Skip to Content

Launch Security looks for cybersecurity to take off

Launch Security looks for cybersecurity to take off SSN ‘20 under 40’ winner Rob Simopoulos starts new company in Maine

PORTLAND, Maine—Security Systems News' “20 under 40” winner from the integrator class of 2015, Rob Simopoulos, along with company partner Andrew Rinaldi, formed Launch Security here last month with the idea of helping organizations improve their overall cybersecurity posture.

Simopoulos, who prior to starting Launch Security was president of Advance Technology, told Security Systems News that the focus for the new company is to provide a cybersecurity program tailored to small businesses, which are becoming a bigger target these days. He pointed out that over the past five years there has been a steady increase in attacks targeting businesses with less than 250 employees, going from 18 percent attacked in 2011 to 43 percent by 2016. Moreover, according to the National Cyber Security Alliance, as many as 60 percent of small businesses go out of business within 6 months of being breached.

“We want to prevent this from happening to the many small to mid-sized businesses here in Maine and in the New England area that may be vulnerable,” Simopoulos told SSN. “On the cybersecurity side, as I started speaking with small and mid-sized businesses, I realized that they had virtually nothing in place, and were in need of a lot of guidance and education. So we said we can really help some of these organizations by training their people, by helping them with the right technology selection and by creating a better overall cybersecurity posture, which is why we founded the company.”

He said the company is focusing on the New England region, with Maine as the core focus initially.

“Right now we are working closely with some organizations in Maine, taking them through this copilot program that we have created that takes them through assessment and testing to education and training to technology deployment and then monitoring,” Simopoulos explained. “This is a continuous program, because we know that the threats are going to change, and people are going to deploy new technologies on their networks that need to be assessed and tested for vulnerabilities.”

In his meetings with companies, Simopoulos said that he has heard many stories of cyber attacks and breaches, including sophisticated email phishing scams directed at someone who is head of finance for a company that look like they are coming directly from the president or CEO, for example.

“When you open these emails, they look real, like it is coming from the company president,” he said. “The phishing attacks are rampant right now and are definitely becoming more and more sophisticated, and the attackers are doing a lot of research beforehand, and spearfishing attacks at certain individuals in an organization.”

Following the recent ransomware attack last month that hit Microsoft computers that failed to update a security patch, Simopoulos is seeing a lot of companies dealing with these types of attacks. “One organization told me about a supplier whose manufacturing facility was hit and was shut down for weeks as they tried to rebuild it because it didn't have proper backups in place,” he noted. “Someone else told me about their friend's company that was being held for $200,000 in ransom.”

One of the key ways to protect valuable systems and data, he said, is by simply having a proper backup procedure in place. “Get your systems backed up,” he noted. “And have an incident response system in place, so you can take the proper steps to remediate and get your systems back to normal.”

Employee training is also a key part of cybersecurity, he added. “Your employees are often your weakest link in the whole chain, so by giving them proper training on a regular basis, which is part of our program, is vitally important.”

The overriding directive for Launch Security is “keep it simple,” he said. “We don't want to be having high-level technical conversation with our customers because we are speaking many times with the president of the organization who understands some of the risks, but isn't necessarily technically inclined,” he said. “In the end, you can't be 100 percent protected, but you can do things to mitigate the risk, including making massive improvements to make sure that your posture is a heck of a lot better with the hopes that you are protected from specific attacks and that the attackers will go in a different direction.”

He continued, “And if there is a breach that you are prepared for it, which is a real key part of it: that if something does happen, you know exactly what you need to do as your next steps to remediate and deal with the problem at that point.”

Comments

To comment on this post, please log in to your account or set up an account now.