Tim Jenkins and Darran Littlefield

| FROM THE PRINT EDITION |
 
 

Point BTim Jenkins and Darran Littlefield have always been at odds
with convention. Both came from the same traditional accounting firm where long
hours and heavy travel demands made them question the very basis on which the
industry was structured. They each had families and lives outside work. Was
there a way to make themselves happy while also keeping their customers satisfied?
There was only one way to find out: They established their own firm, Point B
Inc.
, and both adopted the role of co-CEO.

When they set out on their own in 1995, they took
significant risks. Littlefield was married with children, and Jenkins and his
wife were expecting their first child. Jenkins’ mother thought the move was so
foolhardy, she removed him from being executor of her will. But Jenkins and
Littlefield stuck to their core values of putting people first. They
implemented an employee stock ownership plan with the goal of keeping the
company 100 percent employee-owned. To maintain low costs, the company decided
to have no fixed office space. The headquarters are conference rooms on the
22nd floor of a high-rise in downtown Seattle, but most of Point B’s
consultants are either working from home or at a client’s location. Point B
also hired a culture director and developed their own concept of project
leadership with a focus on being flexible and getting things done. Since 2000,
Point B has opened satellite offices in six cities to expand its reach beyond
the Seattle market. Growth into new markets on the East Coast is expected
within the next few years. 

Finalists

Rajeev Agarwal

Founder and managing consultant, MAQ Software (Redmond)

Agrawal, RajeevRajeev Agarwal knows the value of an education. He was among
the 1.5 percent of 100,000 applicants accepted into the Indian Institute of
Technology in India, a country in which roughly a third of the population is
illiterate.

Armed with a master’s in engineering from Iowa State
University and an MBA from the University of Michigan, Agarwal came away with
one key business philosophy: Have very few rules and apply them consistently.

For the past 10 years, that is how he has led MAQ Software, a digital
marketing and technology company, which is also a preferred vendor of
Microsoft. The company, with its single focus and great execution, works
closely with Microsoft (where Agarwal once worked) in addition to using
open-source technology to manage a global business efficiently and
cost-effectively. The company has 100 employees locally and 200 more in India.

Greg Rankich

CEO, Xtreme Consulting Group (Redmond)

Greg RankichGreg Rankich isn’t as concerned about whether customers are
coming in so much as he is about if they are coming back. If they came back, he
knew his company, Xtreme Consulting Group, was doing not just well but great.
That exponential growth in return business manifested in August 2009 as Xtreme
was named the 41st fastest growing company in the country by Inc. Magazine.

A former Microsoft employee, Rankich had been exposed to a
lot of corporate decision making and saw the amount of money spent on business
and technical services. He knew he could provide quality and cost-effective
services for groups and clients both within Microsoft and without. Rankich
founded Xtreme in August 2005 and almost immediately had former co-workers and
new clients knocking.

“This aha moment made me confident that my idea and desire
to grow a business services firm was about to be realized,” Rankich says.

Next: Finanical Services

Back to main page

Cyberwarriors: Military Unit Joins Business Community in Fighting Hack Attacks

Cyberwarriors: Military Unit Joins Business Community in Fighting Hack Attacks

Microsoft exec, who's also an Air National Guard colonel, helps lead the effort.
| FROM THE PRINT EDITION |
 
 

By day, Charles “Chas” Jeffries leads a group of Microsoft techies. When he leaves his Redmond office, he often sheds his suit and tie for military fatigues as commander of an elite band of cybersoldiers who are quietly waging global warfare on malicious hackers. Jeffries, chief of security and a lead program manager at Microsoft, is also Colonel Charles Jeffries of the Washington Air National Guard, commanding its 252nd Cyberspace Operations Group, one of the first military cybersecurity units formed in the United States.

Jeffries’ two professional lives share one goal: getting the bad guys who sneak their way into private computers and wreak havoc on businesses, schools, governments and households.

Not only is cybersecurity one of the top priorities of the United States armed forces, it has also become a hot-button issue for businesses, universities and local governments nationwide, including mom-and-pop operations.

The Puget Sound region, home to one of the largest high-tech sectors in the nation, is a fertile “threat landscape” for cybercriminals. For that reason, companies like Microsoft, Boeing, Google and Amazon are implementing resilient IT systems and have woven cybersecurity culture into their corporate fabric.

“Any internet-connected company today that doesn’t take cybersecurity seriously likely won’t be in business for long,” says Jeffries. “The more companies do to make it harder for cyberattackers to penetrate their networks and systems raises the bar collectively against the variety of cyberthreats the community is dealing with today.” 

The job of safeguarding high-tech data traditionally has been relegated to information security professionals. But in today’s digital age, cybersecurity has a front-and-center seat in just about every corporate boardroom in America. IBM CEO Ginni Rometty has said cybercrime may be the greatest threat to every company in the world.

Cyberattacks cost businesses $400 billion to $500 billion a year, says cybersecurity expert Peter Singer, who recently spoke at a Microsoft Virtual Security Summit recorded at the company’s Redmond campus. That’s more than the national income of most countries.

Singer describes the state of cybersecurity today as both a blessing and a curse. He says the “blessing of the digital age” has brought a world of opportunities to half of the world’s population, but it has also created “cyberanxiety” over vulnerable targets.

If any good can come out of “hacktivism” — the breaching of a computer system for a politically or socially motivated purpose — it’s that the movement has created a fast-growing security industry that is predicted to generate $170 billion in revenue by 2020, says Singer, the co-author of Cybersecurity & Cyberwar: What Everyone Needs to Know. In his book, he points out the scale of the threats:

  • 97 percent of Fortune 500 companies have been hacked — and the other 3 percent likely have been, too, but just don’t know it yet.
  • 500 new pieces of malware — malicious software designed to cause harm — are discovered every minute.

“As real life and online become indistinguishable from each other, cybercrime has become part of our daily lives,” says a 2016 Symantec Corporation security report. “Attacks against businesses and nations hit the headlines with such regularity that we’ve become numb to the sheer volume and acceleration of cyberthreats.”

The more technology becomes ingrained in our everyday lives, the more cybercrime develops.

“Cybersecurity is a board-level issue that everyone is talking about,” Pete Boden, partner director of C+E Security Infrastructure Services at Microsoft, said at a recent forum on cybercrime. He says most of his time is spent on detecting and protecting against cyberattacks. Most days, he’s “part police officer, part fireman, part judge and part emergency doctor.”

One of the best defenses, Boden says, is to keep your computer clean. In other words, make sure every computer has updated software, is in good working condition and is well protected from malware.

“Ninety percent of our attacks are [due to] basic vulnerabilities,” Boden says. “Protection goes beyond technology. Good hygiene is crucial. We wouldn’t forgo brushing our teeth for a month.”

Recent cyberattacks on Sony Pictures Entertainment, Target and Home Depot catapulted cybersecurity into the national consciousness and forced business leaders to rethink their strategies in defending and protecting infrastructure, networks and systems. The hacking of email files of the Democratic National Committee only underscored the threat.

Companies with 500 to 2,500 employees and local governments are especially fertile ground for cybercriminals looking to exploit unsuspecting organizations that have valuable data to steal and much more to lose, according to Florida-based Threat Track Security.

“Hackers think local government is an easy target,” Linda Gerull, director of information technology for Pierce County, said at the cybercrime forum. 

David Shaw, CEO of Global Business Analysis, a Gig Harbor cybersecurity firm, agrees, warning business leaders and city officials that cyberthreats are becoming more sophisticated and widespread. “It’s a [100 percent] probability that you will be breached,” he asserts.

Businesses and households with computers face a slew of cybersecurity challenges that can cripple office operations and disrupt daily lives. Today’s cybercriminals don’t fit the stereotype of teenagers wearing hoodies. They are sophisticated, transnational, black-market specialists who prey on businesses and individuals, stealing intellectual property and financial information.

“They come in all sorts of shapes and sizes,” says Singer, a strategist at New America Foundation, a Washington, D.C., think tank. “They are not all teenagers living out of their parents’ basements. You never know where it’s coming from. We are all at risk.”

While the security marketplace is booming, Singer says there’s a “people gap” affecting it — 200,000 unfilled jobs in the United States and a million worldwide. “There’s just not enough talent to go around,” he notes. 

In the next three years, the demand for security talent is expected to grow by 2.5 million, but the supply only by 1 million, leaving a gap of 1.5 million, according to Experis, a Wisconsin-based staffing and recruiting firm with offices in Bellevue. “Companies need to get ahead of this trend and start thinking more about development and how they will resource their growing talent needs going forward,” says Sean Costello, senior North America vice president of Experis, which recently released the report, Protecting Your Organization in a Talent Scarce Market

This shortage has led to universities, local governments and companies offering more classes and training programs in cybersecurity. The University of Washington–Tacoma, for example, created a Center for Information Assurance and Cybersecurity. Columbia Basin College in Pasco and Richland-based Pacific Northwest National Laboratory (PNNL) teamed up to offer a Cybersecurity Bachelor of Applied Science Program. And more than a dozen colleges and universities in the state, including community colleges in Lakewood, Auburn, Lynnwood, Seattle, Des Moines and Spokane, have programs related to cybersecurity training. 

There’s even a cybersecurity summer camp for children in Pasco. In June, Columbia Basin College and PNNL offered the free “Cyber Patriots” camp for kids ages 7-12. It featured presentations on ethics, online safety and cybersecurity career opportunities.

A shortage of security labor also has led to the creation of more than 100 military cybercommands around the world, including Jeffries’ Air National Guard unit in Washington state. They comprise military and citizen soldiers helping to thwart cybersecurity incursions that President Obama has said “pose some of the most serious economic and national security challenges of the 21st Century.”

Jeffries says his role at Microsoft enables him to be more effective in his cybersecurity role with the Air National Guard. “This is a real benefit we realize in the National Guard for these units,” he says. “We train airmen and soldiers in cybersecurity to perform our cyber defense missions in the military department, and at the same time regional companies are able to hire those same airmen and soldiers as technical employees and leverage that training to protect their companies.”

The model also works in reverse, in that the Air National Guard benefits from those airmen and soldiers working in technical civilian careers with high-tech companies in the region.

Jeffries’ unit, which includes employees of Microsoft, Google and Amazon, conducted a study last year on the control system used by the Snohomish County Public Utility District (PUD). It was the first time the airmen carried out a threat assessment for a local government agency, and it helped the PUD strengthen its security.

Today, four Washington Air National Guard units are used in a cybersecurity capacity and can be deployed in “red team” exercises to evaluate the strengths of the state’s digital networks and the effectiveness of existing cyber emergency plans.

Earlier this year, the squadron caught the attention of U.S. Defense Secretary Ash Carter when he visited Joint Base Lewis-McChord in Tacoma. He described Jeffries’ unit as being “famous throughout the country” for several high-profile vulnerability assessments. “It brings in the high-tech sector in a very direct way to the mission of protecting the country,” Carter told reporters. “And we’re absolutely going to do more of it.”

In 2012, the state launched a “bottom-up” cybersecurity program to prepare for any type of major cyber incident. “We are the world’s center for digital commerce,” Governor Jay Inslee said at the Governor’s Summit on Cybersecurity and Privacy earlier this year. “We know that in this digital era, good cybersecurity is essential to the continuity of global commerce and to a thriving economy.

In April, Inslee signed into law a measure that makes it a crime to commit various types of internet-based data theft. The Washington Cybercrime Act identifies electronic data interference, theft and tampering as first- and second-degree crimes. This allows law enforcement and prosecutors to keep pace with new types of criminal activity.

The new law came on the heels of the creation of a state Office of Cyber Security and an Office of Privacy and Data Protection — the latter being a partnership between Washington state and the U.S. Department of Homeland Security to strengthen critical infrastructure and government services.

“Here in Washington state, we have a special responsibility to get this right,” Inslee said. “In a world where more and more personal data has moved into electronic format and [is] stored on electronic networks, we need to make the right investments in both smart security and in smart people to safeguard the personal data that is entrusted to us.”