The Cicada Solution

Ryk Edelstein

Wed, 14th November 2012

Speaker Bio 1:
Ryk is a technology innovator with three decades of experience building and managing successful IT and Security solutions for organizations. By maintaining close attention to both market needs and emerging security challenges, Ryk says that he attributes his success to his ability to cut through the fog and predict emerging trends in their early stages of evolution.

Ryk will tell us how Cicada addresses the active detection of physical threat, and protects computers from attempted theft, tamper, and the vulnerability of unintentional information exposure at the moment of compromise. The Cicada is an innovative security technology which has recently been introduced to the market, and is gaining a lot of attention by Government, enterprise, banking, and privacy advocates.

Max, Concise Courses:
I have got Ryk Edelstein here from Cicada Security Technologies. Usual form. I’m going to introduce Ryk in a second and he’s going to give us a quick overview of his background and then we’re going to jump into a presentation called the Cicada Solution. And we’re going to keep it to 15 minutes. And if anybody has questions, please use the chat box, and I will ask those questions at the end of the presentation. So, Ryk, thank you so much for joining us. Thank you. And if you can, just give us a bit of background about yourself and your company?

Ryk Edelstein:
I’m a serial entrepreneur. I’ve been in the IT environment for over 30 years. We typically have been servicing large enterprise and government. We are subject matter experts on data destruction. I’m presently the CEO of Cicada Security Technology, a company which develops innovative security solutions to the protection of physical assets and the data stored on them.

Max, Concise Courses:
Excellent. So we’ve got a presentation of Cicada Solutions, which is one of my favorite animals on the whole planet – well actually its an insect! That’s how Ryk and I started to chat. So, Ryk, if you want to, just pull up that presentation.

Ryk Edelstein:
So the Cicada was a USB based security device, which was developed actually a number of years ago, in 2008, for clients of ours who had a problem of losing 1,000 laptops a year. Yes. Believe it. They lose 1,000 laptops a year and nobody gets fired. And they needed to find a better way to secure their device. So they came to us. We had a history of dealing with some other physical security projects, and we developed the technology specifically for them.

It looks like a USB thumb drive, no larger than a common memory device. And what it does is it analyzes a physical threat in real time, and it deters theft or tamper. And it protects, not only the assets from theft, but it protects the digital assets, such as your data, from unauthorized exposure or actual theft or tampering.

In 2010 we created a company specifically to develop and market to Cicada, and we were issued our first patent in July 26, 2011. Our second patent was issued just last week, rather. We filed for international protection. It’s the first product of its time to market or rather we should say the first commercial available product to market. It’s position is to address privacy compliance or data theft or asset theft. But what’s interesting about this is that to the consumer, their concern is more towards protecting the assets from theft. Nobody wants to spend the money to replace that laptop or computer. And to the corporate and government, the interest is more, protecting confidential information. So it has a variety of different values, depending upon who you are.

It’s also a good complimentary technology for existing technologies such as this and enabling technologies. So we can say that we give Endpoint Security Solutions the visibility to a physical level threat. We also can talk to technologies, such as Intel’s antitheft feature set. So we can actually go to the level of where we’re invoking hardware level action to protect that asset.

So a few quick statistics. There were a variety of different numbers out there. We try to use the best available. These numbers come from a variety of different sources. But there’s a lot of laptops in operation worldwide. Despite the prevalence of tablets, we still see a continuing growth in the sales of laptops. There are 12,000 laptops lost in the airports per year. But we’re not just limited to laptops. These can be used on stationary computers and even in the data sense, where you don’t want the server tampered with.

So typical solutions for protecting physical or physical security solutions we’ve seen the cable lock being sold for many years. This is a great device; however, a lot of people rarely take it out of their bag or use it while they’re travelling. And then you have after the fact technology, such as Computrace and Lojack, which you discover, “Oh, crap! My laptop is missing.” And then you call it, and you start tracking. It’s an after the fact situation. But the problem we have here, is at that precise moment, the computer is compromised when the thief steals it or attempts to tamper with it. So the moment that you discover the incident, there’s a huge period of vulnerability where that data can be accessed; or worse yet, if that computer is connected to trusted network data, which is in your head office or data center or banking or whatever it could be, it can be accessed by an unauthorized party.

And when it comes down to antitamper, when we were doing our patent, we realized that theft is a great interest to a lot of folks, but tamper is of greater interest to government and military. If information is modified, it typically is not detected until somebody notices an anomaly or something occurred. You come back to where the computer was and it’s missing. And you know what happened and you can report it. Tamper is a great, great concern.

Usage compliance: that was one of the things that I was talking about with the cable lock. Typically, people fail to use the cable lock, so how we got around that was, each Cicada has an embedded serial number in each device. And that serial number serves a multitude of purposes, one of them is actually for local authentication. So what can happen is, we can use the Cicada as a secondary hardware basic indication factor so that the user cannot log into their work station unless they plug their Cicada in.

So what this means is that they not only have to validate their identity by plugging in their Cicada and having the right Mac or ESN attached to their account credentials, but it also means they have their physical security presence. And that machine is protected by Cicada while it’s in operation.

In terms of data protection, Cicada is an active technology. It monitors multiple triggers for a variety of threats. And what it will do is, based upon how you set your threat profile, it will instantly the moment it’s tripped will lock the computer to the operating system log in. If you have encrypted storage on the computer, we dismount that encrypted storage. We disconnect secure external connections to trusted networks. The Cicada and the host both scream.

The Cicada is not a memory device. This is a purpose built device, which is a micromachine. It has its own internal power. It has a siren and a processor. The moment that it’s triggered, it will start screaming. So if you pull the device out of the computer, it will start screaming. And the whole trigger system will lock up the computer and protect everything else. We also have a monitoring service available, which is an option, which will instantly issue an SMS e mail or SNMP the moment the computer is compromised.

So we did not put these inside the software that resides on the computer. This is an external service. This way if somebody interrupts the Internet connection through the computer before it issues an alert, we’re able to send you an alert that the network connection has been disconnected. We can also launch an external application if you wanted to create your own batch files or just do specific actions.

Trigger Options: it’s very easy to configure. Some of the options are motion, power state, network link state, and device insertion removal. We even monitor for infrared and writable media insertion. We also monitor for Bluetooth device association. So if somebody were to walk away from the computer or remove a Bluetooth device associated with computer, it’s a trigger action.

In our next version of the Cicada software, we’re going to monitor for Bluetooth proximity. So instead of Bluetooth being a trigger, the Bluetooth can also be set as an arming option. So if a user were to walk away from a computer and forget to lock it or arm it, the action of leaving the computer beyond a certain perimeter will cause the computer to arm or lock. So this is just kind of an interesting option or feature that was requested by some of our banking clients. So a teller walks away from a station, forgets to lock it, it will automatically lock it.

So how do you disarm it? From a triggered state, the minute your computer unit is compromised you go back to that computer, you make sure the device is inserted into, and then you disarm. You just log in with the log in process, and we do a disarm at the same time. If it’s the end of the day and the end of working with your computer, and you want to leave, you want to disarm that computer before you get up and walk away.

What you do is go into the system tray. You see the little Cicada logo that looks like a little green bug is right there in the corner, you right click on it, and you click disarm. And you enter your catch phrase, and it will disarm the Cicada.

Regarding the messaging option, its external and is a cloud based service. It monitors the status of your Cicada. If it issues an active alert issued by the work station while it’s armed, it will issue a red level alert telling you that a positive event has occurred or a definite event has occurred and vice versa. If the network connection state should have to drop, we use an algorithm to monitor the state of connection for a period of time and then issue an alert telling you that that station may be compromised.

So we talked a little bit about local authentication for those of you who are involved in the federated identity space or a single sign on. What the Cicada does is it provides you the ability to audit the physical security state of the connecting device before it attaches to the trusted environment; likewise, you can also use the electronic serial number on the Cicada as a hardware authentication factor.

So even if somebody were to have their user name and password compromised, unless they have that Cicada plugged into the computer when they’re connecting to the gateway, it will not afford them the access to that network. And we talked a little about enabling technologies. What we’re talking to our partners with is, using the Cicada as an ability to extend the visibility of Endpoint Security to a level where these Endpoint Security products now have the ability to have awareness to physical level threat. This could include security event information management, asset recovery products, data encryption, Enterprise Endpoint Security or hardware enabled infrastructure, such as the Intel antitheft feature set. So with Intel antitheft feature set, we can do things, such as brick the computer, and we can even destroy crypto keys.

And with that, that’s pretty much the extent of the what Cicada is all about. Anybody who wants more information about it is welcome to reach me at ryk cicadasecurity dot com. Or you can visit our Web site at for more information. I’d be happy to help you in any way.

Questions and answers

Max, Concise Courses:
Thank you. That was a terrific presentation. Do you have the widget there, the application?

Ryk Edelstein:
Sure do. So here we go. This is what a Cicada looks like. It’s in a hardened aluminum case. We made it out of aircraft aluminum – believe me, it won’t crush. It’s full protected. If you open it up it will destroy itself! No smoke and fire protection, but it will destroy itself. But it’s an interesting little tool, it’s getting a lot of attention in the US government and the Canadian government presently, and everybody who’s evaluated it, loves it.

Max, Concise Courses:
What other verticals should be looking at this product? You mentioned the financial industry. Which other verticals do you see next?

Ryk Edelstein:
Well, the verticals are really quite wide. Anybody who’s concerned with privacy between clients or security of confidential information, will see value in this. This addresses a gap which exists in most security policies. And the problem is that the moment that that computer is left unattended and somebody compromises it, or somebody accesses it to the point where that threat is discovered, there’s a great gap where that information on that computer or the computer is accessible to have that data exposed.

So anybody in the legal, financial, educations, government, military those organizations typically would be interested in data protection; conversely, in the consumer space, consumers are more concerned with the assets. And so what happens is, Cicada can be used to protect the asset from theft.

We’re also in development of Cicada 2. Cicada 2 is a Bluetooth 4.0 LRE device. The hardware is fully based. The software is going to be developed. And what this does is this will protect tablets, as well as smart devices such as iPhone, blackberry, etc. And what it will do in this case, is the moment the devices become disassociated, it will cause the two devices to start screaming. It will lock the mobile device or tablet and it will start a countdown timer where you can have it wipe or destroy the data on that device if it’s not restored to its partner within a period of time. Always back up your device.

Max, Concise Courses:
Is the Cicada Mac and PC compliant?

Ryk Edelstein:
No. The Cicada presently is Windows compliant; however, since it is an external device and the reason we made it an external device is so that its hardware agnostic and operating system agnostic. So that Mac compliance, or Linux compliance or any open source compliance is limited to our developing a driver for it. However, we do have an API available for it. So if anybody wants to build specific applications for the Cicada, we, of course, welcome them to do so.

Max, Concise Courses:
Ryk, another question – how about the cost?

Ryk Edelstein:
So the enterprise version of the Cicada is available presently for $135. So just contact us to find out who’s a local seller with us.

Max, Concise Courses:
Terrific. I know I run people through quickly, but that was a lot of very valuable information, and you’ve got a terrific product. I want to wish you the best of success and hopefully we can get you back on within a couple months time with an update.

Ryk Edelstein:
Thank you for the opportunity and thanks for everybody to joining us.