Our services
MILLION Attempted Ransomware Attacks in 2021 globally
TRILLION dollars of damages globally in 2020
Companies hacked in 2021 (non-ransomware)
DAYS is the average time to detect and confine a breach, according to IBM
Consulting
At the most basic level, we are a consulting firm. We can be as involved in the process as you would like. We can simply evaluate your security posture and make recommendations. Conversely, we can be actively involved in vendor negotiations, implementation, and design. We understand that companies have different needs and risk tolerance. We can mold our services to suit your needs.
Virtual Chief Information Security Officer
Our Virtual CISO is perfect for companies that want ongoing support with their security but don't need a full-time CISO or CSO. By utilizing our vCISO you will have access to us as needed. We will use our continuous research and experience to constantly adjust your security posture as new threats arise. We will validate backups and disaster recovery. We will work with your IT department on all things security and patching policies in particular. Having a Virtual Chief Information Security Officer is literally adding an executive level member to your team, for a fraction of the cost.
Business Continuity Planning
All things considered, the reason cybersecurity is important is because you want Business Continuity. Despite our best efforts, the changing threat landscape makes total risk mitigation a pipe dream. So, while we mitigate what we can, we must plan for what we cannot. This is where disaster recovery comes into play. What do you do when you get hit by ransomware? What do you do if a fire breaks out or a water main bursts and floods your building? The answer is disaster recovery planning. Many things are replaceable, and insurance can help. Data, however, is irreplaceable without a robust backup and recovery plan in place. We will help design and implement such a plan.
Behavior and Training
People are human. Humans make mistakes. We click on things we shouldn't. We fall for scams that are obvious in hindsight. Sometimes, we're simply tired. Modifying behavior so that there is no grey area and no decision making needed for sensitive transactions is crucial to help mitigate this risk. How does your company approve wire transfers and direct deposit changes? Do you have delineation of duties to protect from internal fraud? How does your company reset passwords, add users, and define roles and permissions? These are all important questions that many don't ask until it's too late. We have extensive experience in crafting these exact policies and more.
