Insights success The 10 Fastest Growing Security Solution Provider Companies november2016-min

The way of business solutions
THE
10
FASTEST GROWING
SECURITY
Solution Provider
Companies
Editor’s
Perspectives
Network Security
Threats & Solutions
www.insightssuccess.com
November 2016
Chalk Talk
Traits to
Possess the
Best Enterprise
Security
Features
Why Protecting
Your Business
from Cyber
Attacks is no
Longer Optional?
Jack Zahran
President
Pinkerton:
Perfect Partner for Risk Management
Since 1850
Assured
Motion For
Any Vehicle
David Bruemmer
Technology and Network
Convergence: Forging
a Path to Smart Grid, Smart
Cities and Internet of Things
Jeff Carkhuff
Business
Applications
for Virtual and
Mixed Reality
Adam Sheppard

Since 1984
www.fossil.com

Editorial
igitalization has become a new frontier of customer
Dexperience for enterprises, and customer information/data is
the most valuable asset of any company. There has been a
massive increase in the volume of data generated from both webs
and corporate operational systems in every enterprise. Cloud
Services are bringing new waves of productivity growth and
consumer surplus but also creating challenges related to data
security.
Conventional Security
Measures no Longer
Adequate in the
Era of Cloud
Usually, outsiders are restricted from getting access to Big Data
environments by conventional security at the borders of a private
network. But, with today’s advanced and sophisticated break-in
strategies, perimeter security is no longer adequate. Malware like
agent.btz and cryptolocker have proved the internet world that cyberattacks
now no longer originate solely out of geeks’ dormitories and,
as a result, organizations are now agreeing that defending their
businesses requires them to extend beyond their virtual perimeters.
However, with a motive to turn the tide, companies have started
outsourcing IT security to dedicate managed security service vendors
to help implement preventative measures. Utilizing tools and
hardening firewalls would not suffice, but companies have to take
steps beyond that.
A comprehensive security risk analysis is essential to identify the
risks to the network and apply an appropriate level of security
according to the risk levels. Risk assessment allows companies to
assess, determine and modify their overall security stance and to
enable security, operations, organizational management to
collaborate and view the entire organization from an attacker’s
perspective. This helps to maintain a practicable equilibrium
between security and required network access.
Security experts also believe that well-established corporations need
well-written security policies which assist in setting suitable
prospects regarding the use and administration of corporate IT
assets, set of rules established for employees and administrators and
requirements installed for system and management which together
ensures the security of an organization’s assets. After taking
necessary measures, companies should attempt to discover loopholes
in their network system and it's only possible with Network Security
Audits and Vulnerability assessments which can help keep
compliance programs on track.
Sugandha Sharma

Insights Success Media Tech LLC
555 Metro Place North, Suite 100,
Dublin, OH 43017, United States
Phone - (614)-602-1754
Email: info@insightssuccess.com
For Subscription: Visit www.insightssuccess.com
Editor-in-Chief Pooja M. Bansal
Senior Editor
Research Analyst Jennifer
Circulation Manager Robert
Database Management Steve
Technology Consultant Vishal More
sales@insightssuccess.com
November, 2016
Corporate Ofces:
Ariana Lawrence
Managing Editor Sugandha Sharma
Co-Editors
David Smith
Vikram Suryawanshi
Stephanie Andrews
Abhijeet Parade
Suhel Mashayak
Visualiser David King
Art & Design Director Victoria
Co-designer Alex Noel
Picture Editor Amol Kamble
Art Editor Mahesh Suryawanshi
Business Development Manager Mike Thomas
Nick Adams
Marketing Manager Chris
Business Development Executive
David, Peter,
John, Brian
Insights Success Media and Technology Pvt. Ltd.
Ofce No. 513, 5th Floor, Rainbow Plaza, Shivar Chowk,
Pimple Saudagar, Pune, Maharashtra 411017
Phone - India: 020-69400110, 111, 112
Email: meera@insightssuccess.in
For Subscription: Visit www.insightssuccess.in
6
,

Pinkerton:
Perfect Partner for Risk
Management Since 1850
Editor’s Perspectives
8
Network Security
Threats & Solutions
24
Chalk Talk
Traits to Posses the
Best Enterprise Security
Features
Why Protecting Your
14
Business
Applications for
Virtual and
Mixed Reality
42
CXO STANDPOINTS
Assured Motion
For Any Vehicle
22
Technology
and Network
Convergence:
Forging a Path
to Smart Grid,
Smart Cities and
Internet of Things
34
Business from Cyber Attacks
is no Longer Optional?
32

BAI Security:
Security Expertise that
exceeds Client’s
Expectations
18
Code Dx:
A Software
Vulnerability
Correlation and
Management System
20
CodeSealer:
Invisible end-to-end
Web Security
28
MegaPath:
Single Source for
Cloud Communications
and Managed Networks
30
Nanotech Security:
Leader
in Anti-Counterfeiting
with Advanced
Authentication Products
38
Trianz:
Execution Driven
Security Firm
40

The 10
Fastest Growing
Security
Solution Provider
Companies
Matter of IT Security
The business IT panorama is increasingly getting disrupted due to the onslaught of Cloud, Data Science, AI, and IoT
adoptions on both consumer and enterprise side. Hence, the talent community is keen on securing their career by
moving to the Cloud and other latest techs to ensure their employability for a decade or even more. As more and more
companies will embrace Cloud Technology, the number of connected IoT devices will multiply exponentially, and
security issues will also be augmented. Hence, the security landscape is now changing because of the digital presence.
Recent cyberattacks have demonstrated that more innovative hackers are adapting unique ways to evade security
actions. Since invaders are rapidly improving their IT knowledge, organizations should focus on custom solutions and
pre-emptive approaches that can protect their data and integrity.
The importance and usefulness of the Security Industries have made us to shortlist “The 10 Fastest Growing Security
Solution Provider Companies.” Our cover story ‘Pinkerton’, is one of the excellent global leader in Risk and
Management Solution, global provider of corporate risk management services including security consulting and
investigations, executive protection, employment screening, and protective intelligence. Jack Zahran, President of
Pinkerton, is the person behind the success of the company. He has extensive experience in enterprise risk
management; global operations, sales and marketing; global and national business and client development; mergers and
acquisitions; and global finance and contract management. Under his leadership, Pinkerton has emerged as a leader in
this very domain, providing a unique scalable blend of strategic and tactical solutions.
It is always interesting to know the story behind every company. Insights Success Magazine, after an in-depth research
and studies, has shortlisted; BAI Security: Security expertise that exceeds client’s expectations, Code Dx, Inc.: A
software vulnerability correlation and management system, CodeSealer: Invisible end-to-end web security, Control
Risks: A global risk consultancy, INFOWATCH: Leader in intellectual data protection solutions, MegaPath: Single
source for cloud communications and managed networks, Nanotech Security: Leader in anti-counterfeiting with
advanced authentication products, Pinkerton: Perfect partner for risk management since 1850, Trianz: Execution
driven security firm, Votiro, Inc.: An intelligence-gathering and security organization. These are the companies that are
on the forefront in recognizing their best security solutions with excellence while setting the industry standards.
While flipping the pages of Insights Success Magazine, do not miss out ‘Traits to Possess the Best Enterprise
Security, Why protecting Your Business from Cyber Attacks is no Longer Optional? and Network Security
Threats & Solutions?’ from the Editorial Desk. Technology and Network Convergence: Forging a Path to Smart
Grid, Smart Cities and Internet of Things, by Jeff Carkhuff, Business Applications for Virtual and Mixed
Reality, by Adam Sheppard, and Assured Motion For Any Vehicle, by David Bruemmer from the Thought
Leaders.
Hope You all are ready to start off!

G R I P That Truly Works.
+91-11-23311112-7
www.jktyre.com

Cover Story
Jack Zahran
President

Pinkerton:
Perfect Partner
for
Risk Management
Since 1850
or corporate business leaders and decision makers, the terms risk management and strategy management could not be
Fmore different—and understanding those differences and their impact on business continuity is imperative for
organizational success.
Threat x Probability x Business Impact = Risk
Risk management involves focusing on identifying and preparing for potential threats and failures rather than opportunities
and successes. Corporate risk takes into account threats facing an organization, which can range from natural disasters and
health epidemics to cyber crime and economic uncertainty, and analyzes those threats in terms of their probability and overall
business impact. Types of risk vary from business to business, but preparing a risk management plan involves a relatively
conventional process: Threat x Probability x Business Impact = Risk. This equation can help an organization determine which
risks exist that may impact business continuity and to what degree—and then create a plan to mitigate those risks moving
forward so they have minimal impact on an organization’s ability to meet its objectives. By recognizing potential risks and
creating strategies to minimize it, businesses are better prepared to prevent or overcome an incident should it occur.
A risk management plan should detail the strategy for dealing with risks in business. It’s important to allocate some time,
budget and resources for preparing a risk management plan and a business impact analysis. It will help meet legal
responsibilities for providing a safe workplace and can reduce the likelihood of an incident negatively affecting the business.
However, companies and firms often have a tendency to discount the future, and they’re hesitant to contribute time and
capital now to avoid an unpredictable future problem that may or may not happen. Furthermore, mitigating risk typically
entails dispersing resources and diversifying investments. For these reasons, most companies need a separate function or
external help to handle corporate risk management strategy creation and execution, and, as the world’s leading provider of
corporate risk management services, Pinkerton is just the agency to help organizations do just those.
Pinkerton has more than 160 years of experience helping brands identify and manage risks that could potentially harm
day-to-day operations. From investigative work to corporate risk consulting, Pinkerton prides itself on offering a wide variety

Cover Story
Every company is
different, and security needs
are always changing. Pinkerton
tailors and adjusts its
service to t what’s
best for you. Options range
from temporary personnel
”
to full-time dedicated
stafng
of services necessary to keep client operations safe. The
company traces its roots to 1850 when Allan Pinkerton
founded Pinkerton’s National Detective Agency.
Throughout its rich history, Pinkerton created the
forerunner to the U.S. Secret Service, hired America’s first
woman detective, and has remained the industry leader in
developing innovative security and risk management
solutions for national and international corporations. With
employees and offices around the world, the company has
the resources to provide reliable and scalable protection for
clients and their assets around the globe.
The Leader Who is Steering a Clear Path to Success
Jack Zahran, President of Pinkerton, has extensive
experience in enterprise risk management; global
operations, sales, and marketing; global and national
business and client development; mergers and acquisitions;
and global finance and contract management.
Under his leadership, Pinkerton has emerged as a leader in
”this very domain, providing a unique scalable blend of

strategic and tactical solutions. Jack says, “Every company
is different, and security needs are always changing.
Pinkerton tailors and adjusts its service to fit what’s best for
you. Options range from temporary personnel to full-time
dedicated staffing. Pinkerton’s dedicated professional
solution embeds highly-experienced professionals in the
client’s organization to deliver superior, reliable and timely
risk mitigation.”
Pinkerton offers national and global organizations a vast
selection of reliable risk management services, including:
Employment Screening: The company implements
solutions that incorporate standardized best practices, which
helps streamline workflow and maximize productivity
throughout the entire employee lifecycle.
Security Risk Management: Whether an organization
functions in a single, multi-story environment or operates
facilities in locations scattered around the world, Pinkerton
can develop comprehensive safety and security plans filled
with effective strategies and programs designed to protect
every essential element of a business: employees,
customers, supply chain, the physical environment and
products.
”
We make it
easier to anticipate
and react to
”
events that occur
nearly anywhere
around the world

Cover Story
intelligence so that clients can prepare for risks arising
globally.
Pinkerton Success Secret: Making Strategies to Serve
Clients in the Best Way
Pinkerton provides a uniquely holistic approach to risk
management, where the firm designs and continually
upgrades its services and solutions to protect all areas that
pose a risk to a business and its operation, both inside and
outside of the company. The company has expertise in
virtually every facet of risk management. The firm utilizes a
single point of contact model: just one call gives clients
access to Pinkerton’s entire breadth of risk mitigation and
risk management services. And, as client needs change, just
one call is all a client needs to scale services—allowing
Pinkerton to ensure it always delivers the most effective and
efficient solution based on current or expected conditions.
Investigations: Pinkerton provides in-depth investigation
services that can help mitigate internal employee issues,
external risks, and branding and intellectual property
protection.
Pinkerton’s proven 360-degree support model incorporates
components essential to be successful in today’s
ever-changing risk landscape. It starts with attracting and
retaining industry-leading risk mitigation specialists
through extensive screening and training. It then integrates
access to best practices; extensive resources; global
connectivity; benchmarking; and much more. This
performance cycle ensures Pinkerton always provides
outstanding service and delivers outstanding value to
clients. Pinkerton gives clients access to rich, timely and
actionable intelligence: agents have access to vital
information from their global network of resources via
cutting-edge technology, including threat monitoring,
real-time alerting and GPS tracking. The ability for
Protective Security: Pinkerton’s highly skilled agents
serve as trusted resources to protect high-visibility business
executives and celebrities, including Fortune 100 CEOs and
their workforces, famous entertainers, athletes,
high-net-worth individuals, royal families and diplomats.
The firm’s services range from providing one-time personal
protection to developing long-term comprehensive
personnel and asset protection programs.
Response Services: No matter where in the world a
company’s assets and people may be, Pinkerton can help
maximize protection during any emergency situation.
Pinkerton’s Response Services team can work with
companies to prepare for – and respond to – any emergency
situation.
Intelligence Services: Pinkerton incorporates actionable
intelligence into every aspect of their service offerings. As a
result, the company delivers increased protection to clients’
personnel, operations and assets. Pinkerton’s Global Risk
Group compiles, analyzes and disseminates critical, timely
No matter where
in the world a company’s
assets and people may
be, Pinkerton can
”
help maximize their
protection during any
emergency situation
”

“Just one call gives clients access to Pinkerton’s
entire breadth of risk mitigation and risk management
services. And, as client needs change, just one call is
all a client needs to scale services—allowing Pinkerton
to ensure it always delivers the most effective and
efcient solution based on current or expected
conditions
“
Pinkerton agents to filter and respond to relevant information provides business leaders and decision-makers with an added
level of Protective Intelligence that only Pinkerton can deliver. This actionable information allows them to make
risk-mitigating decisions that are more timely and accurate.
The company features an exclusive global resource network: dozens of offices and a myriad of partners around the world that
can provide “boots on the ground” support nearly anywhere, anytime. Pinkerton agents understand the local laws, languages
or customs of every country and region, enabling them to gather intelligence faster and deliver more effective solutions. By
leveraging this global network of comprehensive knowledge and resources, Pinkerton can access vast amounts of detailed
intelligence and provide clients more accurate and timely information and analysis.
“We make it easier to anticipate and react to events that occur nearly anywhere around the world,” says
Jack.

Chalk Talk
Traits to Possess the
Best Enterprise Security
he founders occasionally forget about
Timplementing important fundamentals of security
and start running after shining technology.
The security budgets are limited, so they need to be sure
about covering highest breach areas before moving onto
other things.
IBM reported that more than a billion personal data was
stolen and leaked in 2014 alone, which made it the highest
recorded number in the last 18 years. Criminals are always
a step ahead of the existing security systems. So companies
should have best strategies and practices for enterprise
security.
So how do we ensure to have the best security systems?
It all has to do with having a solid foundation, which starts
with these basic practices.
Strong Firewalls
Firewalls are the first line of defense for any enterprise.
It basically controls the flow of the data and decides the
direction of flow of data. The firewall keeps harmful files
from breaching the network and compromising the assets.
The traditional process for implementing firewalls is at the
external perimeter of the network, but to include internal
firewalls is the popular strategy. This is one of the best
practices of companies by making it the second line of
defense to keep unwanted and suspicious traffic away.
Securing Router
Routers are mainly used to control the flow of the network
traffic. But routers do have security features too. Modern
routers are full of security features like IDS/IPS
functionality, quality service and traffic management tools
and strong VPN data encryption features. But very few
people use IPS features and firewall functions in their
routers. To have improved security posture companies need
to use all the security features of routers.
Secured Email
It is highly common to receive emails from the suspicious
sources. The email is the main target for the criminals. An
14
November 2016

Chalk Talk
86 percent of the emails in the world
are spam. Even if the latest filters are
able to remove most of the spam
emails, companies should keep
updating the current protocols. If the
no, of spam emails are large, then it
only means the company is at greater
risk of getting malware.
Updating Programs
To make sure your computer patched
and updated is a necessary step if you
are going towards fully protected
enterprise. If you can’t maintain it
right, then updating already installed
applications is an important step in
enterprise security. No one can create
100 percent perfect applications, but
one can make changes accordingly
trying to keep it with the pace. Thus,
making sure your application is update
will let you know the holes
programmer has fixed.
Securing Laptops and Mobiles
You may wonder that why securing
laptops and mobiles is in the list. But it
is true that securing laptops and mobile
phones that contain sensitive data of
enterprises. Unlike desktop computers
that are fixed, laptops and mobiles are
portable and thus are at higher risk of
being stolen. Making sure you have
taken some extra steps to secure
laptops and mobiles is as important as
implementing strong firewalls.
Encrypting laptops and mobiles with
the help of softwares is a great tactic to
be followed for secured enterprises.
Wireless WPA2
This is the most obvious feature of all.
If companies aren’t using WPA2
wireless security, then they need to
start using it. Many methods of
wireless security are insecure and can
be compromised in minutes. If
companies have wireless WPA2
installed, then it will be difficult to
breach for criminals.
Web Security
Verizon Data Breach Investigations
Report stated that the attacks against
web applications in the recent years
have increased at an alarming rate,
with over 51 percent of the victims.
Simple URL filtering is no longer
sufficient, as attacks are becoming
more frequent and complex. The
features that need to be considered for
web security systems are AV Scanning,
IP reputation, Malware Scanning, and
data leakage prevention function. A
web security should have the ability to
correctly scan the web traffic.
Educating Employees
Making sure that employees are
educated about safe and online habits
is as crucial as securing enterprise with
top class anti virus and firewalls.
Educating employees about what they
are doing and how to be pre-defensive
is more effective than expecting IT
security staff to take steps later.
Because protecting end users against
themselves is the most difficult thing to
do. So, employees must understand
how important it is to keep company’s
data safe and the measures they can
take to protect it.
While the world is approaching with
more and more cyber theft and crimes,
these simple and standard tools based
foundation of enterprise security can
protect the companies from such
attacks.
November 2016 15

MAGAZINE SUBSCRIPTION FORM
Global Subscription
1 Year (12 Issues) $250.00
6 Months (06 Issues) $130.00
3 Months (03 Issues) $70.00 1 Month (01 Issue) $25.00
Name :
Date :
Address :
City : State : Zip :
Country :
Check should be drawn in favour of : INSIGHTS SUCCESS MEDIA TECH LLC
Corporate Office
Insights Success Media Tech LLC
555 Metro Place North, Suite 100,
Dublin, OH 43017, United States
Phone - (614)-602-1754, (302)-319-9947
Email: info@insightssuccess.com
For Subscription: Visit www.insightssuccess.com

The 10
Fastest Growing
Security
Solution Provider
Companies
Company Name
Management
Brief
BAI Security
baisecurity.net
Michael Bruck
President & CTO
BAI Security is a pure-play security auditing and compliance
firm and is a trusted resource in the finance, insurance,
healthcare, utility, and other key industries.
Code Dx, Inc.
codedx.com
Anita D’Amico
CEO
Code Dx, Inc. is making software more secure by helping
software developers, testers and security analysts find
vulnerabilities before the attackers can exploit them.
CodeSealer A/S
codesealer.com
Tonny Rabjerg
CEO
CodeSealer provides protection against Man-in-the-Middle and
Man-in-the-Browser, with its unique product WSF.
Control Risks
controlrisks.com
JIM BROOKS
CEO
Control Risks is an independent, global risk consultancy
specialising in helping organisations manage political, integrity
and security risks in complex and hostile environments.
INFOWATCH
infowatch.com
Natalya Kaspersky
President
& Co-founder
InfoWatch is a European Software Company, leader In
Intellectual Data Protection Solutions, have experience in
implementing extremely complex solutions at the largest
companies and in government agencies.
MegaPath
megapath.com
D. Craig Young
Chairman & CEO
MegaPath is a leading cloud communications and connectivity company
offering a comprehensive portfolio of Voice, Unified Communications,
Hosted IT, and secure data networking services that increase
productivity and customer satisfaction, while lowering costs.
Nanotech Security Corp.
nanosecurity.ca
Pinkerton
pinkerton.com
Doug Blakeway
CEO
Jack Zahran
President
Nanotech is a leading innovator in the design and commercialization of
advanced security products and devices, specialized in nano-optics
using proprietary micro and nanostructures, along with best-in-class
thin-film, to achieve the best and most beautiful authentication
technologies in the world.
Pinkerton offers organizations a range of corporate risk
management services from security consulting and investigations
to executive protection, employment screening and protective
intelligence.
Trianz
trianz.com
Chris Mullaney
Practice Head
Information Security
Trianz is a global professional services firm specializing in full
life cycle execution leveraging Cloud, Analytics, Digitization &
Security.
Votiro, Inc.
votiro.com
Itay Glick
CEO
Established in 2010 in Israel, Votiro was founded by a team of
senior security experts with extensive experience in the public
and private sectors of intelligence-gathering and security
organizations.

BAI Security:
Security Expertise that
exceeds Client’s Expectations
Cyber security threats are increasingly putting
sensitive data at risk for businesses both small and
large and every business expert is aware of it. The
need for effective security solution providers has been on
the rise in recent years. While the security of data assets are
at risk, the scope for security providers is increasing every
day.
BAI Security is one such security solution provider
delivering assurance and confidence to clients that their data
is protected by an in-house team of nationally recognized
security and compliance experts.
BAI Security is armed with innovative auditing and
assessment tools that lead the industry. The company is
consistently delivering flexible, consultative service,
user-friendly reports and helpful communication that goes
well beyond the audit.
BAI Security: Providing Pure-Play Security Services
BAI Security is a pure-play security auditing and
compliance firm continuously focused on being the best,
most innovative, cost-effective solution in the industry. It’s
this focus combined with dedication to exceeding their
client’s expectations that propels BAI Security as a leader
in the field. Specializing in IT security and compliance,
governance, risk, and auditing services BAI Security has
developed a solid reputation for cost-effective,
market-leading services for the banking & finance sector, as
well as many other regulated industries.
BAI Security offers a surfeit of services and they are as
follows:
Breach Risk Assessment
The Breach Risk Assessment identifies potential
weaknesses of the technology, policies/procedures, and/or
personnel that could lead to system compromise, and
ultimately the data breach. The process to determine these
weaknesses, often referred to as a “Red Team” approach, is
an extension of core audit components, such as external
penetration testing, email and phone-based social
engineering, as well as in-person social engineering and
physical access. However, the goal of the Breach Risk
Assessment is to combine these threat vectors to penetrate
the environment, compromise front-line systems, and use
those systems as pivot points to compromise other, more
sensitive, systems and their data. This provides the
organization with a better understanding of their true
security posture and their potential exposure to a targeted
attack.
IT Security Assessment
The security posture of a company has never been static
because new threats are discovered throughout existing
systems daily. Whether bringing on a newly acquired
organization, implementing a new application platform,
launching a new virtual environment, adding computers to
the network or even leaving systems “as is”, new
vulnerabilities constantly present themselves.
BAI Security’s IT Security Assessment options include
Vulnerability Scanning & Penetration Testing, Social
Engineering, Firewall, Wireless Network and Antivirus
Protection Evaluations, Network Administrative and
Facility Security Best Practice Evaluations, Endpoint
Compromise and Rogue Device Detection Exercises, as
well as other enhancement options.
Controls Audit
BAI Security’s Controls Audit verifies an organization’s
existing controls against specific compliance standards. It
has developed multiple controls testing methodologies
based on industry standards, current and upcoming
18
November 2016

The 10
Fastest Growing
Security
Solution Provider
Companies
Michael Bruck
President & CTO
regulations, as well as industry bestpractices.
Compromise Assessment
The company’s Compromise
Assessment helps clients to determine
what malicious code exists within the
enterprise through a short-term
deployment of highly-specialized,
nonintrusive forensic software on all
endpoints.
Threat Radar
Threat Radar is a 24/7 managed service
that can find malware in real-time;
even malware that is undetectable by
traditional antivirus systems. It’s based
on a new behavioral approach and can
dramatically reduce the detection time
of malware, so a breach does not have
time to occur.
Social Engineering
As a nationally-recognized audit firm,
BAI provides one of the most robust
offerings in the industry. The company
has dozens of real-world scenarios
used in actual breach activity or
custom scenarios can be created to
“
Our mission
and goals
revolve around
the customer
experience
collect all types of
sensitive data.
Whether you need a
single engagement or an annual plan
with frequent testing and multiple
social engineering scenarios, they can
help you build a security conscious
culture.
Marvelous Behind the Success
Michael Bruck, President and CTO
of BAI Security, since forming the
company in 2007, Michael has led BAI
Security as a trusted partner to more
than a thousand organizations in highly
regulated industries within the US
alone. A fledgling IT services firm
became Cybersecurity Solutions
innovator with more than 20 years of
IT, business development, and
customer relationship expertise.
Listening to the specific needs of
clients and combining that with
expertise in modern-day threats to
develop industry-leading services
exceeding those available in the
marketplace today, has been the
passion Michael has always followed.
Michael works directly with BAI’s
client base and continues to look for
new ways for the firm to help
“
organizations protect themselves from
Cyber security threats while exceeding
customers’ expectations.
Standing Apart From the Crowd
with Unique Services
The company stands apart from its
competitors due to factors including
Thorough audits, leading edge security
capabilities, quality executive summary
and technical reports, thorough and
easy to understand, competitively
priced, in-house audit team of IT
security experts rather than
outsourcing work, strong
communication with clients, flexible
service and helpful communication
beyond the audit.
BAI Security has been a trusted
resource in finance, healthcare,
insurance, utility, and other key
industries, with over a thousand
customers in highly regulated
industries. They want to ensure that
organizations of all sizes, that are
keenly serious about their security
posture, have access to truly top-shelf
audit and compliance services in the
most cost-effective manner possible.
November 2016 19

Code Dx:
A Software Vulnerability
Correlation and Management System
Most computer security incidents can be traced
back to weaknesses in software that were
inadvertently put there when the code was
developed. Attackers can–and very often do–find and
exploit such weaknesses as a means to attack organizations’
applications. Information security has focused primarily on
network security and less on securing the software that
resides on networks and poses risks. Numerous Application
Security Testing (AST) tools help software developers and
security analysts find vulnerabilities during all stages of the
software development lifecycle, but many don’t use these
tools until it’s too late.
Code Dx Enterprise is a software vulnerability correlation
and management system that consolidates and normalizes
software vulnerabilities detected by multiple static
application security testing (SAST) and dynamic
application security testing (DAST) tools, as well as the
results of manual code reviews. Code Dx addresses several
obstacles to deploying secure software: the high cost of
using multiple AST tools; combining and correlating the
results of multiple tools into one format; and prioritizing
vulnerabilities for easy remediation and reporting.
Code Dx overcomes these obstacles by first providing an
easy-to-use and affordable tool that automatically selects,
configures and runs open-source software tools for the
user’s specific code base. It also correlates and
de-duplicates the results of multiple commercial and
open-source static source code and DAST tools. Finally, it
provides a vulnerability management solution that helps
prioritize vulnerabilities, assign them to developers for
remediation and track the remediation process.
Uniqueness of Code Dx
Code Dx differentiates itself from its competitors on ease of
use, lower cost, the number and types of static and dynamic
testing tools supported, and seamless integration into
software development environments. In the business of
making software more secure, Code DX helps software
developers, testers and security analysts find vulnerabilities
before the attackers can exploit them. It provides easy and
affordable application vulnerability correlation and
management systems that enable users to search for and
manage vulnerabilities in software.
The award-winning Code Dx solution integrates the results
of multiple static and DAST tools and manual reviews into
a consolidated set of results for quick and easy triage,
prioritization and remediation. By offering the hybrid
combination of findings from static and dynamic
application security testing, Code Dx provides users with
broader vulnerability testing coverage to better identify
those vulnerabilities which are easily accessible to an
external attacker.
Service with Satisfaction
Code Dx addresses a number of issues across its diverse
clientele. For those who are relatively new to application
security, Code Dx offers support for understanding the
output of the testing tools embedded within Code Dx. In
fact, the company has been lauded by several customers for
20
November 2016

The 10
Fastest Growing
Security
Solution Provider
Companies
“Find, prioritize, and
manage software
vulnerabilities – fast
“
and affordably
Anita D’Amico
CEO
its excellent support. For the veterans
of application security, it addresses
their need for customization. For
example, Code Dx can be used to
prioritize vulnerabilities based on an
organization’s unique perception of
threats to their applications,
incorporate the results of manual code
reviews, and produce reports
customized to each organization’s
needs.
Prime Mover of Code Dx
Anita D’Amico, CEO of Code Dx, is
a Ph.D. in psychology and a thought
leader in the cyber security industry.
Information Security Buzz credited her
with being responsible for one of the
top five product names in cyber
security; she ‘ingeniously thought of a
simple name for a complex topic –
software vulnerability management.’
Anita has been in the cyber security
industry for more than 20 years –
starting as the head of Northrop
Grumman’s first Information Warfare
team. She is a human factors
psychologist, a specialist in cyber
security situational awareness and a
security researcher. She is also a selfproclaimed
‘starter-upper.’ She
develops a vision and fuels it with the
energy, communication and leadership
that is needed to make that vision a
reality. Anita has done this repeatedly
throughout her 35+ years in advanced
technology and is currently doing it as
CEO of Code Dx.
In just under two years, Anita has taken
Code Dx from a product idea to a
successful company offering multiple
solutions being used by organizations
of all shapes and sizes to protect
software from malicious attacks. Under
her leadership, Code Dx has won
multiple awards for its innovation.
Valuable for Customer
Top Code Dx customers include large
financial institutions, health care
systems, defense contractors, and state
and federal government agencies. They
see Code Dx as a valuable addition to
their existing investments in AST.
Code Dx increases the value of its
commercial tool chest with the
addition of results from open-source
tools. It also enables enterprises to
augment their application security
testing program by economically
distributing AST tools to a broader
audience of developers in their
organization while maintaining
commercial AST tools within their
quality assurance and security analysis
functions. With this seamless
integration and use of open-source and
commercial AST tools through Code
Dx, security reviews are performed
earlier and more frequently in the
software development lifecycle,
reducing the time to develop and
secure production-ready software, and
decreasing organizational application
security risk. Finally, Code Dx’s ability
to automatically correlate, consolidate
and de-duplicate results from multiple
AST tools saves weeks of time.
November 2016 21

CXO Standpaoint
Assured
Motion For
Any Vehicle
PS has been a boon for the world of transportation
Gin general and for the robotics industry in
particular. Despite this, robots have failed to
permeate our world. They still lose track of where they are
and as we see in the news both military and commercial
drones fall out of the sky. After years of using robots to
solve difficult, real world problems such as landmine
detection, mapping out the hazardous chemicals and
detecting radiation, 5D came to realize that reliable, useful
behavior is dependent on accurate positioning. GPS lacks
accuracy and doesn’t work indoors. For instance, GPS
systems often still think you are on the highway, even after
you take an exit. Vision and laser systems can be used to aid
in localization and 5D has incorporated a great deal of those
technologies to aid in navigation. Unfortunately, neither
lasers nor cameras can see around corners and are easily
disrupted by dust, rain, snow, and dynamic environments.
This lack of reliability reduces value of mobile robots
across the board and impacts hopes of more efficient,
autonomous driving.
To address this problem, 5D created and patented a
technology that provides reliable, centimeter level accuracy
and reliable behavior in any environment. The 5D module
embodies this technology, including an innovative
Ultra-Wideband necessary to provide accurate position,
orientation and behavior software for safety and
autonomous navigation. The reliability and accuracy have
been proven for landmine detection, squad support missions
and hazmat environments for both ground vehicles and
drones in the military. Now we are bringing the technology
into a variety of commercial environments starting with
heavy equipment and moving towards intelligent
transportation. The technology can go onto people, robots,
drones, automotive systems and anything else you might
want to track.
There are two complementary ways to use the 5D module.
The first uses relative positioning to allow safe motion,
obstacle avoidance, follow, wagon training and a host of
vehicle to vehicle applications. In this relative frame of
reference the modules link to each other without any
dependence on GPS or a global reference frame and no
modules are necessary in the infrastructure. Like neuronsin
the brain, modules that support a particular function work
together and specific clusters of modules can dedicate
themselves to a particular function while still maintaining
recursive awareness to a larger ecosystem.
The second way to use the technology is as an absolute
position reference where modules in the environment can
be a GPS enhancement. In this model, applications
designed around GPS can work as intended, but with much
higher reliability and accuracy. With the 5D module it is
possible to accurately judge follow distance and perform
predictive braking. Within minutes, it is possible to add the
22
November 2016

CXO Standpaoint
CXO Standpaoint
modules to just about any
environment. We anticipate
building modules into light
fixtures, traffic lights and
roadside equipment. We are
already contracted to move the
technology into a variety of
heavy equipment applications
for forklifts, scissor lifts and
other equipment. The
technology has the ability to
impact construction, mining,
logistics and energy sectors. In
the burgeoning drone world,
5D has shown that we can
replace or enhance existing
GPS dependency, allowing
drones to provide more
accurate surveying, mapping
and data collection for
surveillance, security and
inspection.
One of the most exciting future
opportunities is smart mobility
applications. Beginning in
closed environments like
campuses and resorts,
off-highway personal mobility
systems can meet you
wherever you need a lift and
drive you on dedicated routes
to your destination using
existing paths. You never have
to go somewhere to pick it up
or drop it off. It just goes on to
the next closest person who
needs a lift. Across all these
applications, the 5D modules
provide a crosscutting, interoperable
solution and help us create intelligent
ecosystems where everything is safer and
more efficient. The benefits extend not only to robotics, but
also include big data analytics where the 5D modules
provide the ability to collect and accurately position a
variety of data. The precision of this data allows for both
analysis and prediction at a level never before possible,
allowing increased efficiency and awareness across
countless applications.
David Bruemmer
CEO & Co-founder
5 D Robotics
November 2016 23

Editor’s Perspectives
Network Security
Threats & Solutions
November 3, 1988, is considered as a turning point
in the world of Internet. 25 Years ago a Cornell
University graduate student created first computer
worm on the Internet, “Morris Worm.” The Morris worm
was not a destructive worm, but it permanently changed the
culture of the Internet. Before Morris unleashed his worm,
the Internet was like a small town where people thought
little of leaving their doors unlocked. Internet security was
seen as a mostly theoretical problem, and software vendors
treated security flaws as a low priority.
Today, there is a paradigm shift, Morris worm was
motivated more by intellectual curiosity than malice, but it
is not the case today. According to a 2015 Report, 71% of
represented organizations experienced, at least, one
successful cyber attack in the preceding 12 months (up
from 62% the year prior).
According to survey report, discloses that, among 5500
companies in 26 countries around the world, 90% of
businesses admitted a security incident. Additionally, 46%
of the firms lost sensitive data due to an internal or external
security threat. On average enterprises pay US$551,000 to
recover from a security breach. Small and Medium business
spend 38K.
Incidents involving the security failure of a third-party
contractor, fraud by employees, cyber espionage, and
network intrusion appear to be the most damaging for large
enterprises, with average total losses significantly above
other types of the security incident.
Let’s Take a Look at Recurrent Security Threats Types-
Denial of Service Attacks
A denial of service (DoS) attack is an incident in which a
user or organization is deprived of the services of a resource
24
they would normally expect to have. These attacks are very
common, accounting for more than one-third of all network
attacks reviewed in the report. A standard approach is to
overload the resource with illegitimate requests for service.
Brute Force Attacks
Brute force attack tries to kick down the front door. It’s a
trial-and-error attempt to guess a system’s password. The
Brute Force Attack password cracker software simply uses
all possible combinations to figure out passwords for a
computer or a network server. It is simple and does not
employ any inventive techniques.
Identity Spoofing
IP spoofing, also known as IP address forgery. The hijacker
obtains the IP address of a legitimate host and alters packet
headers so that the regular host appears to be the source. An
attacker might also use special programs to construct IP
packets that seem to originate from valid addresses inside
the corporate intranet.
Browser Attacks
Browser-based attacks target end users who are browsing
the internet which in turn can spread in the whole enterprise
network. The attacks may encourage them to unwittingly
download malware disguised as a fake software update or
application. Malicious and compromised websites can also
force malware onto visitors’ systems.
SSL/TLS Attacks
Transport layer security (TLS) ensures the integrity of data
transmitted between two parties (server and client) and also
provides strong authentication for both sides. SSL/TLS
attacks aim to intercept data that is sent over an encrypted
connection. A successful attack enables access to the
unencrypted information. Secure Sockets Layer (SSL)
attacks were more widespread in late 2014, but they remain
November 2016

Editor’s Perspectives
prominent today, accounting for 6% of
all network attacks analyzed.
Network Security is an essential
element in any organization’s network
infrastructure. Companies are boosting
their investments in proactive control
and threat intelligence services, along
with better wireless security, nextgeneration
firewalls and increasingly
advanced malware detection. The U.S.
Federal Government has spent $100
billion on cyber security over the past
decade, $14 billion budgeted for 2016.
Increased use of technology helps
enterprises to maintain the competitive
edge, most businesses are required to
employ IT security personnel full-time
to ensure networks are shielded from
the rapidly growing industry of cyber
crime. Following are the methods used
by security specialists to full proof
enterprise network systems-
Penetration Testing
Penetration testing is a form of hacking
which network security professionals
use as a tool to test a network for any
25
vulnerabilities. During penetration
testing IT professionals use the same
methods that hackers use to exploit a
network to identify network security
breaches.
Intrusion Detection
Intrusion detection systems are capable
of identifying suspicious activities or
acts of unauthorized access over an
enterprise network. The examination
includes a malware scan, review of
general network activity, system
vulnerability check, illegal program
check, file settings monitoring, and any
other activities that are out of the
ordinary.
Network Access Control
Network Access Controls are delivered
using different methods to control
network access by the end user. NACs
offer a defined security policy which is
supported by a network access server
that provides the necessary access
authentication and authorization.
Network Security is a race against
threats, and many organizations are a
part of this race to help enterprises to
secure their network systems.
Organizations like IBM, Symantec,
Microsoft have created solutions to
counter the global problem of network
security threat. These cutting-edge
products show genuine promise and
are already being used by enlightened
companies.
Good Network Security Solutions
Traits
A real security solution should have
four major characteristics;
Detect Threats
Targeted attacks are multi-faceted and
specially designed to evade many point
technologies attempting to identify and
block them. Once they are inside, the
only way to find these cyber threats is
to understand the behavior of the
individual attack components and use
analytics to understand their
relationships.
Respond Continuously
Today it is not important that an
organization will be attacked, but
November 2016

Chalk Talk
Editor’s Perspectives
important and more crucial is to
identify when and how much they can
limit the impact and contain their
exposure. This means having the
capability to respond quickly once the
initial incident has been discovered.
Prevent Attacks
Malware is gettings quick-witted day
by day. They utilize heuristics to
change their code dynamically. A
capable solution should have an
adaptive architecture that evolves with
the changing environment, and threats
today's business faces.
Integration
Today’s threats have multiple facets,
and a single software or solution is not
sufficient. Protection system should
have the capability to integrate with
other security tools from different
vendors to work together as a single
protection system, acting as connective
tissue for today’s disjointed cyber
security infrastructure.
Solutions In Market
Like infectious diseases, cyber threats
will never be eradicated entirely, but
they can be better contained and
understood, and their effects
minimized. How can this be achieved?
IBM has built an enterprise-level
“immune system,” an adaptive security
architecture to battle today’s cyber
pathogens. IBM has developed a vast
fleet of products, QRadar, X-Force
Threat Intelligence, Trusteer Pinpoint
Malware Detection, IBM Threat
Protection System a dynamic,
integrated system to meddle the
lifecycle of advanced attacks and
prevent loss.
The IBM Threat Protection System
integrates with 450 security tools from
over 100 vendors acting as connective
tissue for today’s disjointed cyber
security infrastructure.
Symantec is another major player in
catering enterprise network security
systems with Symantec Advanced
Threat Protection. Symantec ATP
operates via a single console and works
across endpoints, networks, and
emails, integrating with Symantec
Endpoint Protection (SEP), and
Symantec Email Security cloud, which
means organizations do not need to
deploy any new endpoint agents.
Symantec says, ATP is the only threat
protection appliance that can work
with all three sensors without requiring
additional endpoint agents. With ATP,
Symantec’s goal is to deliver
end-to-end threat protection,
prevention, detection, and response in
a single pane of glass, offering more
value to businesses than individual
point products can provide. Symantec
Advanced Threat Protection combines
multiple layers of prevention,
detection, and response.
November 2016 26

CodeSealer:
Invisible end-to-end
Web Security
In the last few years, the rise of mobility and cloud has
changed the human interface with technology. All the
data is being stored in the sky, and customers all over
the world has acquired the technology as it facilitate their
every single act. Anyone can share data in the air and
authorized person at the other corner of the world can
access it in moments. But the presence of data in the cloud
also demands the invincible security. Customers expect the
companies—who invent technology—to close the
loopholes in their own technology and protect them,
customers also expects the legislators—they choose to
govern—to enforce new and stronger regulations for their
protection, but still there is nothing like a story on front of a
newspaper, something than can cause a severe disruption in
the customer’s business.
This forced the Companies to invest billions to protect their
own customer’s data and infrastructure, behind the firewall,
but only a few have successfully secured their customers
and users in front of the firewall. The whole scenario of the
web security can be hence summed into –“Customers
Expects It, Regulators Enforce It, Press Loves It!”
A Company Founded Exclusively to Enhance Web
Security
According to an authentic market research, about 20,000
new malware versions are introduced daily. 75% of all
devices are stimulated infected, and more than 40% of all
users have been attacked–often without realizing it. Cyber
crime has today surpassed physical theft and while physical
robbery may lead to arrest, cyber criminals ordinarily
continue doing illegitimate acts sitting in a remote area and
in countries where it becomes difficult to prosecute them.
Knowing that “Physically, you can rob one bank at a time;
but sitting on a computer, you can rob 100 million bank
users,” cyber crime is at the zenith today.
Realizing the need of the era, Martin Boesgaard, a
well-known name within the IT security industry, founded
CodeSealer in 2011 with the sole motive of minimizing
cyber attacks.
CodeSealer: A Trusted Partner in Web Session
Protection
CodeSealer, an international company residing in
Copenhagen, protects its customers against
Man-in-the-Browser and Man-in-the-Middle attacks.
Where other companies protect by installing software on
the device, CodeSealer is completely invisible to the user
and also protects against unknown malicious malware and
on infected devices.
While protection of the customers and their data is
becoming increasingly important, only a few companies
provide security against web attacks. That’s when
CodeSealer becomes the perfect choice for the customers
which provides completely invisible protection.
CodeSealer today holds several patents and where other
solutions use traditional solutions including signatures and
blacklisting, CodeSealer is going another way and today
have what has been identified as a unique solution. The
solution is deployed on existing platforms and
infrastructure, without any additional hardware, and upon
deployment, all the users get immediately protected.
Highly Acclaimed Products
Today when many companies have spread out their focus,
CodeSealer remain focused on protection of web usage.
CodeSealer offers two products providing full support
against web attacks.
Their product consists of a built-in and dynamic
28
November 2016

The 10
Fastest Growing
Security
Solution Provider
Companies
Tonny Rabjerg
CEO
“We detect and prevent
advanced attacks in online
channels, Secure
online banking, public
& corporate institutions,
and Online Session
Security
“
boot-loader, which ensures the session
and handling by running obfuscated
JavaScript, setting up session keys and
their own encryption all the way into
the JavaScript engine at the client. The
Bootloader was first sold more than 3
years ago and today process more than
30 million transactions per day, as part
of a sector wide solution.
The browser is protected by
encapsulating the client and constantly
monitoring illegal changes, using
integrity checks. If an attack is seen
CodeSealer aborts the session and
provides notification to the company.
CodeSealer’s solution has a built-in
dashboard, but the flexible solution
also allows integration to the
companies existing SEIM solutions.
Tonny Rabjerg: Highly Motivated
Leader with Vast Experience
Tonny Rabjerg, CEO of CodeSealer
has a broad international leadership
experience within IT. Working for
more than 30 years with application
development and operation within
companies such as SAS, Amadeus,
Star Alliance and Danske Bank, he has
a deep insight in IT Management. In
his latest role, Tonny was responsible
for Creation and Management of
Danske IT and Support Services
Indian, Private Limited, a subsidiary
owned by a large Danish bank,
managing more than 750 IT
consultants and employees. Being
appointed as a CEO of Security
Ensuring Company, Tonny asserts
“Entering into the security sectors does
not only allows me to use my previous
experience from the IT industry, but
also an opportunity to see our product
grow and gain market position, in a
very interesting and expanding
market.”
Widening the Reach across the
World
While CodeSealer has been a part of
sector solutions for the past 3 years, the
company is now expanding its focus to
new sectors and markets. The company
already has partners in Indonesia,
Dubai, Poland and cooperation with
India, Italy, and Brazil and live
customers in Indonesia. The firm was
earlier focused on banks, but recently
widened the focus to cloud solutions,
such as HR and Financial systems,
CRM and public sector, “Our solution
isn’t specific to a sector as long as it is
an online version using a web
browser,” says Tonny.
Growing With Unique Solutions
CodeSealer has invested more than 50
years of development in its solution
and today has a structured organization
meeting requirements for an innovative
solution and the highest of the quality
in their solution. CodeSealers’ solution
remains unique in the industry as
it protects its end-users from the
invisible - a key element in the
solution. Along with the protection
against unknown malware it increases
the user acceptance and reduce the
maintenance, and hence being accepted
and acknowledged by the large
spectrum of the industry.
November 2016 29

MegaPath:
Single Source for Cloud Communications
and Managed Networks
There comes a point when every organization must
make a decision about its network management. It
becomes important for a business to consider
managed network solutions when the business connects
multiple offices, stores, or sites; or is growing their business
beyond the capacity of existing access lines. Companies
also feel the need for network management if they strive to
provide secure connectivity to mobile and remote
employees, if they could produce cost savings by
integrating voice and data traffic or they are preparing for
more traffic from video and other high bandwidth
applications. Becoming more difficult to manage and ensure
performance and security, especially given limited staff and
budget resources, also generates the need for a managed
network solution.
Whenever a situation mentioned above or similar condition
provokes businesses, they try to search for a leading
provider of secure access and managed network solutions,
like MegaPath. MegaPath combines the best broadband
connectivity, voice, VPN, cloud, and security technologies
with unmatched network design, deployment, monitoring,
management, reporting, and support capabilities.
MegaPath’s managed network services reduce the cost and
complexity of securely connecting remote sites and users to
their network while providing a single point of contact for
network operations and management.
High Spectrum Services Offered
MegaPath has a long history of adopting best-of-breed
solutions to secure their customers’ data and networks,
including MPLS, IPsec and SSL for businesses of all sizes
and across various verticals.
Currently, MegaPath is focusing its network and security on
SD-WAN, or Software-Defined Wide Area Networking
(SD-WAN), which has gained mass popularity because it’s
easy to deploy and manage, and it’s much less expensive to
deploy than traditional WANs. MegaPath’s SD-WAN
feature set includes: IPsec – full-mesh or hub-spoke
topologies and routing policies, updated in a central
fashion. Dual-WAN Uplinks – aggregates all WAN
connections to distribute traffic over multiple pathways with
built-in load balancing and auto-failover. Real-time Voice
Failover – prioritizes VoIP traffic and routes calls over the
cleanest ISP connection to eliminate dropped calls, choppy
sound quality and echoes. Bi-directional QoS – optimizes
bandwidth in both directions for optimal application
performance. Application Performance Monitoring –
Assesses the performance of critical applications with the
ability to alert IT staff. Centralized Monitoring and
Management – Simplifies the deployment and management
of branch-office WANs. Managed Firewall – leverages
CPE appliances and central management, to act as the first
line of defense against intrusions and other network threats.
Unified Threat Management – provides comprehensive,
multi-layered security that safeguards a business’s network
and information assets against viruses, malware, and
emerging cyber threats.
Along with the above services, MegaPath provides
Managed WiFi, which includes the design, configuration,
installation, monitoring, and management of a business’s
secure wireless network. The solution provides full
separation of guest and corporate access, thereby securing
corporate data from unauthorized public users. The solution
also supports Active Directory integration allowing
identity-based firewall security, providing more flexibility
to enforce policies based on user and group identities and
the point of access.
MegaPath provides managed solutions for Small &
Medium Businesses and Enterprise Businesses. The
company provides solutions for various industries like
Healthcare, Insurance, Finance, Restaurant and Retail.
Driving Force behind MegaPath
D. Craig Young, Chairman and CEO of MegaPath has
over 30 years of experience in the telecom and data
communications industry. Since joining MegaPath in July
2004, his primary focus has been to create a world class
30
November 2016

The 10
Fastest Growing
Security
Solution Provider
Companies
D. Craig Young
Chairman and CEO
“
Reliable technology
services and support from
MegaPath help you keep
your business up and
running smoothly so you
can deliver great service
to your customers
“
managed IP services company that
provides businesses the ability to easily
and securely communicate between
their headquarters, employees and
business partners. Craig has driven the
company’s growth by relentlessly
focusing on improvements to the
customer experience, ranging from the
products and services offered to the
solution design, installation and
support processes that best benefit the
customers MegaPath serves.
Evolving with the Evolving
Technology
Since its inception in 1996, MegaPath
has had a clear mission to provide the
best technology solutions to businesses
nationwide. They became a VoIP
trailblazer before Internet telephony
became a widely used and understood
concept in the business world. They
have evolved over the years due to
growing and changing needs in the
marketplace. Today, MegaPath is an
all-in-one managed network and
security services, UCaaS, Internet and
cloud IT services provider. They are
hyper-focused on delivering
next-generation networking and cloud
services. In addition to their broad
portfolio of managed network and
security solutions, they continue to
offer one of the most expansive
portfolios of nationwide business-class
connectivity—including cable, copper,
fiber and wireless—as well as
cloud-based offerings including UCaaS
and Cloud IT services.
Unlike most of other communication
service providers, MegaPath provides a
unique combination of core services
nationwide: Network / Internet access
type diversity (e.g. wireless,
broadband, T1, fiber), allowing their
customers to serve all their locations
based on their business needs and
budget at each location; Fullyintegrated
security and threat
management services, leveraging bestof-class
technology vendors; and
Wide-scale SD-WAN capabilities, to
leverage diverse access types while
still maintaining application
performance and data security.
Winning the Clients
Businesses are approaching MegaPath
to resolve their multiple
issues – including controlling costs,
increasing security, simplifying IT,
supporting bring your own device
(BYOD), refreshing outdated
technology, and supporting mobility.
MegaPath’s customers value them as a
one-stop, full-service provider that
delivers the quality and reliable
solutions that simplify the way they do
business – from improving
collaboration and employee
productivity to alleviating the in-house
burden of network and security
management.
For 20 years, businesses have trusted
MegaPath as their single source for
cloud communications and
connectivity.
MegaPath guarantees its reliable
technology services that help its clients
keep their businesses up and running
smoothly so they can deliver great
service to their own customers.
MegaPath assures customer
satisfaction with Industry-Leading
Service Level Agreements, Networking
Performance Monitoring and 24/7/365
Support.
November 2016 31

Features
Why Protecting Your Business from
Cyber Attacks is no Longer Optional?
e live in a growingly networked world,
Wincluding personal banking to government
infrastructure. The world has been more
connected than ever with the network of information, while
information has been an essential resource for all businesses
and is the key to the growth and success.
Making sure that companies have implemented security
strategies to protect from cyber breaches is vitally
important. The success of the businesses can be in jeopardy
if enterprise security tactics are not involved in the business
model.
The cyber risk is now considered at the top of the
international listing as high profile breaches increase fear of
endangering the business economy and subsequently global
too. The cyber crime costs USD 400 billion to the global
economy, according to a report.
and also conventional efforts to shut down the systems and
infrastructure.
Only a few of the biggest cyber crimes get caught while
many go untraced. A significant number of cyber crimes go
undetected, considering industrial espionage where access
to confidential data and documents of difficult to identify. A
possible danger with this kind of breach is that companies
might be at a disadvantage with trades for months or even
years.
The migration of data to third party cloud providers has
created a concentration of data in one place and thus, more
opportunity for cyber criminals to create large damage in a
single attack. The development of IoT that enables a
machine to machine communication has also raised the
possibility of appliances being manipulated by the cyber
hackers.
Over 3,000 companies in the United States had
compromised their systems in 2013 alone, and the number
only included the companies that reported the breaches.
While many companies avoid reporting the crimes keeping
in mind the reputation of the company.
Many of the breaches targeted high profile US retailers
\and Home Depot and stole customer data and credit card
information, while other companies lost money from
accounts, and in some cases, criminals even took over the
companies and demanded money to unlock them.
The cyber attacks are mainly categorized into-breaches in
data security and sabotage. Personal data, trade secrets,
intellectual property, prices and mergers, and bids related
information fall in data security breach. Sabotage contains
service attacks that flood web services with fake messages,
32
Despite the best efforts of cyber security experts and
government agencies, cyber crimes are likely to increase.
The expanding number of availability of online services and
the increasing sophistication of cyber criminals who want to
play cat and mouse game with the security experts.
Today, 90 percent of companies are insufficiently prepared
to protect their systems against cyber attacks globally.
While the world is becoming more connected through a
network of information, the protection of business systems
from cyber crimes will be the main issue to tackle for many
unprepared companies.
An implementation of a framework with a set of standards
and best practices designed from an input of thousands of
security experts will be the only way to protect and secure
the businesses from cyber attacks.
November 2016

CXO Standpaoint
Technology and Network Convergence:
Forging a Path to Smart Grid,
Smart Cities and Internet of Things
n North America, utilities have
Iinstalled nearly 70 million smart
meters over the last decade. This
technology investment has delivered
tangible value to both utilities and
consumers. But utilities have yet to
realize the full potential of this
platform and the value of the data these
systems generate. This is primarily
due to common challenges that utilities
as well as technology providers have
struggled with:
• Smart meters are viewed mainly as a
cash registers and instruments of
customer billing rather than as
sophisticated sensors that provide a
rich source of data and insight to
improve grid operations.
• For the most part, smart metering
systems have been deployed in
technology “silos,” meaning they run
on purpose-built, largely proprietary
networks that were designed for meter
reading rather than on a standardsbased,
multi-application IP-platform.
• These systems have created a
relative tsunami of new data-more
frequent and detailed usage data, event
data from power outages and voltage
anomalies and meter tamper alerts-data
that utilities are struggling to manage
and create new business value from.
• More than smart meters, the term
“smart grid” implies grid devices,
34
November 2016
Jeff Carkhuff
VP
Itron

CXO Standpaoint
assets and data interacting in real time and with less human
intervention to respond to changing grid conditions. This
degree of interoperability and automation has been elusive
or cost-prohibitive thus far for the low-voltage level of the
network.
·
Most of these challenges are technology-centered, while
some are cultural and organizational, but the upside is that
these challenges are being solved. Information technology
and operational technology are converging rapidly in the
utility and energy space to create a new strategic and
operational reality. This comes none too soon in light of
significant business challenges utilities worldwide are
facing as well as the economic and environmental
challenges we all face.
Led by companies such as Cisco and Itron, a growing
ecosystem of smart grid technology providers have
collaborated to evolve network architecture so that utility
field area networks look and behave much more like
enterprise IT networks. Solution providers are also
introducing more distributed intelligence to grid operations
that enable grid assets and devices that are currently
“siloed” to work in concert with one another. In addition,
the available value stream of this network infrastructure
investment is broadening by connecting to emerging
markets and applications such as smart cities and the
Internet of Things (IoT).
The heavy lifting really began four years ago when Itron
and Cisco announced an agreement to work together to
re-architect Itron’s widely-deployed OpenWay smart grid
network to IPv6 architecture from Cisco. This joint
development effort, undertaken by the industry leaders in
utility automation and networking, was a watershed effort
in the industry. The smart metering network became a
multi-application smart grid and smart city network,
broadening significantly its usefulness and value. A growing
ecosystem of leading smart grid technology providers can
now build to a common reference architecture through the
Connected Grid Cisco Developer Network to accelerate
adoption and spark innovation.
But standards-based, multi-application network architecture
by itself was not enough to address all those challenges.
Itron believes that for the smart grid to deliver on its
promised value, data analysis and action must take place
where it makes most sense–increasingly at the edge of the
network rather than in the utility back office. That’s the
whole idea behind ITRON RIVA, a new distributed
intelligence and advanced communication platform the
company launched this fall.
Distributing intelligence across the network allows us to
economically solve utility problems that couldn’t be
feasibly solved before, greatly increasing the value and
timeliness of smart grid analytic applications as well as the
utilization of network capacity. Specifically, these
development efforts yield a new and common set of
technology attributes for meters, grid sensors and other
types of intelligent devices, whether they come from Itron
or third-party partners who embed the technology or build
to the standard.
35
November 2016

• Locational awareness: For the first time, smart meters
and grid devices know where they are in relation to other
grid assets (feeders, phases, substations, transformers,
distributed generation, other meters, etc.). This “selfawareness”
opens up an entirely new approach to smart grid
use cases and applications.
• “Multilingual” devices: A unified software platform
supports multiple communication/application protocols,
allowing a single meter or grid device to simultaneously
speak the language of distribution automation, load control
and smart metering. This enables highly localized
communication and action among diverse devices, assets
and grid control systems to respond to changing conditions
at the edge of the network.
• Edge processing power: Thanks to Moore’s Law, Itron is
embedding the computing equivalent of a recent generation
smart phone in high-volume meters and grid devices to
enable advanced communications, data processing and
analysis in the edge device.
Standpaoint, ,CXO
“Led by
companies
such as Cisco and Itron,
a growing ecosystem of
smart grid technology
providers have collaborated
to evolve network
architecture so that
utility eld area networks
look and behave much more
like enterprise
IT networks”
,,
Jeff Carkhuff
The ability for edge devices to know exactly where they
are, process and analyze data independently and
communicate with other types of devices creates many new
possibilities for improving the accuracy, resolution and
timeliness of analytic applications. A clear opportunity
exists to deliver new business value in areas such as
localized demand response/load control, asset monitoring
and management, outage detection and response,
renewables integration and diversion detection. This
approach allows utilities to put intelligence where it makes
the most sense, whether that’s in the edge device, the field
area network itself or at the enterprise level, meaning
analytics no longer must always take place in the back
office where “tomorrow” or “next week” is no longer good
enough.
Perhaps most interestingly, the Itron Riva distributed
intelligence platform has enabled Itron to revolutionize grid
communications. Known as adaptive communications
technology, this capability incorporates multiple
communications media-RF Mesh, Wi-Fi and Power Line
Carrier-on the same chipset, working in concert to solve
key network performance and connectivity challenges.
Running on the OpenWay smart grid network, adaptive
communications technology always utilizes the fastest and
most reliable communication path for every message and
every link based on location, network operating conditions
and the nature of the application or data. This is true
whether communicating with an office application or
another device on the grid.
This makes deployment of network infrastructure easier,
faster and less costly, while offering a single
communications solution for both dense and difficult urban
environments as well as lower-density areas. Adaptive
communications technology flattens the cost curve during
the latter stages of network deployment when the “hard-toreach”
devices and areas must be addressed. In other words,
it provides a network that continuously self-optimizes based
on geography, topology, operating conditions and business
requirements.
Together, these developments mean that many utilities
throughout the world are in a good position to leverage
these recent and significant advancements in network
architecture, edge intelligence and analytics as they
implement their grid modernization strategies and connect
to broader opportunities such as smart cities and IoT.
There is absolutely no doubt that the convergence of
information technology and operational technology in the
global utility industry will continue and accelerate, and that
technology advancement will continue to outpace the asset
lifecycle paradigm utilities have so long operated within.
Nevertheless, thresholds are reached that warrant a shift in
thinking about how to approach and solve problems. For
tomorrow’s grid, that time is now.
November 2016 36

Nanotech Security:
Leader in Anti-Counterfeiting with
Advanced Authentication Products
Counterfeiting is estimated to be a $650 billion
global market that is predicted to swell to over $1
trillion by 2017. To combat fraud, authentication
technology needs to continually stay ahead of
counterfeiters. And that’s what Nanotech Security is known
for all around the globe.
Nanotech Security is a leading innovator in nano-optic
image technologies for use in anti-counterfeiting
applications. The company’s technology counters
ever-evolving threats from modern scanning, photocopying
or photography based counterfeiting techniques.
Nanotech operates through two segments: Optics and
Tactical. The Optics segment provides nano-optics and
optical thin film for use in anti-counterfeiting and
authentication processes and products, including currency,
legal documents and commercial products. The Tactical
segment designs and sells surveillance and intelligence
gathering equipment for the law enforcement and defense
industries in the United States and Canada.
The company is working to enhance security for banknotes,
but also authenticates other potential commercial
applications that includes, legal documents, designer
merchandise, concert tickets, tax-paid stamps, medical &
credit cards, government documents, passports, and
pharmaceuticals.
Integrated Technology Authenticating Security and
Branding Images
®
Nanotech’s KolourOptik technology, inspired by a unique
structure found on the wings of the brilliant Blue Morpho
butterfly, creates ease to authenticate security and branding
images through a unique interaction and manipulation of
natural light with a grid of nano-sized indentations.
Nanotech uses patented algorithms coupled with electron
and ion beam technology to embed hundreds of millions of
nano-indentations into a master stamp to create this
technology. The technology can be then used to secure and
authenticate products of almost any kind.
®
KolourOptik technology is one of the first nano-optic
technologies to seamlessly integrate into the commercial
manufacturing process; meaning that organizations looking
to add an advanced authentication feature to their products
won’t have to invest significant resources to update
manufacturing. Every KolourOptik image is unique,
because the mastering process involves the most advanced
nano-optic technology. This makes the image exclusive and
matchless, and nearly impossible to replicate with other
technology.
In addition to its nano-optic technology, Nanotech also
produces optical thin film, which offers a high security
device with nano-meter thick layers designed to have
precise color replay depending on the angle of view. This
color-shifting film has been the standard for document
security for over two decades because it is very difficult to
reproduce or simulate, yet it is very simple to use.
An Innovative Leader Showing the Way
Doug Blakeway, CEO of Nanotech, is a lifelong
entrepreneur, having launched and profitably sold a number
of businesses since the beginning of his career as a
draftsman in 1966. In addition to having an unwavering
determination and commitment to all his projects, his
success can be attributed to independent, innovative
38
November 2016

The 10
Fastest Growing
Security
Solution Provider
Companies
Doug Blakeway
CEO
“We take care of
your Security, so
you can take
care of your
businesses
“
thinking, creative deal-making, and an
ability to dream big. He is the inventor
of over 10 patents.
Doug has drawn loyal, smart people to
him by helping others realize their
dreams. Doug is a lifelong learner who
believes in learning something new
every day. In a few short years, he has
turned Nanotech from a small business
into a success, purchasing one of its
larger competitors, Fortress Optical
Features.
Serving All Kinds of Clients
Nanotech’s clients appreciate their
great user interaction to help them
understand and realize the value of this
new ‘game changing’ technology. The
clients usually can be divided into
three groups:
The first group is environmental, where
the client appreciates the great benefits
of the technology by not using inks,
pigment or dyes composing the color
used in the products. This turns out to
be a huge benefit in case of embedded
indentations creating the color in the
items, such as blue jeans where the
material is made by using color dyes
and the pollutants of those color dyes
are injected into the rivers and oceans.
The next group Nanotech serves is
authentication types, which generally
comments on how unique the
technology is and how they like being
able to incorporate the design directly
onto any material with an ease to see
the bright images, where even
animation or motion can be
incorporated into the authentication of
design. Motion or animation of the
image brings a whole new dimension
to authentication, especially in case of
securing documents as it is almost
impossible to copy or imitate.
The third group is branding that
always focuses on the ability to
combine colors to make flesh tones as
well as black and white that are not
available to them today. With
Nanotech’s services, they can now
create a full portrait image in bright
LED- like colors combined with long
range viewing where one can see the
image from across the table or even
across the street. This allows the
design to be very creative,
incorporating brand recognition
with authentication.
Gaining Confidence of Investors
and Industry
“One of the challenges of being in the
field of anti-counterfeiting solutions
for banknotes is the necessity for
absolute client confidentiality. The
difficulties this condition has
presented to expanding the company
in a public company environment,
where all investors want to know the
details of all contracts the company
has secured, are considerable,” asserts
Doug on challenges one can face in
this industry. Despite this Nanotech
has gained the confidence of the
industry and investors, winning
top ten banknote-issuing authorities
as clients, without publicly naming
any of them.
November 2016 39

Trianz:
Execution Driven
Security Firm
As little as a decade ago, the primary focus of
information security and application security was
to assure the security of the data center and thereby
protect corporate assets from threats. Today, the practice of
information security has evolved into a board level
imperative that has to both account for and provide
assurance that all manner of information and assets,
including people and applications, are protected from
threat.
CISOs and the entire C-suite are faced with the challenges
of securing an ever-expanding set of assets encompassed in
private, public and hybrid architectures, provided by
multiple applications, data sources and a growing set of
endpoints and users, and managed in alignment with a
slowly evolving and increasingly complex global regulatory
landscape.
Knowing that Information security strategies must innovate
and mature to become inclusive of people assets as well as
application and data assets and account for a broader set of
technologies and ways of working with internal and third
party resources; Trianz was founded to help leaders in client
organizations, formulate and execute operational strategies
to achieve business results from a senior management
perspective.
A Company Enabling Strategic Execution
Trianz is a dynamic and fast growing firm that helps leaders
in client organizations formulate and execute operational
strategies to achieve business results from a senior
management perspective. Leveraging the Cloud, Analytics,
Digital, and Security paradigms, Trianz brings the best of
consulting and technology experiences, execution models
and IP to deliver consistent success to clients.
Enabling clients to implement, govern and operate an
information security culture from within is the purpose of
the Security Practice at Trianz. Their practice is designed to
help clients implement strategic information security
solutions that address foundational and organizational
business processes while executing typical information
security, risk management, and assurance services. Trianz
have assembled an experienced security practice team with
exceptional execution capabilities in assessments,
architectures, implementation, analytics and operations.
A Leader Driven by Innovation
Chris Mullaney—a multi-talented executive with 20+
years at Microsoft, with an outstanding record of leadership
spanning a wide array of roles in global information
security, regulatory compliance, risk management, antitrust
compliance and program management-recently joined
Trianz as Practice Head—Information Security.
As a Head of information security practice at Trianz, Chris
strengthens its existing information security framework and
bring in global best practices to build a world-class
information security practice at Trianz.
C-Suite Responsibilities Today
This innovation maturity strategy is at the heart of Trianz’
approach to information security. The goal of business is to
enable: enable clients to do great things with the products
and services they offer; enable employees to innovate and
provide great support to customers; and enable third parties
to securely provide innovative, new products and services
in support of their clients’ businesses.
To secure the environment against threats, many businesses
are focused on developing information security programs
40
November 2016

The 10
Fastest Growing
Security
Solution Provider
Companies
Chris Mullaney
Practice Head
Information Security
“We bring business &
technology perspectives
and experience under
one continuum to help
clients achieve results from
a top management
perspective
“
that eliminate threats by disabling their
employees — eliminating access
points, restricting device usage,
limiting application development and
deployment, limiting or denying third
party services in support of business
programs. This practice has the impact
of providing greater security for assets
-if you can’t get to the information, it is
secure by default. However, it also sets
up an organizational “Culture of No.”
The Culture of No is a clear deterrent
to innovation which is a death knell for
any business. Because the business
imperative is to grow-to improve
products and services, to improve
experiences for customers — the
Culture of No is an effective security
program only as long as employees
don’t find ways around the controls so
they can do their job and innovate.
Typical Security Practice
Trianz’ security consulting services are
focused on helping clients foster the
Culture of Yes and the team is
successfully making it true. Whether
Trianz is engaged in assessing client’s
readiness for a particular audit,
standard, regulation or certification or
working with them to implement a
governance program that includes
implementation of a secure operations
center using a DevOps support model,
the team focuses on helping their
clients develop their own Culture of
Yes for information security. This
process starts with understanding the
clients’ business goals and objectives,
current security posture, risk analysis,
risk management profile, architectures
supported and technology strategy. It
includes evaluating each of these areas
for blockers to success in
implementation, governance or
organizational policy/structure,
technology choices and
regulatory-audit-compliance
landscape. Next, in concert with the
client, they envision the Culture of Yes
for their information security program
while leveraging guidelines,
techniques, and technologies that
support the overall security
engagement.
Trianz Security is mainly focused on
practice areas that includes
assessments, architectures,
implementation, operations, and
analytics.
Measuring Success Completely in
Client Term
With offices in Silicon Valley,
Washington DC Metro, New York,
Dubai, Bengaluru, Mumbai, Delhi
NCR, Chennai and Hyderabad, Trianz
serve a wide range of clients from
Fortune 1000 to emerging companies
in high tech, insurance, financial
services, retail, manufacturing, life
sciences, public sector and logistics
industries. Over the past decade, Trianz
has developed a reputation for
excellence in execution, enabling
global organizations to achieve results
envisioned by their senior
management. Trianz measures success
completely in client terms-the impact
created through business execution.
November 2016 41

CXO Standpaoint
Business Applications
for VIRTUAL
and MIXED REALITY
irtual and Mixed Reality
Vtechnologies are stirring up
quite a bit of excitement these
days. Many investment firms and
analysts say that Virtual Reality is the
next big tech revolution after mobile,
and predictions for the industry’s
growth ranges from $70B to $150B by
2020.
Virtual Reality (VR) refers to a
completely immersed experience
where you can’t see or interact with the
world around you. It typically doesn’t
let you interact with others, though
some social experiences are now being
developed for VR. Mixed Reality
(MR) are experiences that let you place
virtual content on top of the real world
and interact with it as though it were a
tangible object, creating a blend of the
physical and digital world.
Adam Sheppard
Co-founder & CEO
8 ninths
Traditionally, the development of these
technologies has been driven by
military and training applications.
More recently, VR and MR is gaining
attention from various industries and it
is an exciting time for companies and
organizations that are looking for an
opportunity to translate business
42
November 2016

CXO Standpaoint
solutions into an immersive media format. New
applications are surfacing across an array of verticals:
Healthcare: Today, doctors often carry paperwork and
consult charts in order to assess their patients. With MR,
physicians and nurses could access this information
digitally and hands-free, allowing them to share it with
fellow staff or even consult doctors across the country.
Education: With VR, complex systems could be visualized
in three dimensions. Teachers can use virtual displays to
show students how blood flows through the heart or take
students on a field trip to a South American rainforest. VR
could also allow realistic, complex training simulations that
take minimal resources to create.
Engineering: There are numerous potential applications for
MR and VR in engineering, especially with remote
collaboration. Oil rigs, for example, require constant
monitoring, but it’s not always possible to assign expert
technicians to every location. Equipped with an MR
headset, a maintenance worker could be instructed by
someone on the other side of the world to conduct repairs
properly. Architectural and design projects could also
benefit from MR where multiple people could manipulate
and shape objects within a shared environment.
As new technologies, VR and MR require a different
approach. For any company who wishes to incorporate
these new technologies into their processes, the following
considerations are important to keep in mind:
Comfort and Safety
Most VR platforms require you to wear something on your
face. This is a very intimate way to connect to technology
compared to what most people are used to, which is a
screen they can keep at a distance. Thus, ensuring a
comfortable, enjoyable VR experience is important for your
comfort and safety.
VR and MR Do Not Replace Existing Workflows
It can be tempting to consider VR a quick solution to
problem solving. However, it’s important to remember that
VR and MR are not about replacing existing workflows, but
enhancing them. Companies should carefully consider their
workflows and identify where MR or VR can be added as a
discrete, important part of the workflow.
Choosing the Right Agency to Work With
Designing for VR and MR is not a simple task. It’s unlike
any other popular software design from the last 20-30 years
and requires an unusual skillset. Designers must think about
the logistics of creating a 3D object; adding different
behaviors and interactions to it that match people’s
expectations of how the object would behave in the real
world; and finally adding in digital properties such as the
ability to resize, annotate, and transform it. In this
environment, drawing on a combination of skills in gaming
and cinema are key in conjunction with the ability to apply
these skillsets to enterprise business problem solving.
Right now people are focused on moving from web to
mobile, but the big question is whether VR technology will
become as commonplace as smartphones. Broader adoption
will probably come in the next three to five years, driven
primarily by the entertainment and media landscape. This
means that finding ways to effectively integrate VR and AR
into a business and operations context will require creativity
to design solutions and a willingness to experiment.
VR represents a real opportunity to improve the quality of
human experience in two ways. First, integrating it into
highly visual and hands-on remote collaboration processes
can be a multiplier for human productivity. It can remove
the need to be physically present, but offers more direct
interactivity than teleconferencing or email. By improving
the efficiency of communicating information, it can reduce
time spent on extraneous workflow and processes.
Second, VR and MR can be used to help people understand
complex data in an intuitive way. Imagine if FedEx could
visualize all of its operations around the world, and how
quickly they could identify areas for improvement for
transportation and logistics.
This is only the tip of the iceberg as far as Virtual and
Mixed Reality is concerned. Over the next few years, VR
and MR will continue to evolve, changing the landscape of
digital media as it finds its way into the hands of more and
more users. To remain innovative and relevant to their
consumers, companies should pay close attention to this
space and begin exploring its potential to benefit their
business today.
November 2016 43