maintenance

Become a Budget Hero, Use Third Party Maintenance for IT Assets

The first question you may be asking is, “Why should I be considering third party maintenance over OEM maintenance contracts?” The short answer: MONEY

Most buyers who utilize third party maintenance services save up to 50 percent or more over three years, in most cases. In reality though, it isn’t just about the money you could save, excellent service is also an important trait, third party technicians come just as qualified as manufacturer technicians. Third party maintenance requires careful vetting, but in the end, it can be more than worth it.

public sector tech security

Public Sector Tech Security: Take Care Before a Catastrophe Occurs

In today’s world, digital security is more important than ever. Long gone are the days where you only needed to worry about physical security for offices. Now, banks, law offices, government facilities, and private companies all depend on their technology being protected from a range of threats. It’s essential for a seamless continuity of daily life to identify and quickly respond to these threats as they occur.

MTTD and MTTR

What You Should Know About Driving Down MTTD and MTTR

Effectively connect people, process and technology to minimize MTTD and MTTR

There’s a reason it’s said that what gets measured gets managed. In order to successfully achieve a goal, you have to be able to measure progress. It’s the only way to know if you’re heading in the right direction.

That’s why any security operations team worth their salt will be paying close attention to both their mean time to detect (MTTD) and mean time to respond (MTTR) metrics when it comes to resolving incidents.

The average dwell time for attackers still sits somewhere within the ranges of 100 – 140 days and frankly, we can do better. Security operations teams need to be fanatical when it comes to lowering these metrics within their organizations.

Significantly reducing dwell time, MTTD and MTTR starts with an understanding of attacks. From there, you need multiple groups working together in harmony enabled by technology to automate and orchestrate incident response processes.

Am I Already Using the Cloud and is it Safe?

Often when speaking to people about the cloud, their first reaction is that it isn’t safe and they won’t use it. Odds are that they, and most everyone else who owns an Internet connected device, is already using the cloud.

Let’s take a step back and define the cloud. In essence, it’s just a network of servers — which are large, super-powerful computers. Anything that’s referred to as “cloud-based” or “in the cloud” means it primarily lives online, instead of on something physical in your possession like a CD or your computer’s hard drive.

A good rule of thumb for determining whether something is “cloud-based” is asking yourself the following question: Can I easily log into this service from another device, like my phone or a different computer? If the answer is yes, then the service is probably based in the cloud.

Vulnerability assessment

Vulnerability Assessment versus Penetration Assessment

We get asked this question frequently, “What the difference between a vulnerability assessment and penetration assessment?”. It’s a great question and one we’d like to shed a bit more light on throughout this blog. Both engagements are aimed towards shedding light on areas within your cybersecurity posture that need improvement. We regularly perform vulnerability assessments and penetration tests for our clients tasked by regulatory compliance to adhere to a particular standard or to increase their security posture. Both of these tests play an important role within your organization by enlightening you on areas of weakness and decreasing risk from adversaries.

Podcast: CISO Speak – Incident Response

This months podcast features host Larry Bianculli speaking with guest CISO Agim Bracovic from BNB Bank, as well as our very own Matthew Pascucci, cybersecurity practice manager, at CCSI, on Incident Response. How do you build a team of qualified IR resources with current staff? How do you prepare and train an incident response team?…