“One of my clients was a large government agency and I got a notice in the mail that said ‘Sai, unfortunately, your data has been stolen, including your fingerprints.’ And that was just shocking for me because fingerprints are just so personal,” he said.
“Next Level Cyber Security” was a best seller and caught the eye of notables like Department of Homeland Security Secretary Tom Ridge who now sits on CyberCatch’s advisory board, part of a team Huda has been putting together that includes cyber experts like Andy Kim and former Navy CIO Marv Langston.
Huda said CyberCatch is currently ramping up its staff and expects to grow to around 100 employees soon.
“San Diego is a good market for many reasons. One is there is good talent here from the military, from the business community, great educational institutions here that have really good graduates,” Huda added. “So, as we grow our business, we’re going to get a lot of that talent right here.”
San Diego is not only a good market for talent, but also for clients, as the sixth largest city in U.S. and home to a large defense sector with over 6,000 SMB defense companies in San Diego County. Over the last two years, CyberCatch has taken on 250 such businesses as it developed its platforms and perfected its tools.
One such company is Pacific Science & Engineering, a Sorrento Valley-based company that develops control systems for things like power grids, underwater unmanned devices and tactical aspects of meteorology for the military. The company signed with CyberCatch two years ago while searching for a security firm to get certified.
“As a CEO, I care about both. However, certification is useless without real security. The piece of paper is not going to absolve me of the consequences of a cyber-attack,” he said. “CyberCatch gives you both, with a focus on measures that improve real security.”
Pacific Science & Engineering is the ideal company for CyberCatch’s business model: only 55 employees, but in charge of the sensitive materials of its clients, which is about 20% commercial and 80% government contracts.
“It’s a prime hunting area, for the Chinese in particular,” Tait said. “A lot of what we do is stuff they’ve identified in their 2025 and 2035 IP acquisition plans, so we know we’re a target.”
Part of CyberCatch’s “coming out of stealth mode” is the release of its first Small and Medium-Sized Businesses Vulnerabilities Report (SMBVR) -- a detailed look at cyber threats to SMBs.
The report includes results from a random sample of 21,850 businesses tested with CyberCatch’s proprietary CyberXRay scanning tool for three types of cyber-attack vulnerabilities in the U.S. and Canada.
The vulnerabilities were rated across a wide variety of business sectors.
According to Lisa Easterly, CEO of San Diego Cyber Center of Excellence, “cybersecurity is now everyone’s business” and SMBs are increasingly the targets of attacks.
“The COVID-19 pandemic and surge in remote work is putting more companies at risk of costly cyberattacks and data breaches -- to the tune of $3.83 million as the global average cost of a breach,” she said, citing a Ponemon Institute study. “The FBI has reported that cybercrime is up 300% during the pandemic, with nearly a third of data breaches in 2020 involving small businesses.”
Small businesses, already impacted by the pandemic, also lack internal resources to “ensure end-to-end security and employee training leaving them vulnerable to costly breaches and potential business loss in the current economic climate,” Easterly added.
“What’s unique [about CyberCatch] is we’re zeroing in on the root cause of the cyber security problem, and in our judgement the root cause is security holes,” Huda said.
CyberCatch addresses security holes with both outside monitoring using its scanning tool and also monitoring inside controls such as open entry to servers, easy passwords or weak authentication, or employees who are not trained to avoid phishing attacks.
“Those are three ways we test because those are the ways an attacker will get in. They’re going to get in from the outside, they’re going to get in from an employee, or they’re getting in from a supplier inside,” Huda said.
CyberCatch offers these services at monthly rates based on size of the company, ranging from $250 a month for 1-50 employees to $1,000 a month for 251-499 employees.
Although the focus of CyberCatch is SMBs, Huda is not ruling out larger businesses in the future. “I can easily see other larger businesses coming on board because what we have developed is very unique and very effective,” he said.
Business: Cyber security firm specializing in small- and medium-size businesses
CEO: Sai Huda
Headquarters: San Diego
Notable: The first U.S. Department of Homeland Security Secretary Tom Ridge serves on CyberCatch’s advisory board.