enterprisesecuritymag

Disrupt6: The Next-Gen Security Specialists

The internet is changing. As the world becomes increasingly interconnected, the explosion of internet users, devices, and web services is escalating. We are headed toward an IP catastrophe. IPv6 is perfectly poised to overcome this problem, because it can provide over 340 unidecillion addresses (that’s 3.4 times 10 to the 38th power), instead of the 4 billion addresses provided by the IPv4 protocol; enabling more devices, people, processes and information to be seamlessly interconnected than ever before. While the world moves over to IPv6, the major concern of today’s IT professionals is the security gaps that can open in many businesses globally. Addressing the challenge is Disrupt6, a pioneering firm, which develops security products and tools for networks that use both IPv4 and IPv6. “Disrupt6 excels with its next-generation security solutions for the next generation internet,” asserts Lori Marcum, CEO, Disrupt6.

The driving force behind Disrupt6 is a 30-year veteran of the IT and IA industry, Joe Klein, CTO, who brings his extensive experience in DoD, US Government and commercial sectors to focus on enabling companies and organizations to secure their information with the new IPv6 protocol, while focusing on prevention of attacks and the identification of would-be attackers. Attack prevention reduces the costs of data security by avoiding data breaches. The average cost of a data breach in 2017 was roughly $3.6 Million, with breaches such as that at Equifax reaching just over an estimated $7 Million.

Best in Class Solutions

While the range of IT security threats increases daily, Disrupt6 has the best-in-class tools that not only identify when a potential attacker may be looking at a customer’s network for a possible attack (commonly called surveillance or reconnaissance), but they can also assist the CIO in assessing the organization’s ability to connect accurately with others on the internet. “Disrupt6 is committed to making the CIO’s job as easy as possible when it comes to security,” says Ms. Marcum. By thoroughly observing all the technology layers and harnessing real-time threat analysis with Disrupt6 technology, organizations can have a clear picture of all the potential attackers targeting their network.

“At Disrupt6, we observe all technology layers and specific attributes unique to a potential attacker,” asserts Lori. The firm leverages this information to create profiles, identify the threat and alert customers to take preventive actions. The profile information adds context to the alert information to minimize unnecessary alerts that can overload a system. The focus of Disrupt6 products is on prevention instead of reaction and recovery. No one can guarantee that there won’t be a breach, but when these products are combined with a solid breach recovery plan, the increase in security is impressive.

Proof of Concept

One of the first of the Disrupt6 products developed is called TAP for Trace/Analyze/Predict.

Disrupt6 is committed to making the CIO’s job as easy as possible when it comes to security


Lori recollects an instance, when, during a TAP pilot program for a large financial institution in Canada to collect data and assess effectiveness of some national advertising, Joe happened to see other contextual information which informed him that the bank’s computer system was actively being hacked. It appeared to be many people in many different places. Joe was able to discern that it was truly only a small group of people using decoys in IPv4 to appear to be more widely spread and to prevent detection of who the attackers truly were. Using IPv6 contextual information, Joe was able to inform management of the true number of attackers and generally where they were located so authorities could be alerted. He also identified how the attacks were being made so the gaps in security on the financial institution’s systems could be closed.

Another of the Disrupt6 products that is near completion, but still under development, is called VIEW6. VIEW6 has several features, chief of which is the capability to determine where an organization stands in working with the IPv6 protocol. “If the internet interface works well with the IPv4 protocol, we can assess if that is still the case whether the interface is with an IPv6 channel, The Onion Router (TOR) or some other channel that is currently available,” says Joe. This may be important to the CIO in determining the policy of which channels the organization will be permitted to use, either with customers, vendors or employees. If there is a desire to migrate to IPv6, the router will allow the CIO to determine the status of that migration. If there is a desire to block all communication with anyone coming to any enterprise portal from TOR, this tool will allow the CIO to assess the status of that block and keep communications relevant and simple.

VIEW6 also has another unique feature to can determine if the data analytics that is useful to the company are being pulled properly and working correctly. If data behind the analytics is incorrect it can cause serious problems with the analysis, leading organizations to draw wrong conclusions and perhaps make erroneous decisions.

Continued Innovation

Disrupt6 believes that continued innovation is the way to continually grow and succeed. “We are still working on developing new products. Our differentiator is IPv6 information and the context surrounding it,” says Joe. It’s an exciting time for Disrupt6, as the firm is looking to serve a number of different industries which will need to be secured as IPv6 is more widely adopted including the Internet of Things (IoT), Industrial Control Systems (ICS) and perhaps some infrastructure security projects.