Oneida County hotel occupancy edges up in May from April, but is still way off from a year ago on COVID-19 effect

Get our email updates

Stay up-to-date on the companies, people and issues that impact businesses in Syracuse, Central New York and beyond.

UTICA — Oneida County hotels started to get a little busier in May compared to April, but occupancy levels were still down by nearly 50 percent from a year prior as the continuing coronavirus pandemic hindered business, travel, and leisure. The hotel occupancy rate (rooms sold as a percentage of rooms available) in the county […]

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

Excellus CEO Booth readies for May 2021 retirement

Insurance & Financial Services, Subscriber Only

ROCHESTER — The man who has led Excellus BlueCross BlueShield and its parent company, the Lifetime Healthcare Companies Inc. since 2013 is preparing to retire. The health insurer on June 25 announced that president and CEO Christopher Booth will retire on May 1, 2021. The company’s board of directors has also voted to name James

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

ROCHESTER — The man who has led Excellus BlueCross BlueShield and its parent company, the Lifetime Healthcare Companies Inc. since 2013 is preparing to retire.

The health insurer on June 25 announced that president and CEO Christopher Booth will retire on May 1, 2021.

The company’s board of directors has also voted to name James Reed president and CEO-elect as of July 1, 2020.

The announcement is part of a planned succession for executive leadership of the $6 billion nonprofit health plan, Excellus said in a release.

Rochester–based Excellus BCBS, which operates an office in DeWitt, is Central New York’s largest health insurer.

Reed joined Excellus in January 1996. Most recently, he served as executive VP of marketing and sales, and as regional president in the Central New York market.

His responsibilities have included line-of-business oversight and all marketing and sales functions for the commercial-group markets, retail markets, Univera Healthcare, and Lifetime Benefit Solutions. He also has oversight of the Health Care and Network Management division

In speaking about Reed, Marianne Gaige, chairwoman of the Lifetime Healthcare Companies board of directors, said he brings more than two decades of “successful leadership” within the organization to his new role and has been “instrumental” in helping shape the future of the company in today’s “fast-changing and dynamic” health-insurance industry.

“Success starts with having the right people in the right roles. Jim is strategic in his approach, has a strong sense of mission and brings a wide array of experience to the job,” said Gaige.

“Our focus remains on our organization’s primary mission of providing access to affordable, high-quality health care to as many people as possible,” Reed said. “As a locally based health plan, we have strong partnerships with those who provide care and those who pay for it and we want to build on that going forward.”

Besides the top leadership transition, the board also approved the promotion of Barry Thornton from executive VP to COO. It is also promoting Melissa Gardner from senior VP to executive VP of strategic business programs.

Syracuse suspends permitting for large festivals, public events through the fall

Sports, Entertainment & Tourism, Subscriber Only

SYRACUSE — The City of Syracuse on July 1 announced that it has suspended permitting for large-scale gatherings and events through the summer and fall of 2020 due to COVID-19 and its impact on city operations. “The pandemic has placed the City in a tough situation financially. These events and programs are labor intensive for

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

Rochester design firm expands CNY presence by buying Syracuse firm

Construction, Design & Real Estate, Regional News, Subscriber Only

SYRACUSE — LaBella Associates has acquired Harmony Architectural Associates, PC, of Syracuse in a deal that expands LaBella’s presence in the region. LaBella Associates on June 25 announced it had completed the acquisition. It is a design firm that is headquartered in Rochester with an existing office in Syracuse. LaBella did not release any financial

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

CNY, state jobless rates remain high in May amid pandemic

Employee Benefits & Human Resources, Regional News, Subscriber Only

Syracuse region lost 55,000 jobs compared to year-ago month Unemployment rates in the Syracuse, Utica–Rome, Watertown–Fort Drum, Binghamton, and Elmira regions remained in double-digit figures in May amid layoffs during the COVID-19 pandemic. The Ithaca region was one of only two in the state (along with the Albany–Schenectady–Troy metro area) to register a single-figure jobless

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

Syracuse region lost 55,000 jobs compared to year-ago month

Unemployment rates in the Syracuse, Utica–Rome, Watertown–Fort Drum, Binghamton, and Elmira regions remained in double-digit figures in May amid layoffs during the COVID-19 pandemic.

The Ithaca region was one of only two in the state (along with the Albany–Schenectady–Troy metro area) to register a single-figure jobless rate in May.

The figures are part of the latest New York State Department of Labor data released June 23.

On the job-data front, the Syracuse, Utica–Rome, and Binghamton regions lost jobs in five-digit figures between May 2019 and this past May. The Watertown–Fort Drum, Ithaca, and Elmira regions shed jobs in four-digit figures in the same period.

That’s according to the latest monthly employment report that the state Department of Labor issued June 18.

Regional unemployment rates

The jobless rate in the Syracuse area was 11.9 percent in May, up from 3.8 percent in May 2019.

The Utica–Rome region’s unemployment rate jumped to 11.2 percent from 3.9 percent in the same timeframe; the Watertown–Fort Drum area’s rate rose to 12 percent from 4.6 percent; the Binghamton region’s rate hit 10.6 percent, up from 3.9 percent; the Ithaca area’s jobless number was 7.8 percent, up from 3.3 percent; and the Elmira region’s unemployment rate jumped to 12.1 percent from 3.8 percent a year prior.

The local-unemployment data is not seasonally adjusted, meaning the figures do not reflect seasonal influences such as holiday hires.

The unemployment rates are calculated following procedures prescribed by the U.S. Bureau of Labor Statistics, the state Labor Department said.

State unemployment rate

New York state’s seasonally adjusted unemployment rate was 14.5 percent in May, down from 15.3 percent in April, but up from 4 percent in May 2019. New York’s number was higher than the U.S. jobless rate of 13.3 percent in May.

The number of unemployed New York state residents fell by 76,300, while labor-force levels increased by 5,700. The federal government calculates New York’s unemployment rate partly based upon the results of a monthly telephone survey of 3,100 state households that the U.S. Bureau of Labor Statistics conducts.

May jobs data

The Syracuse region lost nearly 55,000 jobs in the past year, a decline of 17 percent.

The Utica–Rome metro area shed more than 20,000 positions, a decrease of about 16 percent; the Watertown–Fort Drum region lost 8,400 jobs, a drop of about 20 percent; the Binghamton area lost nearly 14,000 jobs, a decrease of about 13 percent; the Ithaca region lost 8,400 jobs in the last year, also a drop of 13 percent; and the Elmira area shed nearly 4,000 jobs, a 10-percent drop.

New York state as a whole lost more than 1.7 million jobs, a decrease of 18.1 percent, between May 2019 and this May. However, the state economy gained 98,000 jobs, a 1.2-percent rise, in the last month, the labor department said.

Lockheed Martin to pay Q3 dividend of $2.40 a share

Manufacturing & Engineering, Regional News, Subscriber Only, Technology

Lockheed Martin Corp. (NYSE: LMT) announced on June 25 that its board of directors has authorized a third-quarter 2020 dividend of $2.40 per share. The dividend is payable on Sept. 25, to holders of record as of the close of business on Sept. 1. It’s the same amount that Lockheed paid in each of the

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

OCC plans for in-person and remote instruction for the upcoming fall semester

Health Care, Subscriber Only

ONONDAGA — The fall semester at Onondaga Community College (OCC) will involve a mix of in-person and remote instruction. Faculty, students, and employees will all be required to wear masks on campus when classes begin Aug. 31. It is part of the plan that the OCC announced June 25. All on-campus instruction will conclude prior

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

ONONDAGA — The fall semester at Onondaga Community College (OCC) will involve a mix of in-person and remote instruction.

Faculty, students, and employees will all be required to wear masks on campus when classes begin Aug. 31. It is part of the plan that the OCC announced June 25.

All on-campus instruction will conclude prior to the Thanksgiving break, OCC said, and any activity following Thanksgiving until the end of the semester “will be done remotely” so students do not have to travel and then return to campus.

“Anything that would happen between Thanksgiving and the technical end of the semester would be remote,” OCC President Casey Crabill tells CNYBJ. “Students might have a paper to finish or … attend a Zoom session,” she said.

Classes

Some classes will involve a combination of in-person and remote instruction.

For example, a class with 18 students which meets three days a week may have six students attend in-person Monday, a different six students in the classroom Wednesday, and another six students in-person Friday.

Students not in physical attendance will interact with the class and their professor virtually and in real-time. If a student becomes ill, he or she will be able to keep up with classes and coursework from a distance, OCC said.

Some classes will be conducted entirely remotely — either in real-time or in traditional online formats where students participate on their own schedule.

OCC says it measured all learning spaces to determine “maximum allowable density.”

The school will also stagger schedules for labs which require in-person, hands-on learning for density purposes, allowing all students the chance to receive in-person instruction time from faculty “as they normally would.”

Residence halls

All residence-hall bedrooms will be singles (no doubles or triples), meaning one student per room. Students living in suite-style units will continue to share common spaces in those suites in small, “family-style” groups.

One of the college’s residence halls will remain empty and reserved for quarantine purposes, “if necessary,” OCC said.

Students will move into residence halls during a staggered, four-day period in mid-August. Students will undergo a health screening upon arrival.

All classroom, residence-hall, and campus common areas will be cleaned and disinfected on a daily basis.

Health screenings

Two of the campus’s three entrances will be open and everyone who comes to campus will undergo a brief health screening “every day.”

Students living in residence halls will also be screened daily. Since campus reopened as part of phase two, everyone entering campus has been screened daily, OCC noted. Screenings will continue “as long as recommended by New York State,” it added.

CNY Hackathon helps students prepare for work in cybersecurity

Health Care, Small Business, Subscriber Only, Technology

UTICA–ROME — The CNY Hackathon, a regional intercollegiate cybersecurity competition, is typically held twice a year at local institutions and has been a collaborative effort between Mohawk Valley Community College (MVCC), Utica College, and SUNY Polytechnic Institute (SUNY Poly). The spring CNY Hackathon event held April 17 and 18 went to a virtual format amid

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

The spring CNY Hackathon event held April 17 and 18 went to a virtual format amid the coronavirus pandemic.

The CNY Hackathon brings college students together from all throughout the region, “encouraging continuous learning,” and connecting students with local industry partners, per a news release about the spring event.

“There are number of attacks that happen to computers and our industry professionals know what those attacks are because they are dealing with them every day in defending computers from attacks all the time. And what they do is they simulate those actual real-world attacks for our students and expect our students to be able to defend against them,” says Jake Mihevc, dean for the School of Science, Technology, Engineering and Mathematics (STEM) at MVCC and CNY Hackathon co-founder. He spoke with CNYBJ on June 30.

The event was started as a partnership between MVCC, SUNY Poly (called the SUNY Institute of Technology at the time), and Utica College, according to Mihevc.

Over the last seven years, the CNY Hackathon has become a major event in the Mohawk Valley, aiming to improve computer science and cybersecurity education while more closely aligning academia with local industry partners.

Event purpose

When the CNY Hackathon started in 2013, a group of faculty members, students, some industry partners, and some captains from the Air Force Research Lab all came together and recognized that cybersecurity is a “very applied field” and students … “need to be able to hit the ground running as soon as they enter the field,” says Mihevc.

The Hackathon was an attempt to give students a “bridge” between the academic world and the workforce for cybersecurity. It puts them in “real-life scenarios” where they’re defending virtual operating systems from simulated attacks from the red team. The red team is made up of local industry professionals from many of the different consulting and cybersecurity industry partners throughout the Utica–Rome area.

“They create virtual operating systems that have flaws in them and students need to race to lock down those flaws before the red team goes in and takes them down,” says Mihevc.

Event sponsors were able to meet with students online and provide guidance, advice and information on how to submit résumés and apply for positions. The support of industry partners allowed the CNY Hackathon community to stay together for the spring event in an online venue.

The event sponsors include: Griffiss Institute, Air Force STEM, Adeptus Cyber Solutions of Rome, Assured Information Security (AIS) of Rome, Quanterion Solutions Incorporated of Utica, National Grid (NYSE: NGG), PAR Government of Rome, NYCM Insurance, North Point Defense of Rome, and Leet Cyber Security of Albany.

AIS has been a long-time supporter of the event, not only as a sponsor, but by providing volunteers to challenge the participants, per the news release. AIS employees volunteer for the event, as many of them learned about AIS through participating in the CNY Hackathon, the firm said.

For example, Brodie Davis is a software engineer whose path to AIS started while in college at SUNY Polytechnic Institute.

He participated in the CNY Hackathon while in school and was approached by two AIS employees at the event about pursuing an internship. He began as an intern at AIS the following summer and was hired full-time before he graduated college.

Davis is still actively involved with community events like the CNY Hackathon, and now represents AIS every year.

“Interacting with the local cyber community taught me the skills I needed to be successful,” said Davis. “It was through this hackathon that I was able to apply my knowledge and advance my skillset into a career.”

Mihevc says the students who participated in the spring virtual event handled it very well, but he admitted the “in-person element” of interactions with students and industry professional was missing. It is something they hope to recapture during the fall event during the first weekend in November.

“We [who] run the event have been working toward running the event virtually over the last few years. We receive funding from the National Security Agency that has helped us further develop the event. We’re very likely to be running the CNY Hackathon in the future in a nationwide capacity for the National Security Agency,” says Mihevc.

About hacking

Hacking is not a “derogatory term,” according to Mihevc.

“When we talk about the bad actors, we refer to them as malicious hackers,” he adds.

The other terms that industry professional use are white-hat and black-hat hackers. White-hat hackers are the good guys and black-hat hackers are the bad guys, he noted.

Mihevc called hacking “very general term,” and defines it as learning how to adapt a program beyond its original scope.

“How to take something that was built to do something one way and people that have hacking skills can take that and make it do something slightly different than it was designed to do and something that maybe people aren’t expecting,” he says.

Malicious hackers, he says, understand how software and hardware work and they go in and exploit the weaknesses. At the same time, hackers with good intentions will see a piece of software that isn’t working as well as it possibly could and they adapt it in a way that “makes it more secure,” says Mihevc.

Georgia tech firm acquires iV4

Small Business, Subscriber Only, Technology

The information-technology firm iV4, which is based in Rochester and has an office in Syracuse, has a new owner. ProArch — headquartered in Marietta, Georgia — acquired iV4 in May, per a news release on the iV4 website. ProArch is a global cloud consulting and product-engineering company. The two businesses say they “complement each other.”

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

The information-technology firm iV4, which is based in Rochester and has an office in Syracuse, has a new owner.

ProArch — headquartered in Marietta, Georgia — acquired iV4 in May, per a news release on the iV4 website. ProArch is a global cloud consulting and product-engineering company.

The two businesses say they “complement each other.” ProArch focuses on product engineering, data, and cloud services, while iV4 specializes in managed services, networking, cloud architecture, and cybersecurity.

With the sale, iV4 became iV4, a ProArch company.

The acquisition deal resulted in some leadership changes at the combined company. Santosh Kaveti, ProArch’s current CEO, will continue in that position. Michael Spoont, iV4’s CEO, will serve as president of ProArch as well as president and CEO of iV4, a ProArch company.

“This big step is about growth and the next generation of iV4,” Spoont said in the release. “By joining together, iV4 and ProArch will form a powerful force in cloud consulting, cybersecurity, data science and product engineering. The blending of capabilities will complement one another and allow us to compete on a higher, more scalable level moving forward. We will now have a comprehensive solution stack service offering fully enabled to design, execute, and support cloud-first, data-driven business transformation for our clients. While this is a big change for our organization, there will be new individual opportunities for everyone to also grow.”

Besides its headquarters near Atlanta, ProArch has offices in the United Kingdom, India, and Singapore. It has 215 employees and more than 200 clients around the globe.

The acquisition followed ProArch’s 2019 search for a firm to “complement its business strengths, address current gaps and establish a greater U.S. presence.”

“Joining forces with iV4, for us, is all about growth and opportunities,” Kaveti said. “ProArch and iV4 together have a thriving story in the making in the areas of cloud, data, artificial intelligence, product engineering, and security.”

Spoont noted that iV4 started as a small company headquartered in Syracuse with a half-dozen people.

“The 2011 merger with Integrity Networks System took us to the next level. We’ve experienced double-digit growth over the past several years and we’re continuing that journey of growth and evolution now with ProArch,” said Spoont.

How I Would Hack You: Confessions of an Ethical Hacker

Business Mentors, Subscriber Only, Technology

“How I would hack you…” is a compelling opening statement to say the least. The global business community has experienced an economy left supported by our web technologies in the midst of a global pandemic, social concerns, and conflict in recent months. Prior to that, even, it would be a challenge to identify a single competitive

Already an Subcriber? Log in

Get Instant Access to This Article

Become a Central New York Business Journal subscriber and get immediate access to all of our subscriber-only content and much more.

Learn More and Become a Subscriber

“How I would hack you,” is a chilling statement for any supervisor, manager, or executive to hear — albeit one which should inarguably pique the interest and spark a level of intrigue of any business owner, executive, or manager.

What do you imagine a hacker really is? Does it invoke images of a dark, wet basement isolated in an old warehouse filled with green glowing computer screens and empty bottles of Mountain Dew? Do you think of a hooded figure tapping frantically at his laptop battle-station, actively gathering your passwords, usernames, and credit-card numbers? The reality might surprise you, and you may find it is a bit different than the action-movie persona you have seen.

In a recent webinar titled “How I Would Hack You: Confessions of an Ethical Hacker,” James Carroll, information security engineer at Secure Network Technologies, Inc., gives us a look under the hood of how it’s done by the pros. Carrol has served in his role at Secure Network Technologies for more than 10 years, protecting the data of clients ranging from NFL teams to small credit unions. He starts with an introduction on how he got into hacking by taking down other players’ networks in video games to give him the win and automatically level-up his account at breakneck speeds (a practice now discouraged by him since “denial-of-service” attacks are now considered a felony). Carroll then follows up with his presentation format, which covers: “Current Events; 2 Types of Hacks; How These Hacks Happen; The Anatomy of a Hack – 4 Phases of pwnage; Open-Source Intelligence Gathering; Gaining Network Access; Gaining Admin Access; and Where Does This Data Go?”

Cybersecurity concerns have become magnified during the coronavirus pandemic. As a result, COVID-19 phishing and SPAM-mailing is “absolutely skyrocketing” according to Carroll. Hackers are opportunistic people and are taking full advantage of the new density of offsite work — and the security vulnerabilities that come with it. He demonstrates current hacking trends that use “phishing” emails to elicit passwords and malicious-link clicks by unaware users.

Breaking this down further, Carroll describes that there are two typical types of hacks — “social engineering” and “people hacking.” Social engineering leverages what he calls “the obvious”:

• Phishing — Fake emails made to look like real ones in order to get users to click a link, share info, or download something they otherwise wouldn’t.

• Pretexting — Impersonating someone at your organization.

• Baiting — Leaving something like a thumb drive loaded with malware in parking lots outside congested areas like a workplace where someone might pick it up and stick it into their computer, infecting the whole network.

• Vhishing — “Voice Phishing”, where someone pretends to be an official source such as a government organization, bank, or even your own company.

• Physically Breaking Into Buildings — The good old-fashioned “smash and grab”.

He goes on to describe people hacking as the tendency of hackers to look for the weakest link in your organization’s teams and conventions to find a vulnerability. As an example, Carroll shows a video of a physical intrusion test performed by Secure Network Technologies where he was able to gain access to a corporate building simply by “tailgating.” Carroll, in fully forged corporate uniform wearing an “official” duplicated ID badge, was able to gain access just by following an actual employee who scanned their ID to open the door first. The employee took one glance at Carroll, saw the ID badge, and felt comfortable enough to hold the door open for him. He walked in without a hitch, carrying a box of USB flash drives loaded with test-malware to leave on the break-room table. This is one example of how a real hacker with malicious intent would gain access.

James recommends that employees should not be afraid to ask, “Who are you? Who are you with? Who are you here to see? What are you here for?” to unfamiliar entrants at the door of your organization. Additionally, he says it is a good practice to make everyone entering the building scan their own ID — describing instances where recently-terminated employees have come back in to steal data and compromise something within the business.

So how would James Carrol hack you? The same way an unethical hacker would. He calls this “The Anatomy of a Hack” and it consists of the following four phases:

1) Open Source Intelligence Gathering (OSINT for short). Successful criminals do their homework first. Open-source intelligence is used In the criminal sense to ascertain relationships, contact information, work info and ultimately – when and how you’re most vulnerable. It’s gathered from all the information you publish about your life via social media and more.

2) Gain Network Access. Gaining access to a network will allow a malicious actor to identify devices, servers, and users within your organization, further developing the identification of targets.

3) Gain User Access. Once hackers have identified a user and a system, they work to gain user access on a host system through using their open-source intelligence or other hacking techniques such as phishing, vishing, and pretexting.

4) Gain Admin. Access. Ultimately, gaining user access is the precursor to gaining administrator access — which is commonly attached to a user. Admin access will allow the hacker to install malicious software that can infect the entire network, in addition to gaining access to admin-restricted data and systems.

The goal of all this, in no uncertain terms, is to remain undetected. Just as malicious actors want to remain undetected while successfully stealing your valuable data, this remains an anchor for Secure Network Technologies’ own testing goals — to hack your organization in much the same fashion as a criminal might (without all the damage and fallout that comes with actually getting hacked), and then provide detailed results so your organization and its information-technology personnel know how to fix it (this is the part the bad guys hate). Some immediate recommendations Carrol makes for your organization is to exceed “best practices” for passwords, enable two-factor authentication for every app possible, and to stop putting your entire life on social media where hackers look first for sensitive personal information.

For any fellow nerds and aspiring ethical hackers out there, James shares some technical tools of the trade — software with fittingly cryptic names such as MetaZploit, Empire, Burp, Responder and SilentTrinity, among others. You can check out Secure Network Technologies at www.securenetworkinc.com/cnybj.

Rob Dracker is CEO and creative director of WMC (Weapons of Mass Creation). Contact him at rob@wmcstudios.com or (315) 935-7982. This article is originally sourced from a GoToWebinar run by Ted Hulsy, CEO of Iron Path, on June 4, 2020 featuring James Carroll, of Secure Network Technologies.

Get our email updates

Stay up-to-date on the companies, people and issues that impact businesses in Syracuse, Central New York and beyond.

Get our email updates

What's New

Upcoming Events

Women in Business Roundtable

CNYSME Professional Development Series Session 6: Data as a Solution – Tackling Business Challenges with Market Research

CenterState CEO Summer Clambake 2025

CNYBJ Job Board

Get Instant Access to This Article

Get Instant Access to This Article

Get Instant Access to This Article

Get Instant Access to This Article

Get Instant Access to This Article

Get Instant Access to This Article

Get Instant Access to This Article

Get Instant Access to This Article

Get Instant Access to This Article

Get Instant Access to This Article

Get our email updates