Cyberattack
The U.S. has been suffering from a "maintained and sustained" cyberattack from China focusing on economic intelligence. Reuters

President Barack Obama in his State of the Union address invoked President John F. Kennedy when he recalled that JFK said “the Constitution makes us not rivals for power but partners for progress.”

While Obama was referring to conflict between himself and Congress, it may be better to recall Kennedy’s 1962 challenge to go to moon "before this decade is out." That was achieved in July 1969.

Obama announced in his speech that he had signed an executive order directing creation of a new critical infrastructure to foster cybersecurity. There will be coordination among departments including Defense, Homeland Security, Commerce and Justice, with a national command to fight cyberattacks.

Later this year, there’s to be a plan to start guarding critical infrastructure such as power grids, water systems and transportation networks, just as Secretary of Defense Leon Panetta urged in his farewell address. Identification of structures “at greatest risk,” as well as beefing up of trained professionals at the Pentagon and the National Security Agency to deal with cyberattacks, is on tap.

Gen. Keith Alexander, who heads the National Security Agency, has estimated those attacks cause at least $250 billion in damage annually.

When Kennedy spoke, he helped inspire developments in electronics that fostered the creation of the Internet, companies including Intel Corp. (NASDAQ:INTC), and revolutionary advances in aerospace and propulsion technologies.

Is the cybersecurity sector prepared for another, similar jolt? Chances are much of the work has already been done, albeit not by the traditional companies in computer security, such as Symantec Corp. (NASDAQ:SYMC), Intel’s McAfee unit, EMC Corp. (NYSE:EMC), International Business Machines Corp. (NYSE:IBM) and CA Inc. (NASDAQ:CA).

Mindful of attacks on Saudi Aramco that shut down that giant oil company, the Federal Reserve and Bank of America (NYSE:BAC), smaller companies have devised new methods for securing networks, handling access, dealing with encryption and managing authentication.

A handful of outfits that don’t seek much attention, such as CloudStrike, founded by McAfee alumni, have said they’re trying to develop offensive tools to go after cyberthreats from nation states. Last year, CloudStrike took in $23 million in venture funding from Warburg Pincus.

Some of these startups have links to the Pentagon’s venture capital arm in Silicon Valley, In-Q-Tel.

Alumni of companies acquired by Symantec and EMC are busy starting new ones, including several that have dealt with major issues like authentication. Cylance, a startup in Irvine, Calif., has developed response software that should be able to detect intrusion and do forensic testing.

“We are looking at prevention as the fundamental underpinning of the company,” said CEO Stuart McClure, whose company just took in $15 million in venture capital.

At Nok Nok Labs, a security firm whose directors include former White House national security adviser Richard Clarke, CEO Phil Dunkelberger said his engineers have designed new software that will deal with problems of authentication: With tools like fingerprint scans and other biometrics, Nok Nok is working with systems integrators to install it on millions of products.

The 18-month old company is part of an alliance dubbed FIDO (Fast iDentity Online) with the Pay Pal unit of eBay (NASDAQ:EBAY), China’s Lenovo Group (PINK:LNVGY), now the top PC maker, and German chipmaker Infineon Technologies (ETR:IFXA).

Dunkelberger, whose last startup was sold to Symantec, said Nok Nok is deploying a client-server model. Only a legitimate handshake will permit access to a network, he said, which should help deal with the plethora of mobile products now used to access them. The idea is to eliminate passwords, he said.

Nok Nok’s software is being tested now, he said. The Palo Alto, Calif., company took in $15 million in 2011, and plans to raise more later this year. If the software works, the FIDO Alliance will try to gain approval as the global encryption standard, he said.

At Entrust in Dallas, a private security specialist, CEO Bill Conner said his company has made huge progress in dealing with secure ID cards, passports and other documents. Clients include NASA and the Department of State.

Conner welcomed Obama’s executive order. “At least something is being done,” he said.