June 28, 2019 •
Late in the day on a recent Friday, a new customer began installation of the ControlScan Managed Detection and Response (MDR) service to their end user systems. This customer is an SMB (small to mid-sized business) that relies on personal computers to keep their business running. Sound familiar?A few hours after the customer’s implementation was complete—at 12:05 a.m. Saturday to be exact—our MDR service blocked an attempted execution of malware that was present on one of their remote office computers.As it turns out, this active malware had been on the remote office machine since October 2018. With each user login, the malware was executing and performing data harvesting, as well as making attempts at lateral movement and propagation.
Active Monitoring • MDR
May 20, 2019 •
Every diligent company or organization understands cybersecurity is needed, but often doesn’t know how to budget for the appropriate protection. It’s not always a clear-cut number, but there is a way to develop a return on investment (ROI) or return on expense (ROE) equation that you can share with your budgeting team and C-level executives who are looking to you for answers.
April 25, 2019 •
When cybersecurity coverage gets slim—whether it’s due to a lack of internal expertise or technology capabilities, or both—key business functions tend to go on what I call “autopilot.” Firewalls run using outdated configurations, legitimate security threats go unnoticed, and everyone is just hoping today isn’t the day an employee clicks a bad link and unleashes a crippling malware attack. Learn about the three business functions that should never be put on cybersecurity autopilot, and how to proactively address your organization’s expertise and manpower challenges.
Endpoint Security • MDR • Network Security
January 29, 2019 •
A lot of data runs through your business’s network. Data is coming and going, and moving rapidly, as systems and applications “talk” and pass along information to each other. Most SMBs pay no attention to these internal workings and conversations, unless there is a functional failure that requires someone’s review of the system logs to determine where the breakdown occurred. The rapid increase in malware, however, is causing many executives to choose a more active IT security strategy.
Active Monitoring • MDR • SIEM
November 15, 2018 •
Security automation is a hot topic these days, mainly because it’s become humanly impossible to keep up with the sheer volume and variance of cyber threats hitting organizational IT networks at any given time. Even with the best security defenses in place, sooner or later an attacker is going to get through. The goal, of course, is to discover the attack and mitigate it as quickly as possible—and that’s where security automation can be extremely valuable.
Active Monitoring • MDR
November 5, 2018 •
Here at ControlScan, a big part of our day-to-day lifestyle is knocking down threats and cyberattacks for our customers’ businesses as well as our own. Cybersecurity is where we live, so sometimes we lose sight of the fact that none of this makes any sense to a non-technical person. One topic we field a lot of questions on is event correlation. Let’s take a look at what it is and how it positively impacts your cybersecurity efforts.
Endpoint Security • MDR • Ransomware
October 2, 2018 •
There’s a lot of buzz in the marketplace these days around SIEM, which is Security Information and Event Management. I’ve had people tell me that their SIEM technology isn’t of much use, and others tell me that it’s critical to their business’s everyday security posture. The vast difference between those two is usually the same thing, which is how the related tools are deployed, and what the staff around them looks like.
Active Monitoring • MDR • SIEM
August 13, 2018 •
I’ve found myself in this conversation a few times recently, about what determines that a device on the network is “unapproved.” The fact is, the only unapproved devices on your network are those that defeated your security measures to get on it. If you build the network correctly, then you have lists of monitored and unmonitored devices, but not unapproved.The issue at hand is how to identify and account for your monitored and unmonitored devices. With that accomplished, it’s much easier to spot an anomaly that could lead to a breach.
August 6, 2018 •
I hate to say it, but what we all hear way too often is true: Nothing will focus you on your business’ cybersecurity like a data breach. Dealing with the aftermath of a breach is also much more expensive than proactively implementing the necessary security tools. If you’re a small business, a breach of your […]
Access Control • Endpoint Security
April 13, 2018 •
As a security consultant, I’ve been in a lot of hospitals, clinics and practices—and I’ve seen a lot of “worry” over the cybersecurity threat landscape. I’d like to see more of this worry translate into action, because it’s just not happening.Other than worry, what can healthcare institutions and their IT/IS leaders do to protect electronic personal health information (ePHI)? I have been part of three major healthcare breaches and post-breach forensics revealed that two of them could have been limited in scope if they had been actively monitoring and alerting to changes inside their IT networks.
Active Monitoring • Compliance • MDR