Today, cybersecurity is vital to the safety and security of your company and its data. Developing a proper risk assessment strategy for cyberattacks is about as necessary as breathing. Not only can an incident get you in a lot of trouble with your customers, lowering your reputation, but it can also get you into legal…Details
Effectively connect people, process and technology to minimize MTTD and MTTR
There’s a reason it’s said that what gets measured gets managed. In order to successfully achieve a goal, you have to be able to measure progress. It’s the only way to know if you’re heading in the right direction.
That’s why any security operations team worth their salt will be paying close attention to both their mean time to detect (MTTD) and mean time to respond (MTTR) metrics when it comes to resolving incidents.
The average dwell time for attackers still sits somewhere within the ranges of 100 – 140 days and frankly, we can do better. Security operations teams need to be fanatical when it comes to lowering these metrics within their organizations.
Significantly reducing dwell time, MTTD and MTTR starts with an understanding of attacks. From there, you need multiple groups working together in harmony enabled by technology to automate and orchestrate incident response processes.Details
Often when speaking to people about the cloud, their first reaction is that it isn’t safe and they won’t use it. Odds are that they, and most everyone else who owns an Internet connected device, is already using the cloud.
Let’s take a step back and define the cloud. In essence, it’s just a network of servers — which are large, super-powerful computers. Anything that’s referred to as “cloud-based” or “in the cloud” means it primarily lives online, instead of on something physical in your possession like a CD or your computer’s hard drive.
A good rule of thumb for determining whether something is “cloud-based” is asking yourself the following question: Can I easily log into this service from another device, like my phone or a different computer? If the answer is yes, then the service is probably based in the cloud.Details
We get asked this question frequently, “What the difference between a vulnerability assessment and penetration assessment?”. It’s a great question and one we’d like to shed a bit more light on throughout this blog. Both engagements are aimed towards shedding light on areas within your cybersecurity posture that need improvement. We regularly perform vulnerability assessments and penetration tests for our clients tasked by regulatory compliance to adhere to a particular standard or to increase their security posture. Both of these tests play an important role within your organization by enlightening you on areas of weakness and decreasing risk from adversaries.Details
This months podcast features host Larry Bianculli speaking with guest CISO Agim Bracovic from BNB Bank, as well as our very own Matthew Pascucci, cybersecurity practice manager, at CCSI, on Incident Response. How do you build a team of qualified IR resources with current staff? How do you prepare and train an incident response team?…Details
On Data Privacy Day earlier this year, CCSI briefly discussed the implications of The General Data Protection Regulation (GDPR). It is essentially a set of rules imposed by the European Union to give individuals primary control over their personal data. This means that companies will now have to disclose or delete the personal data they hold.…Details
Zero-trust networks are often deemed compromised and untrusted, making authentication variables essential to security. Expert Matthew Pascucci explains a zero-trust security model. In the past, we’ve done a great job of making networks accessible. But with this increased availability, we’ve opened the door for attackers to move more easily around networks. However, as we introduce…Details
Two weeks ago CCSI held its first annual CISO Roundtable to discuss cybersecurity trends, issues and solutions. The conversation was focused on how local CISO’s are currently handling security from an executive level. In attendance were ten cybersecurity leaders on Long Island who brought years of experience and expertise to the discussion. The attendees were…Details
It is now widely accepted that Cloud computing can help small and midsize businesses (SMBs) lower operating expenses and improve application performance – and the public clouds are helping small businesses to either replace or supplement their on-premises IT needs. While having a sound migration strategy in place is crucial, equally important is to ensure…Details
We’ve recently seen turnover in the government with a void in the Cybersecurity leadership and it led me to think about how this is being handled in enterprises nationwide. Cybersecurity is more than just technology, hackers, and fancy toys. It’s also about strategy, leadership, and team building, which needs to come first before the implementation of…Details
The first question most people have when they hear the acronym CASB is, “What the heck is this CASB thing?” According to Gartner, a cloud access security broker (CASB) is an on-premises or cloud-based security policy enforcement point that is placed between cloud service consumers and cloud service providers to combine and interject enterprise security…Details
Spending days and nights monitoring your own network, as well as others, would probably seem like a mundane task to majority of people, but like any other job there are certain days that can stick out in your mind. For the ones that are not familiar with what a Network Operations Center or NOC is,…Details
Several years back, organizations didn’t even think about users signing up for their own applications and tools. The fact that each application required access to resources that were beyond their control kept this problem bottled up. Storage, compute, and network configurations were all IT’s domain and so IT needed to be consulted before a new…Details
This past week Matthew Pascucci, Cybersecurity Practice Manager at CCSI participated in a Cyber Roundtable. Check out this article about the roundtable discussion by Teresa Varela-Lauper. Dr. James Stanger is CompTIA’s Chief Technology Evangelist. He’s a CompTIA super hero in my book….traveling all over the world, speaking at events, impacting and representing the IT industry…Details
This months podcast features host Larry Bianculli speaking with guest CISO Jeff Jennings from Healthplex, as well as our very own Matthew Pascucci, cybersecurity practice manager, at CCSI, on policy and procedures. Where do you begin to write company policy and procedures? What are the best practices and how to ensure adaptation? Jeff Jennings and…Details
The internet of things (IoT) is a living, breathing beast that’s surreptitiously infiltrating our lives. We now have smart cities where the street lights and trash bins are calculating data to schedule efficient lighting and trash pickup. Our homes are connected to devices that allow remote adjustment of lights and temperature to our liking. Then…Details
SD-WAN has far exceeded 2017 expectations. It is one of the hottest trends in networking, and forecasts are increasing every quarter with IDC predicting the size of the SD-WAN market to be $8.05B by 2021. Forrester’s 10 Cloud Computing predictions predicts that in 2018 the total global public cloud market will be $178B in 2018,…Details
You have started your online business, and it’s going great, which means you can sit back and enjoy the fruits of your labor. Well, not exactly. If your eBusiness is a success, you still have to work on it constantly in order to keep up with the changes, as well as your competition. But, even…Details
This short blog should provide a sufficient answer to everyone who has heard the term MSSP, but never knew what the heck it was. In 2018, everything is constantly evolving. Whereas smaller companies historically housed all software on their own hardware housed in their own data center, with its own security and productivity tools: today…Details
While Backup as a Service (BaaS) is prevalent in both the Consumer and Business world, Disaster Recovery as a Service (DRaaS) is geared mostly towards the Business world. What needs to be understood is that DRaaS is not the same as BaaS. In addition, DRaaS is not necessarily a solution for all type(s) of businesses.…Details
The AAA framework is the logic behind Identity Management systems. AAA stands for Authentication, Authorization, and Accounting that this blog will explain. Authentication “Authentication is the act of confirming the truth of an attribute of a single piece of data claimed true by an entity. In contrast with identification, which refers to the act of…Details
Over the course of years, the world of internet has changed a lot. One of the most common thing that has been happening around the internet since its beginning is the ability of being “anonymous”. In fact, impersonating to be anonymous or someone else on the internet has become a trend on internet. No matter…Details
As the Internet of Things (IoT) begins to take shape and its future becomes clearer, IT experts realize that mainstream cloud computing isn’t enough. It’s not fast enough to handle real-time data streaming applications, and it’s not efficient enough to meet evolving technological demands. But developers are exploring a possible solution in the form of…Details
All firewalls are not created equal. To understand that, you need to know what the idea behind a basic firewall is. A firewall from the IT perspective is some hardware or software implementation that is meant to restrict incoming or outgoing network traffic. Most desktop operating systems as well as servers have some sort of firewall protection already built into the operating system. While these type of firewalls protect the machines they are running on, hardware firewalls/appliances will protect these machines as well as the rest of the hardware that exist on the network.Details
There are countless IT certifications today. One of the best for IT Security professionals is the Certified Information Systems Security Professional (CISSP), sponsored by the International Information Systems Security Certification Consortium, or (ISC)2.Details
At its simplest level, cloud computing means using someone else’s computer. This gives you rapid access to computing power, storage, and network services that can help you scale your operation up or down, depending on your requirements.
Cloud is a technology buzzword with many meanings. Dropbox is cloud. Microsoft Office 365 is cloud. Salesforce is cloud. Any software that you access via the Web is technically cloud. ‘Cloud’ is so prominent in today’s technology industry lexicon, that it is hard to remember a time without it.Details
BLE (originally introduced as Bluetooth Smart) is an extension to the Bluetooth 4 standard. It is important to understand that BLE does not replace Bluetooth, but instead it enhances Bluetooth. Bluetooth was defined under the IEEE 802.15 specification. 802.15 defines personal area networks for users and their devices.Details
Before the existence of the cloud, all of an organization’s data resided inside the enterprise perimeter which was relatively easy and straightforward to secure. Along comes the cloud and all of a sudden, the data has moved beyond the four walls of an enterprise making securing that data significantly more difficult.Details
As the use of Hyper-Convergence technology spreads throughout the industry, desktop virtualization has followed in this lead because HCI is a great platform for execution. Three of the main VDI players at this time would be Citrix, VMWare, and Microsoft. What is great about VDI, is that you are not necessarily tied to one specific vendor. For Example, your broker could be provided by Citrix, while the backend infrastructure could be provided by Microsoft, or VMWare. One thing to know about VDI is what it is not. It is not just the virtualization of desktops. It’s essentially a whole infrastructure based on supplying the desktop experience to the end user without necessarily having a desktop.Details