Meet CryptoniteNXT CEO Mike Simon

CryptoniteNXT, an innovative Rockville-based cybersecurity company, has a unique defense system that contains attackers and makes their targets invisible. An attacker can’t discover what they can’t see, and therefore can’t attack without a target. CryptoniteNXT eliminates an adversary’s network visibility and reduces their attack surface, without sacrificing performance or transparency to users.


What makes Cryponite software different and potentially a better option to defend against cyber attacks?

The current industry paradigm is to chase an attacker, alert the security staff when suspicious activity surfaces and then rid computers and the network of the malicious activity.

CryptoniteNXT presents a truly automated defense capability. CryptoniteNXT is always ON and automatically defending your network of computers, printers, IoT devices and legacy applications. CryptoniteNXT stops the fundamental building blocks of a cyberattack, not enabling hackers to gain any traction in a network. They quickly get frustrated and move on to easier prey.

Can you describe how the product works?

CryptoniteNXT is implemented in either software that runs as a virtual machine or a hardware appliance. CryptoniteNXT manages the distribution of IP addresses to endpoints (computers, mobile devices, printers, etc.) and keeps the network topology secret from malicious attackers. This technology is called Moving Target Defense (MTD) and it shuts down a cyberattackers ability to perform reconnaissance on a network. CryptoniteNXT overlays moving target defense (MTD) with a fine-grained micro-segmentation that puts a stop to a hacker’s ability to laterally move through a network. Ransomware uses lateral movement to quickly spread in a network. CryptoniteNXT also provides end-to-end cryptologic verification of every packet to insure the authenticity of the communication.

What types of companies are in your sweet spot as a target market?

Our target customer is either a Federal or a commercial customer that has digital intellectual property that is extremely valuable. They operate a number of legacy systems which can’t be easily replaced and modern day cyber security solutions do not support these operating environments. They have a desire to have their mobile environments access their intellectual property but are nervous about substantially increasing the attack surface for cyberattackers. They are also seeing a growth in the use of Internet of Things (IoT) devices in their networks which represent an easy target for a hacker.

The typical size of one of our customers ranges from 100 people to over 2000. Markets include Federal Contractors, Government Agencies, Financial, Critical Infrastructure, and Healthcare.

Cryptonite is always ON and automatically defending your network.

What support have you received from Montgomery County?

We have received matching funds on investments from the State of Maryland and Montgomery County. We actively participate with Montgomery County with industry and local events. Earlier this year, we joined the coalition from the State of Maryland at InfoSec Europe. 

Why did you choose Montgomery County for your headquarters?

We are a spin off from a defense contractor that resides in Rockville. Montgomery County has exceptional schools, an excellent talent pool in cyber security, reasonably priced real estate, beautiful parks and recreation, and an ever increasing number of restaurants. It is also conveniently located to DC and 3 airports.

Tell us about your collaborations with the National Cybersecurity Center of Excellence (NCCoE).

We’re proud that Cryptonite is part of 3 collaborations with NCCoE.

  • Securing property management systems for the hospitality sector

  • Recovering from Ransomware and other destructive events

  • Identifying and protecting assets against Ransomware and other destructive events

In all three cases we are providing network level defense. Our product has no software agent that runs on computers. We are assuming in each of these collaboration’s computers, phones, tablets and IoT devices will be infected with malicious software from either a phishing attack, drive by download or other means. We are preventing the propagation of these attacks beyond its initial intrusion point. This isolation of an attack keeps the network safe and unharmed from a breach.

CryptoniteNXT aligns with the National Institute of Standards and Technology (NIST) Cyber Security Framework. How does that help a customer?

NIST provides an excellent framework for a commercial or Federal entity to follow to decrease the probability of their organization making the news as the next victim of a cyberattack.

Cryptonite has published a document which shows how the CryptoniteNXT platform aligns with the NIST Cyber Security Framework. 

What are your thoughts on Artificial Intelligence as it relates to defending against cyber attacks?

Data analysis, artificial intelligence, and machine learning all play an important role in understanding what is likely to happen in a cyberattack. This combined with automated network defense platforms such as CryptoniteNXT, help strengthen the cyber security resilience of an enterprise.

What’s next for Cryptonite?

Cryptonite is focused on making our product transparent to customers such that they aren’t even aware that we exist in a network. We are constantly working on integrations with companies like Palo Alto, HPE, Splunk and others to strengthen our role in a zero-trust network. We are also focused on improving the functionality and performance of our software-only version of CryptoniteNXT.