KITCHENER — A new cybersecurity company hit the ground running after Vancouver-based Uniserve Communications bought some of the assets of RootCellar Technologies.
The $2-million sale did not include the software platform and related hardware for cybersecurity, which was spun into a separate company called RootSecure Corp. It is now operating out of offices on Victoria Street North with 15 employees.
About four years ago they developed software that tests employees regularly, and constantly monitors a network for vulnerabilities and weaknesses waiting to be exploited by hackers.
"That area of the business ballooned, and added quite a nice line item to the business, year-over-year growth and it just took on a life of its own," said Ian Hassard, RootSecure's vice-president of product and marketing.
There are several cybersecurity firms operating in the region, but unlike many of its competitors, RootSecure focuses on products and not services. The products are easy to use, and can be mastered quickly by the IT departments in small- and medium-sized businesses with 500 to 1,000 employees.
When RootSecure's technology is deployed in a network, it quickly uploads all the information about weak points and vulnerabilities to a dashboard. IT managers can tell at a glance what needs to be done.
Traditionally, those blind spots have been hard to manage, said Hassard.
The now infamous hack of Target's database is a great example. Hackers got in by exploiting a sensor in an air conditioner that was connected to the internet. So the Internet of Things has made networks more vulnerable, he said.
"When you start looking at security cameras or grey-market storage devices, just devices that people think are benign in their network, and are just serving a business function, they don't realize they are connected," said Hassard.
RootSecure has three products that test the cyber defences of networks, systems and individual employees.
The first is a sensor that is deployed in a customer's network and constantly scans the network for problems and weaknesses.
"It starts scanning and sends the information up to our dashboard, which is hosted with Amazon," said Hassard. "And that dashboard gives you a more actionable look at all the different things we are detecting in the network.
"It also has a software product called Scout that assesses risks based on where a computer is taken, what public networks it uses and the security of connections between browers and web servers.
"The third piece is called Echo, and that is our social engineering platform," said Hassard. "That is basically a simulation for things like phishing, so we actually evaluate people as well."
Employees are the weakest link in any cybersecurity chain. So Echo constantly tests the employees. If they fail a test, they have to take more training.RootSecure expects to double the number of employees to 30 during the next year.
"We are focusing most of our efforts on building new intellectual property in software," said Hassard. "So most of those heads will be software developers, and sales and marketing support as well.