Wouldn’t you think junk e-mails are the bane of business? Not for Cyveillance, the Rosslyn-based company that purposely attracts as much as it can—now more than a billion items a month. All part of its mission to monitor the Internet for anything that might harm its business clients.
Cyveillance CEO Panos Anastassiadis this week in his Wilson Blvd. office. The firm now counts 40 of the Fortune 100 among its clients; many of them are in the energy, hospitality, and pharmaceutical industries. (That last one shouldn’t be a surprise, considering those Viagra emails.) Financial institutions are also big customers—Cyveillance finds thousands of compromised credit card numbers a day.
While keeping up with its overflowing in-box, at any given moment Cyveillance also has a watch on 120 million Internet domains, consisting of 180-200 million websites and approximately 8 billion web pages. And what’s it looking for? Online schemes like “phishing” and malware attacks, leaks of insider information, and any other threat to businesses—which often include imposter emails sent out in a client’s name.
He’s not snooping. Cyveillance doesn’t penetrate criminal operations or secure its clients' internal computer systems—the company’s specialty is scouring public areas of the Internet. Panos explains that “we protect from the outside in.”
The scope of Cyveillance’s cyber patrol has broadened over time. When he took the CEO reins six years ago, Panos transitioned the firm from a protector of brand identity to a more all-encompassing online security force. Where the company had been focused on “petty theft” matters like cyber-squatting and counterfeit sales, it now watches for larger-scale threats as well. They keep tabs, for instance, on increasing amounts of Internet chatter about CEO travel schedules—a personal security concern as well as a possible tip-off to insider M&A plans.
Cyveillance now has over 100 employees, with 12 senior analysts assigned to individual clients. They aren’t your usual techies, either. It recruits analysts with backgrounds in criminal psychology; their ranks include former employees of the FBI, the U.S. Marshal’s Service, and even a former CIA operative. They assess intelligence gathered by Cyveillance’s system and apply good-old gumshoe skills to the latest schemes.
One of the most disturbing new schemes, for example, seeks to gather extensive personal information through elaborate, but fake, offers of employment that appear to come from legitimate companies. The twist: Stolen information is not being exploited in traditional ways like credit card theft. Panos theorizes that the information is used to establish false identities in foreign countries, or for criminals to enter the U.S. under new-found names.
Panos grew up in Greece and spent years working for American companies in England. A move up the ladder at Merant brought Panos and his family—he’s showing off his three daughters here—to Maryland 13 years ago.
Companies subscribe to Cyveillance’s service, which alerts them to incidents affecting their business on a secure web portal. Its system reports the incident, provides detailed information on it, suggests action to take, and allows the client to execute certain actions straight from the portal. A standard cease and desist letter, for instance, can be sent at the click of a mouse.
Leading a cyber patrol wasn’t exactly what Panos had planned for himself at this stage in his life. He was comfortably retired from the software industry when the Cyveillance opportunity came along. He filled a table at a Dutch Embassy event with venture capitalists when talk turned to an intriguing new internet security company. “I’m still trying to figure out” how that discussion led to the post, Panos muses, with a smile.
(Disclosure: Our fearless leader, Mark Bisnow, served as chairman of Cyveillance’s Advisory Board—with members like former US cyber security tsar Richard Clarke and former Deputy National Security Advisor Gen. Don Kerrick, but waited to do this piece until he stepped down, and also asked that it be written by someone else—in this case, attorney and novelist John Ford.)