The explosion of ransomware attacks is shining a light on the importance of cybersecurity. And Kansas City’s cyber defense industry is growing to meet the increasing demand.
In a ransomware attack, hackers gain control of a company or government’s servers and demand money to unlock the network. Cryptocurrency has allowed hackers to receive ransoms anonymously after taking control of businesses’ networks.
These attacks happen everywhere, including Kansas City. In the last two years, Metropolitan Community College, Truman Medical Center and the city of Independence have all been targeted.
Byron Clymer is the chief information officer at Lockton Companies, a global insurance company headquartered in Kansas City. Clymer said he has been on the front lines of too many cyberattacks to count.
“The threats come out daily, so you’re on the wall daily preventing and looking for attacks, trying to prevent them, trying to figure out other ways that they might be trying to get in,” Clymer said.
Clymer said hackers used to get in and get out, focusing on stealing data and selling it on the dark web.
But now, after the hackers get into the system, Clymer said they will follow a trail of interconnected devices and networks, latching onto anything they can, including other businesses.
“Now it’s about as they break in and they get on that one box, that one computer, how can they figure out how to move to the next one and the next one and the next one,” Clymer said.
This is how a ransomware attack on one company can turn into an attack on hundreds of companies, like the attack on U.S. tech firm Kaseya, which halted operations for over 1,000 companies worldwide over the Fourth of July weekend.
Ransomware leads to expansion
The ransomware explosion has led to a rapidly growing cybersecurity industry.
Globally, the market has gone from a few billion dollars 15 years ago to over $150 billion today, according to Mordor Intelligence, a global market research company.
William Brunkhardt, who owns three cybersecurity businesses in Kansas City, said his business has doubled in the last two years with the explosion of ransomware.
“There’s no question that the media attention and these other high-profile attacks have caught the ears of people,” Brunkhardt said. “And it should.”
Cybersecurity firms in Kansas City find it a little easier than the rest of the nation to find employees in the profession.
Cyberseek, a company that provides data about the cybersecurity market, found that nationwide there are 2.1 cybersecurity workers for each job opening. Kansas City does a little better with 2.3 workers for each available position.
However, Kansas City lags behind compared to its states. Missouri does a little better with 2.5 cyber workers for each available position, and Kansas has 2.6 cyber workers for each available position.
These numbers mean it can be difficult to find qualified workers in cybersecurity. Looking at all other industries, there were 3.9 workers for every job posting.
Strengths of Kansas City’s industry
Brunkhardt said the Kansas City cybersecurity industry is strong because of the accessibility and affordability of internet connections.
“I know in California in my business we’ve had to buy internet connections, dedicated high-speed,” Brunkhardt said. “And it’s a fraction of the cost here that it is up there.”
Kansas City ranked No. 2 in the country in internet speed among large cities, according to a 2020analysis from AdvisorSmith.
Michael Hannan is the chief security officer at LightEdge, a data-storage company located in one of Kansas City’s industrial caves. He said startups here are more likely to invest in cybersecurity.
“They see that the solution is too expensive or not covering the risk that actually sits out there, so they are trying to do something differently,” Hannan said. “And I think that’s pretty unique.”
A range of cyber defense businesses call Kansas City home, and Hannon said they learn from one another. They share cyberattack experience and market knowledge.
“We’ve done a really good job within the city of bringing those people together and giving them a chance to talk and work together because if we don’t come together on these types of things, no one wins,” Hannan said.
Insuring against cyberattacks
While ransomware attacks have increased in frequency and scope, cybersecurity insurance has expanded. Global insurance broker Marsh McLennan reported that its percentage of clients that used cyber insurance almost doubled from 2016 to 2020, according to areport from the U.S. Government Accountability Office.
Travis Holt is the founder of Brush Creek Partners, a cybersecurity insurance and contract review company. While his business still works on preventing cyberattacks, the main focus is insuring businesses when they are hit with an attack.
He said he started reaching out to businesses with sensitive data like banks and hospitals more than 10 years ago.
“They had zero desire to have a conversation,” Holt said. “And our phones now rings off the hook with companies calling us saying, ‘I need help.’”
A survey from the Council of Insurance Agents and Brokers also states that cybersecurity insurance premiums increased 10%-30% in late 2020 for most respondents because of higher demand after the increasing frequency and severity of cyberattacks.
Protection doesn't have to be expensive
Holt said companies should view their investment like running away from a bear.
“You don’t have to be the fastest; you just can’t be the slowest,” Holt said.
And while Holt said it’s very costly to get to 100% cybersecurity coverage, he said it’s not necessary to invest that much.
“In most cases, getting to 90% is sufficient because there is so many people that are so inadequate that the hackers will pick on the easy targets,” Holt said.
But for businesses that can’t afford to hire someone, it can be relatively inexpensive to protect against attacks. Things like employee education, backing up data and multi-factor authentication can go a long way.
Polsinelli data security lawyer Alex Boyd said businesses can protect against most attacks using just these practices.
“I would estimate that probably cuts out maybe at least 80% of a lot of the incidents that we see,” Boyd said.
Some in the cybersecurity world believe companies aren’t committed enough to cyber defense. Some even think if ransomware continues to grow, there will likely be a national cybersecurity requirement, especially for critical infrastructure.
This story was produced through a collaboration between KCUR and Missouri Business Alert.