Inc. 500 Interview: Arbor Networks on Security Threats
Security threats on the Internet have grown more sophisticated since the mid-1990s, when a research group at the University of Michigan started focusing on how to secure business networks. With what they learned, professor Farnam Jahanian started Arbor Networks, based in Ann Arbor, Mich., with one of his graduate students, Robert Malan. Arbor Networks, #9 on the 2005 Inc. 500, developed the primary security technology now deployed by Internet service providers, enterprise cores, cable companies and government networks. They say business leaders need to pay attention to more sophisticated Internet security threats.
Inc. Technology: How have Internet security and the threats changed since you started the company?
Farnam Jahanian: They are more sophisticated and more targeted. Four years ago, you saw hackers launching attacks on websites to be malicious. These days, attacks are targeted for financial gain. There has been explosive growth in botnets, which are essentially compromised or infected hosts that launch attacks on unsuspecting enterprises and home networks. Hackers infect computers with software that automatically attacks networks or websites, aiming to disrupt services or for e-mail fraud. Eighty percent of spam across the Internet is now caused by botnets.
Robert Malan: When we started this in 2000, the people behind the "attacks" were more like kids joyriding in a car, knocking down mailboxes. Now, it's more of an organized, deliberate exploitation based on economic incentive for the person doing these attacks. You have these economies springing up with rooted machines and compromised assets. The tools are different, too. In the beginning, it was full blast, just out for maximum impact. Now, they're more subtle. They subvert resources, stay hidden, collect data, and sneak that data back to collection points where they harvest the information.
Inc. Technology: How can small, fast-growing companies protect themselves from these attacks?
RM: Small companies have several ways to protect themselves: they can roll up their sleeves and do it themselves with in-house IT, or they can work with a service provider to help them. Either way, they should try to follow best common practices with respect to both perimeter and internal security. For perimeter security, a firewall and IPS are recommended; perimeter security can easily be outsourced to either their existing network service provider or a number of specialty managed security service providers. Internal security best practices are evolving and aren't as well defined. However, I think that certainly network behavior analytic tools in combination with either internal IPS or switches with security functions are a good first step.
Inc. Technology: How did Arbor Networks develop from academic research project to a multi-million-dollar company?
FJ: In the lab setting, we deployed some of the solutions on several regional service provider networks. And the providers were surprised at the visibility into the kind of traffic that was crossing into their network toward their customers. That led us to believe that the technology had commercial viability. So I developed a business plan, looked at the market for providing this commercially, and we started talking to venture capitalists. My research at the University was funded by government organizations and companies like Cisco. So it wasn't a surprise that funding was raised from Cisco and Battery Ventures. We released the product in 2001 and it was successful right away.
Inc. Technology: Are you still involved in academics?
RM: Farnam is still teaching, but I like building things. And in academia, you never finish the building. FJ: My goal was to launch a company. I still have the opportunity to teach a course and be in the academic setting, which allows us to keep looking at cutting-edge research.