5 minute read
SECOND CHANCES
Advertisement
Lunch • Brunch • Happy Hour
Second chances do matter
Written by Roman Benty | Photography by Hayden Rose
For those connected to the world of cybersecurity, the name Damon Toey rings a bell; in 2007, Damon pleaded guilty to participating in the largest case of consumer data theft of all time. It is estimated that at the height of the heist, the hacker group known as TJX that Damon was a part of owned 75% of Americans’ identities through infiltrating the consumer databases of banks, large-scale retailers, and the United States government.
When Damon turned himself in, the severity of his crimes added up to two life sentences - according to the federal courts’ point system, each crime is worth a certain amount of points, and the total amount of points equals the longevity and intensity of the sentence. Given Damon’s hyper-specific skill set, and the nature of the problems created by his crimes, he was presented with the unique opportunity to work with the Secret Service to untangle the network of TJX hackers and help return the government’s security systems to stability. After successfully undoing a large portion of the damage caused by TJX, the federal court system drastically reduced Damon’s sentence to only 5 years, noting the high-quality of his character and his capacity for good.
Throughout his time in prison, Damon read as many books and articles about coding, cryptography, and computer-based mathematics as he could to keep his mind engaged with the technology that had come to define his life’s work, both bad and good. He wasn’t allowed to use computers while incarcerated for obvious reasons.
Prison is also where Damon met Dan Bull, founder of entrepreneurial incubator Zero Six Eight.
“The idea for Zero Six Eight is something we kicked off one another walking around the track every day,” Damon recalls. According to Dan, Damon was the initial inspiration for Zero Six Eight. “I met Damon and I’m thinking, ‘God. He’s so screwed. He’s so good, and with a little twist, he could be so successful and help so many people. But he’s screwed. And it wasn’t just him - it was us. We were screwed.’”
Damon and Dan sought a path to utilize their respective talents and experiences in such a way that would benefit themselves and others like them who faced difficult barriers to entry when trying to find jobs in their respective fields after serving time in prison. What they found was that while there were nonprofits dedicated to helping ex-convicts find work, there was no existing infrastructure tailored to honing the strengths of exceptional individuals in a profit-motivated setting.
As soon as he was released from prison, Dan began building Zero Six Eight to serve as an incubator for the talents, skills, and ideas of driven exconvicts. One of the newest and most exciting Zero Six Eight enterprises is Codex. Codex is the brainchild of Damon, who was only able to launch the company late last year after the successful completion of his parole. A self-described “security professional,” Damon uses his extensive hacking background to diagnose vulnerabilities that exist within the security systems of various companies and information networks. Known as “penetration testing,” Damon is essentially contracted to hack security networks and identify their risks and problems. The information this testing yields is extremely useful for both CEO’s and IT technicians working for cyber giants: from an overhead perspective, those in charge want to make sure that their security networks are as impenetrable as possible. From an IT perspective, this information can be
FACING TWO LIFE SENTENCES DAMON TURNS HIS EXPERIENCE INTO A COMPANY
used to lobby for more agency in deciding what measures need to be taken to make sure a network is as secure as the parent company guarantees it is.
Codex is interested in the variety and outcomes of penetration testing, noting that the field of cyber security is constantly evolving in response to the fluid nature of both hacking and coding alike. Damon’s background makes him the perfect candidate to partake in a “wargame,” which is essentially a penetration test where a company hires security professionals to compete against their IT department in a live-action scenario, each side trying to exploit or defend against a vulnerability in the security network.
Codex is also equipped to locate “zero days.” A zero day is a vulnerability that is unknown to the entity that is trying to defend against it - essentially, a security network can’t test for a zero day because the network doesn’t register that this type of vulnerability is even capable of existing. Networks can’t test for problems that they aren’t programed to defend against, making “zero days” some of the most dangerous vulnerabilities in cybersecurity. Not all information security companies are capable of offering this type of testing, but Codex is.
Of course, given Damon’s history there are many major companies that won’t offer him work. While this creates a barrier to accessing certain larger contracts (think government, military, credit card companies, etc.), Codex is fully confident that they will continue to grow based on a reputation of exceptional work and full transparency. Given the foundation of Codex and Zero Six Eight, reputation is everything - these companies have had minimal outside support from the get-go, but have been able to link arms with other like-minded individuals to create a network of upward mobility that is changing the way industries think about ex-convicts. After several long, difficult years of building relationships, trust, and capacity; Zero Six Eight now encompasses 30 businesses ranging from construction companies to cyber security firms. Thanks to Zero Six Eight, more than 180 jobs have been created for ex-convicts working in a variety of fields.
Originally from Virginia Beach, Damon couldn’t be more excited for the opportunity to grow his company in Pittsburgh’s budding tech industry. This second-chance city seems like the perfect fit for a second-chance cybersecurity guru.
For more information on Damon Toey and TJX we recommend reading, “The Great Cyberheist,” New York Times, 11/10/2010.
monmade.org
