Pittsburgh-based cybersecurity nonprofit to expand to Los Angeles, NYC
A quiet, Pittsburgh-based cybersecurity nonprofit expects to announce plans this week for offices in New York City and Los Angeles, marking its first expansion out of Western Pennsylvania, the Tribune-Review has learned.
The National Cyber-Forensics & Training Alliance keeps a low profile but has been hailed by President Obama and national leaders for bringing together public agencies and private companies to fight online crime.
The group began informing its members about the expansion during the past two weeks.
“It’s only going to make us stronger,” Matt LaVigna, the group’s interim president, CEO and director of operations, told the Trib. “By going to Los Angeles and New York, these are going to be extensions of the work we’re doing here. The command and control will still be here in Pittsburgh.”
The Alliance formed here in 2002, and the planning for it started even earlier — years before data breaches became a household concern. The nonprofit’s founders wanted to create a place where public agencies and private companies could share quick-moving information about computer threats.
When the Alliance started, spam emails were considered the biggest online threat to industry.
Today, the nonprofit Alliance operates out of the Second Avenue technology center, bringing together federal officials with representatives from more than 100 national companies involved in finance, energy, medicine, manufacturing, retail and other sectors. Companies pay to become members.
FBI Director James Comey singled out the nonprofit during a visit to the agency’s Pittsburgh office last week, praising it for bridging communication gaps with business. The FBI’s national office has deployed agents to work with the Alliance.
“We’re trying to forge relationships with the private sector that are appropriate and lawful and effective,” Comey said. “We have to figure out ways to talk to each other. … We have shown how to do that here in a lot of different ways.”
Workers at the Alliance’s headquarters sit among cubicles, each marked with the person’s name and corporate affiliation. If one company or group detects a software weakness or online attack, they can quickly alert the others and mount a common defense, LaVigna said.
For example, an energy company that detects a virus might end up alerting a retailer to an emerging threat, LaVigna said. “Where else can that happen?” he noted.
Michael Spring, an information science professor at the University of Pittsburgh, said that “one of the most significant problems faced in battling cybercrime is the secrecy with which it’s handled. People don’t want to let other people know they’ve been compromised.”
The Alliance’s plan to expand to the nation’s opposite coasts is a natural outgrowth as computer security concerns have become more widespread, Spring said.
The office in New York will seek to reach more Wall Street and financial companies, while the Los Angeles office will target entertainment, energy and port-related companies, LaVigna said. The Alliance will seek to have a broader impact by being in closer proximity with more clients, he said.
“One thing is expanding our reach to industries that we normally wouldn’t have access to, primarily for distance,” LaVigna said. “… There’s value to having that physical touch.”
Inside a malware laboratory lined with banks of monitors, the Alliance’s employees watch computers infected with the nastiest viruses known. At any moment, analysts might be tracking dozens of variants and following them for as little as a couple of weeks to as long as several years, said David Johnson, malware program manager.
The goal is to learn the behavior of each attack and to watch for changes or updates so the Alliance can alert its members, said Steve Mancini, the chief technology officer.
Groups in Japan and Singapore recently replicated the Alliance model, and cybersecurity experts from around the world routinely seek out the Alliance for insight and collaboration.
“We’re proud of our roots here in Pittsburgh,” LaVigna said. “This was definitely an organization that was created here in Pittsburgh. It was not thought of and planted here; it was born here.”
The nonprofit expects to open the offices by August. That could mean moving some Pittsburgh-based employees, though many are glad to be here, LaVigna said.
“They like having the opportunity to do the work they’re doing on a global basis and still be here in Pittsburgh,” he said.
Andrew Conte is a member of the Tribune-Review investigations team. Reach him at 412-320-7835 or firstname.lastname@example.org.