True Digital Security reduces risk of data theft from Internet ‘bad actors’
It started with a visit to a local auto dealer’s website. Then a company’s data started flowing to Russia.
What began as an innocent search for a car deal morphed into attempted corporate espionage that was discovered and halted by the security operations team at Tulsa-based True Digital Security.
The client’s encounter with malicious software showed how vulnerable a business’s data can be, said Jerald Dawkins, Ph.D., True Digital Security’s founder and chairman of the board.
“What we identified was that an executive with the company was looking at vehicles at the local car dealership,” Dawkins said. “The dealership’s website had been hacked by a malicious actor; that actor placed malicious code unbeknownst to either the dealership or to its patrons. We were able to identify the malicious code and actively disrupted the exfiltration of company information.”
Bottom line, even the most innocent appearing websites can put a visitor’s data in jeopardy of malware, ransomware or theft, Dawkins said.
“Some people think that ‘I can only get hacked if I go to bad websites,’” Dawkins said “And that’s not true. In this particular case, the car dealership didn’t update their system and it was compromised. The company executive inadvertently downloaded malicious code that allows the attacker to extract the executives sensitive Word and Excel files.”
Founded in 2005, True Digital Security provides security consulting and assessments, compliance readiness, testing and validation and managed IT services for clients across the nation.
Before starting down the entrepreneur’s path with True Digital, Dawkins earned his Ph.D. from the University of Tulsa, where he was part of TU’s cyber security program.
True Digital has grown to approximately 70 employees in Tulsa, Okmulgee and in Florida after its recent merger with West Palm Beach, Fla. based SLPowers. Rory Sanchez, who was president and CEO of SLPowers, is now CEO of the combined companies.
Along the way, True Digital established a strong relationship with the Oklahoma Center for the Advancement of Science and Technology (OCAST), which resulted in multiple research grants and placements of interns through the OCAST Intern Partnership program.
For example, a $300,000 Oklahoma Applied Research Support (OARS) grant supported research into the concept of tokenization. That led to the founding of a spinoff company known as TokenEx.
“The OCAST OARS grant allowed us to obtain additional funding, and because of that funding, we actually spun it off as an independent company,” Dawkins said. “Now, TokenEx is doing very well. I’m extremely proud of the success that team has had with that product.”
The OCAST Intern Partnership is a cost-share program that brought promising Oklahoma students to True Digital Security. Today, True Digital employs five professionals who began their careers as OCAST interns.
“Leveraging the OCAST internship program and giving the interns an opportunity to come in and learn about the space and explore some of these research ideas has had a big impact for us,” Dawkins said. “The internship program allows us to grow the talent and bring them along as full-time hires. I’m very proud of our success in the internship program.”
One of those former interns is 34-year-old Steven Anderson, a military veteran who came to True Digital Security via the Tulsa Community College and TU cyber security programs. Anderson describes his role as “security consultant” whose job involves activities such as penetration testing and vulnerability scanning.
“As an intern, I got involved with real life clients,” Anderson said. “I got some experience with vulnerability scanning, risk assessments, threat monitoring – you name it, I got my fingers into it. I stayed with the company because I like the close brotherhood and family feel of True Digital Security. And I love the work, so that’s a bonus.”
For Anderson and the entire True Digital Security team, the mission is as much in helping clients navigate complicated regulatory and compliance issues as it is fending off threats like data theft, Dawkins said.
“Addressing Cyber Security in today’s world requires more than just technology,” Dawkins said. “It’s a business problem and the risk must be appropriately identified and managed. True Digital Security has always been focused on ensuring vulnerabilities are identified and known so that bad actors can’t take advantage of them, like updating a car dealership’s website. We have always had the expertise to support and address a potential cyber incident.
“What the recent merger with SLPowers means for True is that now we can take a more active approach to ensuring that a company’s technology is appropriately deployed, configured and, most importantly, actively managed to address the changing threat landscape whether in the cloud or in the office.”