San Diego Business Journal CyberCatch, a cybersecurity firm specializing in small to medium-sized businesses (SMBs), formed in 2019 and now after two years of finalizing products, building its team and signing up initial customers, CEO Sai Huda said the company is “coming out of stealth mode and letting the world know we’re here to protect them.”

photo

Sai Huda CEO CyberCatch

Huda, author of “Next Level Cyber Security,” was inspired to write the book and ultimately found CyberCatch after becoming a victim of a cyber-attack himself while leading Compliance Coach, a software firm he founded.


“One of my clients was a large government agency and I got a notice in the mail that said ‘Sai, unfortunately, your data has been stolen, including your fingerprints.’ And that was just shocking for me because fingerprints are just so personal,” he said.


“Next Level Cyber Security” was a best seller and caught the eye of notables like Department of Homeland Security Secretary Tom Ridge who now sits on CyberCatch’s advisory board, part of a team Huda has been putting together that includes cyber experts like Andy Kim and former Navy CIO Marv Langston.


Huda said CyberCatch is currently ramping up its staff and expects to grow to around 100 employees soon.


“San Diego is a good market for many reasons. One is there is good talent here from the military, from the business community, great educational institutions here that have really good graduates,” Huda added. “So, as we grow our business, we’re going to get a lot of that talent right here.”


Serving SMBs


San Diego is not only a good market for talent, but also for clients, as the sixth largest city in U.S. and home to a large defense sector with over 6,000 SMB defense companies in San Diego County. Over the last two years, CyberCatch has taken on 250 such businesses as it developed its platforms and perfected its tools.


One such company is Pacific Science & Engineering, a Sorrento Valley-based company that develops control systems for things like power grids, underwater unmanned devices and tactical aspects of meteorology for the military. The company signed with CyberCatch two years ago while searching for a security firm to get certified.


photo

Scott Tait CEO Pacific Science & Engineering

“We were one of their early, almost beta, customers,” said Pacific Science & Engineering CEO Scott Tait, adding that he chose CyberCatch because he found it offered “actual cyber security” and not just certification and compliance.


“As a CEO, I care about both. However, certification is useless without real security. The piece of paper is not going to absolve me of the consequences of a cyber-attack,” he said. “CyberCatch gives you both, with a focus on measures that improve real security.”


Pacific Science & Engineering is the ideal company for CyberCatch’s business model: only 55 employees, but in charge of the sensitive materials of its clients, which is about 20% commercial and 80% government contracts.


“It’s a prime hunting area, for the Chinese in particular,” Tait said. “A lot of what we do is stuff they’ve identified in their 2025 and 2035 IP acquisition plans, so we know we’re a target.”


Vulnerabilities Report


Part of CyberCatch’s “coming out of stealth mode” is the release of its first Small and Medium-Sized Businesses Vulnerabilities Report (SMBVR) -- a detailed look at cyber threats to SMBs.


The report includes results from a random sample of 21,850 businesses tested with CyberCatch’s proprietary CyberXRay scanning tool for three types of cyber-attack vulnerabilities in the U.S. and Canada.


The vulnerabilities were rated across a wide variety of business sectors.
 Accountants were found to be the most vulnerable business, with colleges, shipping and transportation, defense contractors and law firms rounding out top five.

According to Lisa Easterly, CEO of San Diego Cyber Center of Excellence, “cybersecurity is now everyone’s business” and SMBs are increasingly the targets of attacks.


“The COVID-19 pandemic and surge in remote work is putting more companies at risk of costly cyberattacks and data breaches -- to the tune of $3.83 million as the global average cost of a breach,” she said, citing a Ponemon Institute study. “The FBI has reported that cybercrime is up 300% during the pandemic, with nearly a third of data breaches in 2020 involving small businesses.”


Small businesses, already impacted by the pandemic, also lack internal resources to “ensure end-to-end security and employee training leaving them vulnerable to costly breaches and potential business loss in the current economic climate,” Easterly added.


Protecting Targets


“What’s unique [about CyberCatch] is we’re zeroing in on the root cause of the cyber security problem, and in our judgement the root cause is security holes,” Huda said.


CyberCatch addresses security holes with both outside monitoring using its scanning tool and also monitoring inside controls such as open entry to servers, easy passwords or weak authentication, or employees who are not trained to avoid phishing attacks.


“Those are three ways we test because those are the ways an attacker will get in. They’re going to get in from the outside, they’re going to get in from an employee, or they’re getting in from a supplier inside,” Huda said.


CyberCatch offers these services at monthly rates based on size of the company, ranging from $250 a month for 1-50 employees to $1,000 a month for 251-499 employees.


Although the focus of CyberCatch is SMBs, Huda is not ruling out larger businesses in the future. “I can easily see other larger businesses coming on board because what we have developed is very unique and very effective,” he said.


CyberCatch
Founded: 2019
Business: Cyber security firm specializing in small- and medium-size businesses
CEO: Sai Huda
Clients: 250
Headquarters: San Diego
Website: cybercatch.com
Notable: The first U.S. Department of Homeland Security Secretary Tom Ridge serves on CyberCatch’s advisory board.