Sunday, January 5, 2014

FireEye Acquires Mandiant and Why Cybersecurity Matters

My most recent post on this blog was on networks in mergers and acquisitions and shortly thereafter there was a very interesting acquisition announcement in the cybersecurity space: FireEye acquired Mandiant Corp. This is considered one of the biggest recent security deals as reported by The New York Times, which noted that The combination of the two companies — one that detects attacks in a novel way (FireEye), another that responds to attacks (Mandiant) — comes as corporate America has become wary of relying on the federal government to monitor the Internet and warn of incoming attacks. And according to The Wall Street Journal: Mandiant and FireEye market themselves to businesses, not consumers, and focus on blocking highly skilled hackers who can evade traditional antivirus software. But they have unique specialties. Mandiant has become famous for its investigators that act like a cyber-SWAT team for companies that have been hacked. They focus on figuring out how hackers got in and removing them from corporate systems.

Mandiant is named after its founder, Kevin Mandia, who also served as the company's CEO prior to its acquisition. According to the company's website: Mandia was profiled on the cover of Fortune magazine and recognized by Foreign Policy magazine as one of the 100 leading global thinkers of 2013. The New York Times a few months ago had major coverage of the expertise of Mandiant which was fascinating.

Mr. Mandia went to Lafayette College, in Easton, PA, which is also my husband's undergraduate alma mater. From  an article on Lafayette College's website, I learned that Kevin Mandia was a computer science graduate, and also holds a Master’s in forensic science from George Washington University. He is co-author of Incident Response: Investigating Computer Crime and articles for The International Journal of Cyber Crime.

I became interested in cybersecurity and cyber crime in my research on modeling the Internet and was involved in an Advanced Cyber Security  Center (ACSC) project, Prime the Pump, entitled: Cybersecurity Risk Analysis and Investment Optimization  with colleagues in Operations & Information Management and in Finance at the Isenberg School of Management, and in Electrical and Computer Engineering, at UMass Amherst, along with one of the university's chief information officers.

I presented some of our funded research at the INFORMS Annual Meeting in Minneapolis last October and posted some information prior to the conference. Our session, organized by Professor Alla Kammerdiner,  was entitled: Big Data Analytics for Cybersecurity, and it was videotaped. INFORMS recently posted the video of my presentation: Network Economics of Cyber Crime with Applications to Financial Service Organizations  on INFORMS' great youtube channel and it can be accessed directly below.

We hope to extend this and related work through the auspices of ACSC.

Also,  Alla's presentation was on Network Inference for Monitoring Cyber-physical Systems (CPS) and it can be viewed below.
Alla ran the Boston Marathon last April 15 and is an elite runner. She heard about the bombings after she completed the marathon route and while on the Green line traveling back to her hotel.