I wrote a blog article a while ago about how sh*t happens. Sh*tty things will happen no matter how hard you try to avoid them, so the important thing is how you deal with them when they become reality. Well, some cybersecurity sh*t happened recently and it was a great...
Prudent homeowners lock their homes when they go to bed.
Why do so many SMBs not do the same with their IT?
We hear this refrain often from prospects, “It won’t happen to me. I don’t have any ‘valuable data’ that cybercriminals would want. I don’t need all that security stuff.”
Not so fast.
Sure, some highly visible companies are big game trophies for hackers wanting to build their reputations. Remember Target, Equifax, and Jeff Bezo’s cell phone. Those breaches make headlines, but they don’t represent everyday realities and threats. Most breaches never make the news and happen to entities like yours that are just low hanging fruit for criminals picking off an easy score. In the rush to create virtual operating models, organizations are opening huge security gaps and creating even more fertile ground for cybercriminals. Many firms deny the threat or are relying on “pre-COVID” thinking that uses untested or mismatched technologies and out-of-date protocols.
We make sure our clients have the facts.
Prevention is a smarter business investment,
than paying for recovery
Average cost of a SMB ransomware attack
New phishing sites created every month
- Organizations that reported an adverse effect on their revenue after suffering an incident 69% 69%
- SMBs reporting a post-hack hit to their company’s reputation 67% 67%
- SMBs taking week or more to regain access to their data after being hit with ransomware 34% 34%
Annual cost to protect a 40-user company from a ransomware attack
That’s why security is a top priority for leading companies.
It should be a top priority for yours.
Prevent ransomware attacks with basic IT hygiene
Do you want to reduce the risk of getting hacked?
Waident can help you take a strategic and serious approach to your cybersecurity.
That means assessing threats, determining vulnerabilities, and mitigating risks consistent with your risk tolerance and culture. Firms must begin with basic IT hygiene, THEN, combine additional layers of security that protect the enterprise based on threat assessments. At a minimum, we recommend companies implement the SANS 20 critical security controls, (20 best practice controls that form the core of an effective cyber defense). We guide our clients through a disciplined risk assessment and add the appropriate security solutions where needed. The options can be daunting, but our risk experts can help you make sense of an ever-evolving list and recommend the ones that are best to solve your security needs.
NIST – The Industry Standard
Waident uses the NIST Framework to help you strategically manage and mitigate cybersecurity risks consistent with your risk tolerance and culture. The National Institute of Standards and Technology (NIST) model includes five high-level security functions:
These categories cover the breadth of organizational cybersecurity objectives and represent the pillars of a successful and holistic cybersecurity program. They help organizations categorize risk management efforts and inform management decisions.
The Identify function structures the organization’s management of the cybersecurity risks to systems, people, assets, data, and capabilities. Then, the organization can prioritize its efforts, consistent with its risk management strategy and business needs.
You can’t solve a problem that is undefined. We assess your overall security strength and help you start implementing best practices. Most breaches happen because the little things were being ignored.
- Review a questionnaire of business and technology cybersecurity items
- Go over best practices and recommendations
- Determine if any additional security measures or plans are needed
Our security experts perform a high-level SANS 20 review of your IT infrastructure and business processes to identify cybersecurity concerns, help lock things down, and address any vulnerabilities.
- Dive deeper into your infrastructure, policies/procedures, and business practices to ensure that your organization is sufficiently focused on security
- Help you know what you don’t know
- This is a must-have next step for all companies needing, or wanting, to be as secure as they can possibly be
This is an advanced, social-engineered, deep dive into your IT infrastructure and your users’ behavior. More advanced than the Risk Assessment, Penetration Testing provides greater insight into your security risks from the human side. Once completed, we help address security concerns found.
- Know your risks and have a plan to address them
- The ultimate security discovery process
- Often required by compliance or your cybersecurity insurance policy
The Protect function outlines safeguards that ensure you can deliver critical infrastructure services like email and office tools and enables you to limit the impact of a potential cybersecurity event.
Most companies have some form of “set it and forget it” firewall that generally works as a preliminary barrier for internet security, but may not be sufficient for specific threats your industry or your company faces. Next-Generation firewall protection provides:
- Meets or exceeds all compliance and auditing needs
- Advanced hardware that is configured, monitored, and managed to follow strict security best practices
- Includes Intrusion Detection, Anti-virus, Web filtering, Cloud Sandboxing, Threat Reporting, and many more features
Multi-Factor Authentication (MFA)
MFA is becoming the norm for critical systems. This enterprise platform efficiently manages MFA log-ins across the organization and all its applications as opposed to most MFA options that are turned on individually in each application.
- Adds an additional layer of security to applications, computers, and other systems.
- Increases your security exponentially with very little user impact
- Can be used with specific applications or all of your systems
Office 365 Security and Compliance Management
We help clients manage Office 365 account security through the built-in Secure Score module. Secure Score is a security analytics tool that uses Microsoft’s best practices points system to determine risk areas, develop mitigation steps, and improve your security posture with minimal user impact.
- Strengthen your Office 365 platform with industry best practices
- GDPR, Data Governance, Threat Management, and Microsoft Secure Score
- Is your Office 365 system as secure as it can be?
Email - Spam, Phishing, Ransomware Filtering, and Sandboxing
Most ransomware infections happen because a user clicked a link or attachment in an email. Filter and clean bad messages before they ever make it to an inbox.
- This platform surpasses standard spam filtering features found in Office 365 and other email systems that may not be addressing all your threats.
- What impact would a ransomware infection cause your organization?
- With “sandboxing,” you can almost completely eliminate the risk of a rogue infection happening via email.
Advanced AI-based Anti-Virus/Anti-Spyware
This file-based security tool is a new breed of AI-based application takes your anti-virus and anti-spyware to a higher level.
- This system is always ready because it does NOT rely on daily updates to catch new viruses.
- It takes a fraction of the time to scan your network compared to traditional anti-virus applications and you will not even notice it’s running
- Identifies attacks before they can even start
Security Awareness Training
Most security breaches are caused by humans. Leading companies continually educate their employees about evolving security threats and best practices—and the nasty effects of clicking bad links in emails.
- Identify high performers who are doing a good job and low performers in need of additional training
- Educate your team to prevent more cybersecurity incidents
- See how your employees perform against our real-time, custom phishing emails developed to test and strengthen your team
The Detect function outlines the activities and tools that identify the occurrence of a cybersecurity event.
Endpoint Detection and Response (EDR) Management
EDR is a behavior-based security tool that monitors computers in real-time to catch possible frontline security breaches and anomalies. That’s highfalutin talk that means it monitors each computer and securely stores data in a centralized repository where it analyzes and detects threats.
- EDR alerts you to a security breach on the day of the event so it can be addressed immediately.
- EDR finds the cybersecurity risks that slip through anti-virus and spam filters.
- Provides forensic reporting for compliance
Real-time Network Security Monitoring
Most security breaches are discovered 9 months after they happen. A SIEM tool (Security Information & Event Management) collects system logs and machine data from across your IT environment to provide a comprehensive view of an organization’s IT security.
- Everything on your network is monitored for correlating events that could indicate a breach.
- Monitor your network in real-time to catch possible security breaches and anomalies.
- Identify a security breach on the day it occurs to address it immediately.
IT Infrastructure Vulnerability Monitoring and Alerting
Keeping all of your systems up to date with the best possible security patches is a Herculean effort to do manually. A monitoring and alerting system ensures you are as secure as possible.
- Verify everything plugged into your network has the manufacturer recommended security updates
- Prevent a breach because of a system not being up to date
- Know when a rogue device is plugged into your network
Dark Web Monitoring and Alerting
The Dark Web is an unindexed area of the internet and hotbed for criminal activity—selling of hijacked username/passwords, addresses, and social security numbers along with other bad behavior. Believe it or not, your users exponentially increase your network’s risk by using the same password across multiple platforms personal email, social media, online stores—and YOUR network. Real-time monitoring of the Dark Web lets you know if an employee’s email address is affected, the time and location of a breach, and even a leaked password, so you can prevent future problems.
- Know about a data breach within days instead of months—or not at all
- Get cost-effective protection against stolen logins
- Mitigates the risk of poor IT hygiene (e.g. weak passwords)
Desktop Risk Assessment and Real-Time Activity Monitoring and Management
Your users are naively circumventing your robust security efforts. They are downloading files to USB drives, attaching sensitive client files to emails, or accessing dubious sites. Most have no malevolent intent. Some do.
Know exactly what is happening on every computer, all of the time. Yes, this can be seen as a “Big Brother” platform, but for banks and other regulated institutions where a secure environment is paramount, it’s a savvy business tool.
- Know where your sensitive data is now and how it is being used
- Compliance auditors will love you. The software meets all the regulatory compliance standards from NIST, HIPPA, SEC, PCI / PII, ISO 17799, GLBA, FERPA, GDPR, and others.
- Armarius Software’s SMS – Scribe Management Suite provides security at the user end node. The SMS end-node user solution proactively monitors and controls the user’s activity.
The Respond function includes the appropriate activities that address a detected cybersecurity incident and contain its impact.
We act as your virtual technology support department, supplying assistance to end-users whether it’s at home or work. We provide support for anything related to technology:
- Phone systems
- Email programs
- Operating systems
We approach IT in a strategic, proactive, and disciplined way to develop what we call “Resilient IT.” Resilient IT helps our clients bridge to their desired future state while avoiding daily technology fires or major IT fiascoes along the way.
Resilient IT is driven by:
- a people-first, tech-second mindset,
- a comprehensive understanding of system interdependencies,
- extensive documentation
- systematic preventive testing
- proven troubleshooting protocols and processes
The Recover function identifies appropriate activities to maintain resilience and restore any capabilities that were impaired due to a cybersecurity incident.
Post-Security Breach Incident Response
Statistics show that most companies begin operating as if “We’re back to normal.” before they have fully identify the extent of a breach and closed hole that caused it. Post-security breach forensics ensures the damage has been stopped, locates its root cause in order to fix it, and provides the insights to learn from it.
- Are you sure you’re IT is secure and there is no lingering threat?
- Does some regulatory body require a compliance review of your breach to get you back to business?
- Do you know what you don’t know?
Latest Posts on Cybersecurity
We had a client recently ask a good security question. I am paraphrasing, but it went something like: How do I know that someone is not hacked in to my network right now and able to get to my data? Sadly the answer was: You do not know. The reality is that with all of...