Notes on a window, a common sight in break rooms at Geekdom's former headquarters downtown. Photo by Lily Casura.
Notes on a window, a common sight in break rooms at Geekdom's former headquarters downtown. Photo by Lily Casura.

High up on the 11th floor of the Weston Centre this past weekend, enthusiastic, savvy cyber entrepreneurs honed their business models and pitches, while industry insiders mentored and molded their concepts toward more scalable futures.

Geekdom‘s 11th floor residents have recently moved to new quarters a block away in the Rand building, but the floor still serves as home base for the 3 Day Startup (3DS) weekend.

The Geekdom sign, on the wall on the 11th floor at the Weston Centre. It has since moved its offices to the Rand Building, a block away. Photo by Lily Casura.
The Geekdom sign, on the wall on the 11th floor of the Weston Centre. Photo by Lily Casura.

Information flowed fast and furiously throughout the weekend on the perils and opportunities of cybersecurity in today’s business climate, and the program was not without its humor – albeit of a technical sort.

“Of course he knows his subject,” one entrepreneur joked warmly about his business partner at the end of their pitch, “He’s getting his Ph.D. in cloud computing, for God’s sake!”

The three-day startup concept was launched in Austin, originally at the University of Texas at Austin in 2008. In the intervening years, it’s become a popular event at universities world-wide, where “100 programs on five continents have launched 54 companies, raising $18 million in funding,” according to the nonprofit’s website. Additionally, 27 participant companies from 3DS have been accepted to business accelerators.

This particular event was organized by the original 3DS, headquartered in Austin.

3DS San Antonio is a different set of events run by VentureLab, a local entrepreneurship academy.

Geekdom hosted an Austin-based 3DS last month on green business ideas, and will hold another one in a few weeks on music and fashion. This one, however, was focused directly on cyberbusiness – the business of preventing and responding to data vulnerability online, in the cloud, and in networked systems.

Audience members became privy to the prevalence and virulence of cyberthreats after only a few moments into the final pitches Sunday night. By the end of the evening, all were aware of what a thriving industry addressing these threats has become. As someone who has written about cybersecurity before and worked as a systems administrator in an Ivy League law school years ago, the biggest pieces of new information I walked away with are 1) the existence of what’s known as an “advanced persistent threat” or APT and 2) how the business of cyber risk management, so to speak, is evolving from prevention – recognized as almost impossible to do, against increasingly sophisticated cyberattacks – to quick recovery.

The infamous data breach that retail giant Target suffered at the end of 2013 is an example of an APT that succeeded; in fact, it’s the largest such breach in history. The network intrusions and data pilferage apparently went on for weeks, as cybercriminals broke into the system using malware and multiple intrusion points, camping out in the system undetected while they siphoned off data wholesale. Ultimately, it’s estimated that the private information of 110 million customers was affected, and the costs ran to close to $1 billion – though that estimate isn’t stable yet.

“Prevention is impossible,” said Angelo Vescio, one 3DS participant who is already active in the cybersecurity industry locally from the private investigation perspective. “That’s why response is crucial.”

Angelo Vescio, founder of Dark Particle Labs and moderator of the San Antonio Hackers Association, presents his project, Mercury, during 3DS' cybersecurity program. Photo by Lily Casura.
Angelo Vescio, founder of Dark Particle Labs and moderator of the San Antonio Hackers Association, presents his project, Mercury, during 3DS’ cybersecurity program May 25, 2014. Photo by Lily Casura.

Vescio is the founder of Dark Particle Labs, and moderator of the San Antonio Hackers Association.

“The very bad guys want to make a big mess,” he added.

Vescio was one of the only presenters – of the final group of six – who seemed to have his proof of concept already in play. For Sunday night’s presentation he changed the name of his free, online application from the generic “Fred” to a more enticing “Mercury” – a nod to the 70s British rock band, Queen.  The main feedback he got from audience members was that several large organizations were already using his application, and had modified it further for their use.

This fits well with the overall 3DS model where “ideas with scalable business models are strongly preferred,” as their website notes.

The 3DS website claims that each program generates, on average, “more than one successful startup … participants pick the best ideas for startups” during the first day’s brainstorming session, and “deliver prototypes and investor pitches on the final night.”

The goal at weekend’s end is not necessarily a revenue-generating company, 3DS says, but a “team with an idea that has enough momentum to become a real company.”

This momentum fits in well with Geekdom’s model. Participants were encouraged to join the collaborative to continue networking with like-minded entrepreneurs, venture capitalists and business mentors of many kinds.

To date, San Antonio’s Geekdom boasts 800 members, with 30 companies that have accelerated to further stages of success. The previous term “incubator” seems to have been replaced with business “accelerator.”

“It’s good news that you no longer need a rich uncle to start a company,” said Geekdom’s Director, Lorenzo Gomez III, at program’s end.

A group of presenters and mentors chat after the pitches ended. Geekdom's former headquarters. Photo by Lily Casura.
A group of presenters and mentors chat after the pitches concluded for the 3DS cybersecurity program May 25, 2014. Photo by Lily Casura.

One of the program’s mentors last weekend, Dane Stuckey, director of Cyber Operations at root9B, is a successful alumnus from an early tech-oriented 3DS. His deft questioning of panelists’ business models and modus operandi came straight from the real world of cybersecurity, and he was joined by fellow industry notables, including Farhan Patwa, associate director and chief architect at the Institute for Cyber Security at UTSA; Winslow Swart, “chief inspiration officer” at Winslow Consulting; Jóseph Mlodzìanowskì, malware and botnet researcher; and Cam Houser, CEO at 3 Day Startup.

The following six groups presented during the final program Sunday night. Almost every participant works currently in cybersecurity, or is pursuing studies in computer science, often at the graduate level. Several had a background in cybersecurity for the government or military. It made for a generally exciting mix of practical, knowledge-based pitches for applications useful in the industry. Questions from the audience, including cyberbusiness insiders, helped identify fine-tune mechanics of both models and presentations, depending.

ORC

ORC billed itself as a “cloud orchestrator,” or “the one tool to manage all your cloud interactions,” given that businesses have their data in multiple proprietary clouds, that don’t necessarily “talk” to one another. The presenters were Eray Yilmaz, product manager at Rackspace, and Joy Rahman, a Ph.D. student at UTSA in computer science. (Yilmaz was the source of the joke about cloud computing previously mention – which was met with much laughter from the audience.

MEMSCe

MEMSCe’s focused was advanced computing forensics. “Attackers are getting smarter,” they noted, so they look for while the focus for catching culprits has traditionally been on the hard drive, they concentrate on active memory instead. “We don’t want to find the root cause,” said MEMSCe’s representative, “because we aren’t catching attackers fast enough.” Their plan was to sift through active memory and look for signature tell-tale signs of trouble during commission of an Active Persistent Threat. Team members were Michael Stuber, Mohammad Islam, and Mejbah ul Alam.

MEMSCe’s presentation also occasioned the best joke from the audience. One member commented after the panel’s presentation that he had just come from working for the Department of Defense, a potential customer for an a software tool like MEMSCe, and that he needed to bring expectations about high-powered government computers back to reality. “The typical (Department of Defense) computer is a seven-year-old Dell that has trouble opening a music player without slowing down,” he remarked, to general laughter throughout the room.

Scalar Security

Scalar Security had arguably the most polished PowerPoint of the night, complete with contact information in every footer. No surprise there since their chief presenter was Charles Leonard, an MBA student at the University of Texas at Austin. Leonard was candid enough to admit to having a run a company that was hacked. His co-presenter was Mary Ellen Hardee, who told me afterwards over sushi in the break room, that if I didn’t know yet about “OpenStack” (I didn’t), I was missing out. Hardee taught the first course in OpenStack software in the world, here in San Antonio.

Scalar Security positioned itself as a risk-management tool for cyberthreats, and its focus appeared to be a multi-part network security review that could benefit business owners and managers.

An example of a Scalar Security evaluation report. Photo by Lily Casura.
An example of a Scalar Security evaluation report. Photo by Lily Casura.

Its target markets are medical, brokerage houses, professional service providers, any place where there’s a “disparity between the sensitivity of the data and the sophistication of the user,” said Leonard. Part of Scalar’s presentation focused on the amount of liability for cyber breaches, which according to Leonard’s figures are possibly as high as $250 million in Texas alone; and almost $4 billion in the United States.

Mercury 

Mercury, discussed previously, also formerly known as Fred, is one of the few if not the only model presented that has some real-world presence at the moment. Angelo Vescio was the team lead, and his team members included Brandon Beidel, Jonathan Robinson, and Natalie Attaya. The focus of Mercury was lessening incident response times after an APT, and Vescio seemed to have a working model of the application that he and others had been modifying over time. Vescio also works under a private investigator’s license, and has presented expert witness reports in legal cases where data vulnerability and cybercrime was at issue. Mentors and audience members gave Vescio props for having his product already operational.

Cybershare 

Cybershare was the team most heavily stacked with academic credentials: Every member of the five-member team is a current Ph.D. student at UTSA: Amy Zhang, Juan Portillo, Jiwan Ninglekhu, Prosunjit Biswas, and Tahmina Ahmed. Cybershare’s intention is to “share cyber information to build a community against a cyber attack.” The implication seemed to be that Cybershare would hold no identifiable customer data, but find a way to bridge connections between customers of the service to share what common risks were.

(Vescio alluded to this earlier in his presentation, when he mentioned that cyber attacks increasingly happen against a tier of users, not a solo site.) Cybershare presented rationale for their approach with some key statistics: “57 percent of respondents” in a recent survey of business customers expected to have a security breach within the next year,” yet “only 20 percent of respondents regularly communicate with management about threats.” Given the size of the Target security breach last fall, which Cybershare estimated to be $1 billion, there’s obviously great cost to not managing risk appropriately.

ProtoShield 

ProtoShield's three-man team assembles in a Geekdom office space. Photo by Lily Casura.
ProtoShield’s three-man team assembles in a Geekdom office space. Photo by Lily Casura.

ProtoShield was a good group to follow Cybershare, because the expanded on some of the same concepts, adding more statistics. According to their material, “More than 990 million websites are online today,” but “87 percent are vulnerable to attack,” with “more than 400 new vulnerabilities” discovered every month. The cybersecurity market is projected to be $156 billion by 2019, with more than 141,000 web developers in the United States today, growing at roughly 20 percent a year.

Team members were Jon Miller, an Air Force cyber operator; Graham Leslie, a software engineer; and Stephen Cram, a business accelerator associate. Although tools for scanning systems to identify vulnerabilities exist, apparently they don’t work well together or they each have some shortcomings that need addressing. ProtoShield described its model as a “vulnerability toolbox for developers,” integrating the top vulnerability scanners to identify problems, and tutorials that show users how to fix what they identify. They joked that they built their program for “system administrators, developers, network defenders and … ninjas.”

Related Stories:

FWD.us Hosts Panel to Discuss Mexican Tech Opportunity in San Antonio

How San Antonio Can Compete for Cyberbusiness

VYSK Is Here in ‘Military City USA’ and It’s Hiring

UTSA Doubles Down on Cloud Computing with the Cloud and Big Data Laboratory

Lily Casura, MSW, is the Director of Equity and Impact at YWCA San Antonio. An independent researcher as well as a current graduate student in applied demography at UTSA, she co-authored the "Status of...