Sponsored by Monday Properties and written by ARLnow, Startup Monday is a weekly column that profiles Arlington-based startups, founders, and other local technology news. Monday Properties is proudly featuring 1812 N. Moore Street in Rosslyn.
Hacks of infrastructure are on the rise, according to Ballston-based cyber security company Fend, which says the newly passed infrastructure bill with “unprecedented” cybersecurity spending couldn’t come at a better time.
Within the last year, criminals have realized that the business of holding billion-dollar infrastructure systems for ransom is a lucrative one, says Fend’s CEO and Founder Colin Dunn. Companies and government agencies work together to rustle up the ransom sum and put a halt to the chaos these attacks cause, such as the long lines at the pump after the Colonial Pipeline hack.
“They’re out for the money,” Dunn said. “It wasn’t until this year that they realized, ‘Oh, you can hold a pipeline company for ransom and everyone’s going to be really angry.’ I think we’re going to see more of it. Attackers are seeing how weakly defended these major major assets are.”
The $1 trillion infrastructure bill, signed into law last week, includes nearly $2 billion for cybersecurity. About $1 billion will go to state, local, tribal and territorial governments to modernize their systems to deter cyber attacks; $100 million will support a cyber response and recovery fund accessible to private-sector owners of critical infrastructure; and $21 million will go toward staffing the Office of the National Cyber Director, according to a U.S. Senate press release.
Dunn is encouraged by the allocation, as well as similar allocations in the American Rescue Plan Act.
“This is really unprecedented,” Dunn said. “I think the administration has seen these attacks, like the one on Colonial Pipeline… and they’re taking it really seriously, knowing that’s a threat that our enemies and criminals can hold over us — hold billion-dollar assets for ransom.”
Having the conversation now — when new infrastructure is set to be built — means that cybersecurity can be embedded from the beginning, rather than retroactively applied after an attack, he says.
“So much of the infrastructure that we are seeing fall under attack… we’ve had to apply cybersecurity way after these facilities were brought online. Now we’re talking about doing that up front,” he said. “Baking that early in the conversation is a big step forward and will be good for our security overall.”
The bill could be a boon for Arlington, which is home not to numerous cybersecurity companies, but also to “big players in energy,” he says. It emphasizes cybersecurity workforce development, which could be good news for a state and region focused on creating a pipeline of tech workers.
“There’s pretty much zero unemployment in cybersecurity, and expanding that nationwide is going to be really important, and here, where it’s a stronghold,” he said.
The bill does include a preference for U.S.-made goods and services, such as Fend’s cybersecurity products, which Dunn says will be helpful for supporting American businesses rather than the great deal of overseas competition.
He said he hopes the spending helps protect the U.S.’s growing renewable energy facilities, such as the solar farms that Fend secures. Securing renewable energy has long been one of Dunn’s priorities.
“If we lose our renewables, we’ll go back to burning more fossil fuels,” he said.
In this new world of infrastructure hacks, Fend has gained traction and business, Dunn says.
Most recently, Fend — located at 4600 Fairfax Drive in Ballston — announced a partnership with Federal Resources Corporation, allowing Fend’s products to be sold to more government agencies, such as the Department of Defense. That’s fitting, he says, because government funding helped Fend get started.
“Between them and NASA, there’s lots of funding flowing, which helps make the product readily accessible,” he said.
Earlier this year, Fend completed some additional fundraising and attained its third patent, he added.