ControlScan Blog


Stay informed with the latest security + compliance updates, news and best practices.



        Featured        

June 28, 2019Published by

Late in the day on a recent Friday, a new customer began installation of the ControlScan Managed Detection and Response (MDR) service to their end user systems. This customer is an SMB (small to mid-sized business) that relies on personal computers to keep their business running. Sound familiar?A few hours after the customer’s implementation was complete—at 12:05 a.m. Saturday to be exact—our MDR service blocked an attempted execution of malware that was present on one of their remote office computers.As it turns out, this active malware had been on the remote office machine since October 2018. With each user login, the malware was executing and performing data harvesting, as well as making attempts at lateral movement and propagation.

  Read More   


May 20, 2019Published by

Every diligent company or organization understands cybersecurity is needed, but often doesn’t know how to budget for the appropriate protection. It’s not always a clear-cut number, but there is a way to develop a return on investment (ROI) or return on expense (ROE) equation that you can share with your budgeting team and C-level executives who are looking to you for answers.

  Read More   


April 25, 2019Published by

When cybersecurity coverage gets slim—whether it’s due to a lack of internal expertise or technology capabilities, or both—key business functions tend to go on what I call “autopilot.” Firewalls run using outdated configurations, legitimate security threats go unnoticed, and everyone is just hoping today isn’t the day an employee clicks a bad link and unleashes a crippling malware attack. Learn about the three business functions that should never be put on cybersecurity autopilot, and how to proactively address your organization’s expertise and manpower challenges.

  Read More   


January 29, 2019Published by

A lot of data runs through your business’s network. Data is coming and going, and moving rapidly, as systems and applications “talk” and pass along information to each other. Most SMBs pay no attention to these internal workings and conversations, unless there is a functional failure that requires someone’s review of the system logs to determine where the breakdown occurred. The rapid increase in malware, however, is causing many executives to choose a more active IT security strategy.

  Read More   


November 15, 2018Published by

Security automation is a hot topic these days, mainly because it’s become humanly impossible to keep up with the sheer volume and variance of cyber threats hitting organizational IT networks at any given time. Even with the best security defenses in place, sooner or later an attacker is going to get through. The goal, of course, is to discover the attack and mitigate it as quickly as possible—and that’s where security automation can be extremely valuable.

  Read More   


November 5, 2018Published by

Here at ControlScan, a big part of our day-to-day lifestyle is knocking down threats and cyberattacks for our customers’ businesses as well as our own. Cybersecurity is where we live, so sometimes we lose sight of the fact that none of this makes any sense to a non-technical person. One topic we field a lot of questions on is event correlation. Let’s take a look at what it is and how it positively impacts your cybersecurity efforts.

  Read More   


        Featured        

October 2, 2018Published by

There’s a lot of buzz in the marketplace these days around SIEM, which is Security Information and Event Management. I’ve had people tell me that their SIEM technology isn’t of much use, and others tell me that it’s critical to their business’s everyday security posture. The vast difference between those two is usually the same thing, which is how the related tools are deployed, and what the staff around them looks like.

  Read More   


August 13, 2018Published by

I’ve found myself in this conversation a few times recently, about what determines that a device on the network is “unapproved.” The fact is, the only unapproved devices on your network are those that defeated your security measures to get on it. If you build the network correctly, then you have lists of monitored and unmonitored devices, but not unapproved.The issue at hand is how to identify and account for your monitored and unmonitored devices. With that accomplished, it’s much easier to spot an anomaly that could lead to a breach.

  Read More   


        Featured        

August 6, 2018Published by

I hate to say it, but what we all hear way too often is true: Nothing will focus you on your business’ cybersecurity like a data breach. Dealing with the aftermath of a breach is also much more expensive than proactively implementing the necessary security tools. If you’re a small business, a breach of your […]

  Read More   


April 13, 2018Published by

As a security consultant, I’ve been in a lot of hospitals, clinics and practices—and I’ve seen a lot of “worry” over the cybersecurity threat landscape. I’d like to see more of this worry translate into action, because it’s just not happening.Other than worry, what can healthcare institutions and their IT/IS leaders do to protect electronic personal health information (ePHI)? I have been part of three major healthcare breaches and post-breach forensics revealed that two of them could have been limited in scope if they had been actively monitoring and alerting to changes inside their IT networks.

  Read More