity coverage. The scorecard can also recommend guidance for potential problems and direct the viewer to the relevant resources.

Other improvements include a new threat detection system that utilizes machine learning and anomaly detection technologies. DivvyCloud listed cryptocurrency mining, credential compromise behavior, and calls from known malicious IPs as potential threats the technology helps to identify.

DivvyCloud recently announced that it had achieved $19 million in funding in a recent growth round, bringing the total capital raised to $29 million.

Sponsored by Monday Properties and written by ARLnow.com, Startup Monday is a weekly column that profiles Arlington-based startups and their founders, plus other local technology happenings. The Ground Floor, Monday’s office space for young companies in Rosslyn, is now open. The Metro-accessible space features a 5,000-square-foot common area that includes a kitchen, lounge area, collaborative meeting spaces, and a stage for formal presentations.

Updated 3:35 p.m. — Ballston-based ThreatConnect — a cybersecurity company helping other companies fend off hackers — is planning to ramp up its operations thanks to an investment from Providence Strategic Growth (PSG).

ThreatConnect specializes in cybersecurity “intelligence,” where the information on incoming threats is collected across member organizations and spread across the network, so information gained from an attack on one company can be used to defend the others.

The company started in Shirlington but has since moved to its current headquarters in Ballston. But while ThreatConnect’s location may have changed, CEO and Co-Founder Adam Vincent said its core strategy has not.

“We have had the same vision since we released the first version of the ThreatConnect Platform in 2013,” Vincent said in an email. “We were a step ahead of the market then, and I feel we are still in front of the market today. Our vision is, and was, to improve decision-making in cyber — giving the business the ability to make smarter, faster decisions and act on them quickly — all without adding additional personnel.”

Even though the mission hasn’t changed, the client base has expanded.

“While in the beginning, we were an obvious choice for large enterprises, we see more mid-size companies choosing ThreatConnect,” Vincent said. “We are seeing more verticals — for example, healthcare, utilities — in addition to all the financial and retail companies we have served for years. Given the current security climate, all organizations are realizing that a security program is not a ‘nice to have’ but a ‘need to have’ in order to grow their own business.”

The exact amount of the investment isn’t being disclosed — a common trend among recent investments — but Vincent said PSG is fully committed to the company’s strategic growth.

“We chose them as a strategic partner, not just another investor, because we know their support will be ongoing,” Vincent said. “PSG appreciates our value proposition — to change how businesses manage their security — which was a driver for them investing.”

After the investment, Vincent said ThreatConnect will begin accelerating its current strategy. In a blog post, the company said it will be making new investments in data sources to provide more information for operational and tactical decision making.

But as ThreatConnect grows, it has no plans to leave Arlington.

“We think Arlington is a great place to work, whether in cybersecurity or another vertical,” Vincent said. “It is close and very accessible to D.C., but not too close. And, though our business is worldwide, we choose to have our headquarters in Arlington. It’s our home. It seems like a great central location for most of the staff that comes into the office. The immediate area around the office has grown and changed a great deal in just the short time we have been here — and everyone appreciates the new food/drink options that have recently opened or are about to open.”

Sponsored by Monday Properties and written by ARLnow.com, Startup Monday is a weekly column that profiles Arlington-based startups and their founders, plus other local technology happenings. The Ground Floor, Monday’s office space for young companies in Rosslyn, is now open. The Metro-accessible space features a 5,000-square-foot common area that includes a kitchen, lounge area, collaborative meeting spaces, and a stage for formal presentations.

Three young, tech-focused startups in Arlington were among 41 projects across the state awarded $2.51 million in funding.

The Commonwealth Research Commercialization Fund (CRCF) awards, announced by Gov. Ralph Northam on June 6, included grant funding for Fend Incorporated — a Startup Monday frequent guest — NOVI LLC and SeeHear LLC.

The CRCF is run through the Center for Innovative Technology (CIT), a non-profit corporation funded in part through the state to promote technological development in Virginia.

Fend Incorporated adds a system with a physical beam-link used to transfer data in otherwise digital systems, making them less prone to hacking. The company was awarded $50,000.

NOVI LLC develops autonomous, intelligent satellites and was awarded $48,700.

SeeHear LLC is a corporation that commercializes earlier government research into web-based speech programs for adults with hearing loss. The company was awarded $50,000.

According to a spokesperson for CIT, proposals undergo a multi-stage review process, including assessments by subject matter experts and evaluation by the CIT Board of Directors.

“Virginia is recognized as one of the most innovative states in the nation, and we know that identifying and supporting Virginia innovators at critical early stages through state-funded programs like CRCF is key to maintaining and expanding our leadership role,” Northam said in a press release. “The Commonwealth will continue to deliver programs that facilitate bringing pioneering technologies and ideas to market and create a culture where entrepreneurs will thrive.”

Favola’s Consulting Questioned by Challenger — “Is two-term Sen. Barbara Favola (D-31) a rising star, poised to become chairwoman of a Senate committee if Democrats seize control of the Senate? Or is she an opportunist capitalizing on insider influence for personal gain? That’s a question for voters this June in a primary that pits Favola against challenger Nicole Merlene.” [Arlington Connection]

Video: CCTV Sewer Inspections — Arlington County uses cameras inserted into manholes to inspect its sanitary and storm sewers for cracks and other problems. [YouTube]

Another Arlington Cybersecurity Firm Acquired — “Arlington-based endpoint cybersecurity firm Endgame is being acquired by Netherlands-based search and data management firm Elastic N.V. for $234 million in stock and debt repayment, according to an announcement by the two companies.” [Washington Business Journal]

New Cybersecurity Firm Unveiled — “[Arlington-based] Kfivefour today emerged from stealth and announced the immediate availability of its full spectrum Red Team assessments, training and penetration testing services. Kfivefour is a private sector focused cybersecurity affiliate of Millennium Corporation, a defense contractor and cybersecurity company.” [PR Newswire]

Local Startup Founder Arrested — “[Former Arlington resident] Andrew Powers, the founder and CEO of communications technology firm CommuniClique Inc. — sometimes known as Clique API — has been arrested by the FBI, which has charged him with a felony for what it described as part of ‘a multimillion-dollar fraud scheme.'” [Washington Business Journal]

Sponsored by Monday Properties and written by ARLnow.com, Startup Monday is a weekly column that profiles Arlington-based startups and their founders, plus other local technology happenings. The Ground Floor, Monday’s office space for young companies in Rosslyn, is now open. The Metro-accessible space features a 5,000-square-foot common area that includes a kitchen, lounge area, collaborative meeting spaces, and a stage for formal presentations.

Tinkering with the virtual structure of a company can be hazardous, so instead, Ballston-based startup HyperQube will make a digital clone of a company and then subject it to every horrible cyberattack known to man.

It’s the Portrait of Dorian Gray for the digital age.

“Being able to rapidly clone entire infrastructure, including the networking, allows enterprises to test in ways that used to be too expensive,” Craig Stevenson, founder and CEO, told ARLnow. “Before HyperQube, probing an enterprise’s defenses was costly and dangerous, since you are probing real systems which can’t be taken offline. Now, you could spin up hundreds of exact copies of an enterprise’s defenses and probe them both risk-free and simultaneously, saving massive amounts of effort and eliminating the risk of taking a production system offline.”

HyperQube describes the virtual environment as “alternate realities” that allow users to test, play and break to their hearts’ desire.

The ability to clone digital structures isn’t new, but Stevenson said HyperQube allows the clones to be built and modified quickly.

Various products focus on different scales and targets, like Hyperskill — which uses the cloning method to allow instructors and students to tinker with real systems without potential consequences.

The startup launched in January 2018 after participating in the local cybersecurity accelerator Mach37.

HyperQube ran an event last year where they invited hackers to come participate in a digital competition where, once a platform was shut down, the hackers wrote out detailed explanations of their exploits and offered suggestions on how to fix them.

The company recently signed partnerships with the National Guard, Department of Homeland Security, Cisco and other groups. Stevenson said more partnerships were on their way soon, but couldn’t announce any further details. HyperQube also raised $500,000 in seed funding, which is going toward sales, development and new hires.

Stevenson said Arlington has been a great place to run a cyber startup.

“For us, being within 40 minutes of a customer in D.C. or our data center in Ashburn, makes Arlington ideal,” said Stevenson.

Photo via HyperQube

Arlington’s cybersecurity division is staffing up and training county employees in preparation for a growing wave of cyber attacks.

The Security, Privacy, Records and Regulatory Affairs division of the county’s Department of Technology Services reportedly blocked 90,000 virus and malware attacks last year, according to next year’s budget proposal.

The department said the number of attacks is expected to rise to 150,000 this year and continue to 200,000 by next year.

“The increase in viruses and malware blocked is due to increased detection efforts by additional security platforms… and an overall increase in security attacks,” the document read.

“We’re in a risk-reduction activity,” Richard Archambault, who helms the division, told ARLnow in a phone interview this week, “We’re not in a risk-elimination activity. We can’t prevent these things from happening. Someday everybody gets hacked.”

The department has asked for $60,000 to train all county employees in security best practices, especially how to avoid clicking on phishing emails which can introduce malware.

“The reason this cadence [of training] is so important is that these emails get more and more sophisticated every month,” Archambault said during a March presentation at the Metropolitan Washington Council of Governments.

“If we’re not constantly bringing people up to speed on where the threat actors are, we’re behind,” he added.

Archambault also added a new senior engineering role that junior staff can rise to: a bid to help with retention in an area hungry for cybersecurity professionals.

“One great part about working with a governmental entity is access to professional development across the region,” he said of Arlington’s location. “In most private sector companies, outsiders are competitors or customers. In government, there is a tremendous amount of cooperation and shared learning. This is fertile ground for growth as a cybersecurity practitioner.”

Local governments nationwide are also sharing lessons learned from a type of malware called “ransomware” that can hold data hostage until a “ransom” is paid, usually in bitcoin.

Ransomware attacks locked down Atlanta’s public computers, online bill payments, and airport wifi last year last year, and other hackers gained access to Dallas’ tornado sirens. All told, out of 2,216 security breaches found by a 2018 Verizon report, 304 affected public entities.

“Some of the basic things that they should have been doing to be prepared to recover were not done,” Archambault said of Atlanta. “In the most recent instance their backups were accessible to the hackers — so the hackers ransomed their primary data and their backups.”

Archambault said he was unable to share details about Arlington’s preparations for security reasons, and also said he was unable to comment on whether the county had ever been ransomed.

He did say the county purchases cybersecurity insurance.

After the attacks in Atlanta, Arlington’s then-chief information security officer David Jordan said “it’s going to be even more important that local governments look for the no-cost/low-cost, but start considering cybersecurity on the same level as public safety.”

“A smart local government will have fire, police and cybersecurity at the same level,” Jordan added.

Archambault told ARLnow that one of his “key priorities” since joining the office five months ago has been to create “an umbrella Privacy Policy for the County,” to “harmonize” the county’s many department’s policies with one another.

County spokeswoman Shannon Whalen McDaniel said Arlington is planning awareness events in October, which is National Cyber Security Awareness Month.

In the meantime, the division offered a few security tips for residents wanting to keep their own data safe from hackers:

• “Ensure your devices are setup to automatically install software updates and security patches. You may have bad memories of patches that were recalled or rolled back by various vendors. Those mistakes are far less frequent and the additional benefits of frequent patching now outweigh the drawbacks of the occasional bad patch.”
• “Don’t place your Wi-Fi router somewhere it can be seen easily from a window. Anyone peeking in might see your network name and password and then – they’re in. Change your Wi-Fi network password from time to time, but keep using strong passwords!”
• “Use a password locker application. We often tell people not to use the same username and password across different websites, but we don’t always do a good job telling people how to keep all the resulting username and password data organized (pro tip: not on paper and not on your desk!) There are great password locker applications that will automatically memorize your passwords and even autofill password forms on web pages.”

Photo via Flickr user Blogtrepreneur

Amazon.com is famous for what cybersecurity expert Frederic Lemieux calls its “known resilience” to cyberattack.

But there have been breeches recently, and we can expect the tech giant to become an even more inviting target in the future. “As Amazon is growing, it will have more of these risks,” says Lemieux, Ph.D., faculty director of Georgetown University’s master’s programs in Applied Intelligence and Cybersecurity Risk Management.

Here, in conversation with Assistant Dean Joshua Meredith, Lemieux also predicts that when Amazon builds a new headquarters in Crystal City, Va., it will suck up much of the region’s cybersecurity talent. And that will make it harder for the federal government and smaller business to compete for skilled workers.

It might seem odd that the consulting firm Accenture would open a second Arlington office in Rosslyn, just a 10-minute drive from its current location in Ballston and a brief Metro ride away from its office in D.C.

But company executives believe Arlington’s pool of talented tech workers is so deep that such a move makes perfect sense — and state leaders are hoping tech giants from Apple to Amazon are similarly swayed by the strength of the county’s workforce.

Gov. Ralph Northam (D) and Rep. Don Beyer (D-Va.) helped Accenture christen its new “cyber fusion center” inside the new CEB Tower at Central Place (1201 Wilson Blvd) today (Wednesday), hailing the company for its plans to create 1,000 high-paying tech jobs in the D.C. region by 2020.

Marty Rodgers, Accenture’s metro D.C. office managing director, says the firm ultimately plans to have 4,500 employees at its Arlington locations alone, and they’ll have plenty of company. As of last year, the Bureau of Labor Statistics estimates that more than 17,000 people in Arlington work in IT-focused jobs, and Rodgers adds that 185 cybersecurity startups in the area won outside funding in 2017.

Observers have speculated that those numbers are part of why Jeff Bezos and Tim Cook are eyeing Arlington so closely for expansion. Northam hopes they’re right.

“I’ve always been a big believer that if we bring talent to the area, talent will attract other talent,” Northam told reporters Wednesday. “We’ve made that pitch and we’re excited about that opportunity, and we’ve had those discussions with Amazon. But whether it’s Amazon or Apple or any other company, in order for them to grow or come here, we’ve got to be able to train our workforce.”

Northam credits his predecessor, ex-Gov. Terry McAuliffe, for putting a focus on tech training programs at both the higher education level and in K-12 schools. But it also helps that many of those workers have gained experience in the area’s bevy of federal government tech jobs, making them even more attractive to companies like Accenture that do plenty of business in D.C.

“This is where all the talent is,” Rodgers said. “You need people who have that combination of experiences, with for-profits, with nonprofits, with government.”

Rodgers noted that those sorts of employees will be particularly important at the company’s new Rosslyn center. It’s designed as not only a cybersecurity research hub, but also as a meeting space for Accenture to help its clients, from governments to massive corporations, investigate cyberattacks in real time.

Accenture executives demonstrated for the gathered elected officials and journalists how the company might educate an oil and gas company about how to prevent a phishing attack on a refinery. After hackers tried, and failed, to blow up a Saudi Arabian refinery by breaking in to a company’s networks via a fraudulent email, company officials warned that such a scenario isn’t terribly far-fetched.

Rodgers believes the center will even be innovative enough to help the D.C. region become the top global destination for cybersecurity companies.

“This region is fundamental to cybersecurity for the country and the world,” Rodgers said. “This is a mantle we hope this cybersecurity fusion center can claim here, as compared to Silicon Valley.”