In a recent interview with Lakeshore Public Radio producer and host Chris Nolte, Robert E. Johnson III, shares his thoughts regarding Cimcor's inclusion within Cybersecurity Ventures Hot 150 Cybersecurity Companies to Watch in 2020 list. The following is an excerpt from the interview between Nolte and Johnson, and the important role cybersecurity plays with all businesses.
Editor's note: This interview has been edited for content and length. The interview in its entirety can be found below.
Q: In a busy section of Merrillville Indiana is a business which has picked up notoriety lately. The company we are referring to is Cimcor Inc. We have the president and CEO of the company, Robert E. Johnson, III. This very important piece of information we've got is about how Cimcor's become one of the Hot 150 Cybersecurity companies in the country, and around the world, for 2020. Thanks for being with us today.
Well first, tell us a little bit about Cimcor Inc., and how it got started. It's a very busy company, very quietly operating, but very busy certainly these days with all of the problems that we're encountering with cybersecurity.
A: Sure. Well, we actually started in 1997. Initially, we were focused on doing process automation and control, and that was automating manufacturing facilities. While working in that space, one of the opportunities that we identified, was that it seemed like it was possible without much effort, to jeopardize the integrity of the manufacturing process or those critical machines that run our processes.
So that encouraged us to develop the first version of our software, which at the time was called CimTrak Industrial, and the name of our product, in general, is called CimTrak. And that product helped identify unexpected changes to systems that help run manufacturing processes, those specialized computer systems.
Q: Were you finding back then, in the early days of the company, since you were talking about industrial processes that these were probably processes that might have been put onto a floppy disk, the technology was very simple back then compared to what it is now, it was not as much based on the internet systems that we have today, was it?
A: Not quite. But still, you had some of these control system networks being connected to the internet. And really the threat point at the time were USB sticks and laptops being carried throughout the organization. And what was the possibility that the laptop was infected, somehow altering how those manufacturing process actually worked. Now we ended up morphing over time and extending outside of that process automation realm to the general enterprise. And that was a big shift for us, but the mentality stayed the same. We’ve always been of the mind that processes are critical, mission-critical in fact, and because of that when we developed our software and targeted toward the general enterprises we had the same thought process; "How do we ensure businesses continue to run?".
Q: Did you find that over the years that you branched out from industrial to other business ventures that the problem is still there, in fact, it got worse because of the fact that it is so easy to break into systems and infect them somehow or another. Did you find that there wasn’t any real difference between the processes in a factory or manufacturer, as in those within a major business?
A: No, the problem was really the same. We actually detect unexpected changes to devices, servers, and network devices, and if it changes we let you know about it. Here is where this process automation mentality kicks in. We can automatically fix it with our software. It can change things back to the way they actually were before the attack. You mentioned things morphing over time. I remember when we started, we were looking at 78,000 threats a day. New types of malware, new types of threats every day. But then about 2014, we hit 348,000 new types of malware and new types of threats a day. As of today, we are well beyond 1.2 million new variants of malware every day.
Q: Do you find that these are new ideas or whoever’s out there hacking finding ways to break into the system, or do you find different versions of the same sort of malware that has developed over time?
A: That’s a good question. It’s actually a combination of both. There are always new ideas out there and new ways to exploit systems. However, we have also hit this point in time where there’s an entire economy based around actually selling malware that can be customized by the purchaser and the person purchasing the tool may not have a high level of technical ability. And now this is becoming more of a commodity to an extent.
Q: Now how did Cybersecurity Ventures, the organization that puts Cimcor, Inc. in this latest list, The Hot 150 cybersecurity companies in the world in 2020, how did they find out about you, and then best determine that you are best suited for the list this year?
A: Well Cybersecurity Ventures does an analysis of the entire cybersecurity market so their analysts and folks are constantly reaching out to understand your product, how it fits into your security space, and the problem that it solves. So this entire process is based on merit and they take into consideration not only the leadership, the innovation in the company, but they also speak with customers and analysts to help make that final determination.
Q: Now how did Cybersecurity Ventures rank you with the big boys out there - seeing as how your company and one other company I noted, based in Minneapolis, there are only two in the entire Midwest, and then of course you have a number of them in the United States and around the world - how did they come up with you being on the list this year?
A: Well, I’m happy to be part of that shortlist. But you are right, most of the companies on that list are quite large, but we’ve been holding our own. I think we have a culture of innovation at Cimcor, and a lot of that is driven by the general culture to me in the Midwest, particularly here in Northwest Indiana.
Q: Did you find Northwest Indiana is not is not only being a good place to establish a business but to be able to grow over time, as I suppose you could’ve taken your business to Chicago or a suburb, but Northwest Indiana has been Indiana where you're based.
A: Well I grew up in Northwest Indiana and the easiest path would have been to start the business out in Silicon Valley, but we really wanted to make an impact here in Northwest Indiana. We are trying to make this shift from a manufacturing economy to a services-type of economy and we can only do that if we all individually participate in making that possible. And on top of it all, if you look at the resources that we have right here in northwest Indiana, the human resources, they are really outstanding.
There are certain things that you cannot get in any other area areas of the country, and for instance, one is loyalty. The culture of hard work where you know that this person is going to actually work their 40 hours and to be honest, they are probably going to work 60. That culture of getting things done and keeping a practical attitude about how you accomplish things; I think it’s unique to this area and I think this contributes to our success.
Q: Did you find that the people here in northwest Indiana, in particular as you mentioned, they are the kind that will work hard and develop themselves - as well as the business along the way - that it has made it easier to find more folks to make the business grow?
A: I think it does. It makes it easier, but also it reduces the stress of high turnover. If you look at other areas of the country, turnover is extremely high in the IT sector. We have relatively low turnover, and I think a lot of that is because of the level of loyalty in the general culture that we maintain here in the Midwest.
Q: Now looking to the future for Cimcor, Inc. We don’t want to give away any trade secrets certainly, but what areas do you see out there that you would like to see the company working on in the cybersecurity area?
A: Well the mission of our company is to help you detect unexpected changes throughout your IT infrastructure, so we are constantly working to expand on what we are monitoring throughout your infrastructure. Right now yes, we are monitoring servers, network devices, and industrial controllers, but we'd also like to extend that to other items, for instance; industrial internet of things(IIOT), and Internet of things (IoT) configurations, because that’s where we are going to see a lot of growth over time.
Q: Well congratulations to Cimcor, Inc., for picking up the honor this year by being chosen by Cybersecurity Ventures and Cybercrime Magazine for being on the list of The Hot 150 Cybersecurity Companies to Watch not only in the United States but in the world.
This original interview occurred on October 28, 2019, and is an excerpt from the Lakeshore Public Radio broadcast "Regionally Speaking".
To learn more about CimTrak, download the technical summary today.
Post by Jacqueline von Ogden
November 1, 2019
November 1, 2019
Since 1999, Jacqueline has written for corporate communications, MarCom agencies, higher education, and worked within the pharmacy, steel and retail industries. Since joining the tech industry, she has found her "home".