Cyber Risk Management Solutions
Cybriant Announced as a Top Workplace in Georgia

Cybriant Announced as a Top Workplace in Georgia

Cybriant, a leader in cybersecurity services, was recently recognized by The Atlanta Business Chronicle as one of the 2019 Best Places to Work.

The annual list is based on employee surveys gathered through a third-party research partner. The anonymous survey measures several aspects of a workplace culture. This is the second year in a row that Cybriant was named as a Best Places to Work by the Atlanta Business Chronicle.

The 16th Annual Best Places to Work Awards highlight successful companies who are going above and beyond to keep their workforce happy. See the full list here. 

“Cybriant is honored to have been recognized as a Best Places to Work organization for the second year in a row,” said Jeff Uhlich, CEO of Cybriant. “This award is especially gratifying in that it validates our efforts to create an enriching work environment for the members of our team.”

Since Cybriant’s inception in 2015, the firm has experienced 300% year over year growth. Earlier this year, Cybriant was also recognized as one of Atlanta’s fastest growing private companies as a recipient of the Atlanta Business Chronicle’s Pacesetter Award.

About Cybriant

Cybriant assists companies in making informed business decisions and sustaining effectiveness in the design, operation, and monitoring of their cyber risk management programs. We deliver a comprehensive and customizable set of strategic and managed cybersecurity services. These services include Risk Assessments, vCISO, 24/7 Managed SIEM with LIVE Monitoring and Analysis, 24/7 MDR, 24/7 Real-Time Vulnerability Scanning with Patch Management. We make enterprise-grade cyber security strategy and tactics accessible to businesses of all sizes. Find out more at https://www.cybriant.com.

georgia

 

Should You Hire or Outsource to Improve Cybersecurity?

Should You Hire or Outsource to Improve Cybersecurity?

Many businesses struggle with the decision of hiring in-house employees or choosing to use an MSSP to improve cybersecurity. However, outsourcing your IT needs in the workplace is almost always a better investment for your company.

improve cybersecurity

Some of the benefits of using an outsourcing security monitoring service provider include the fact that you will only have to pay a fixed fee each month, which makes it easier to stay within budget without worrying about unpredictable costs. On the other hand, in-house IT employees will require ongoing training, fringe benefits, overtime pay, and you will always have to deal with employees leaving. A managed service provider like Cybriant bypasses all of these extra costs, while still giving you access to experienced IT professionals at an affordable rate.

Interested in learning more? Here are three more reasons why is it wise to invest in an outsourced cyber security monitoring service provider. 

Outsource to Improve Cybersecurity

Cyber attacks can cause significant data breaches and destroy the reputation of a business. Consider the newsworthy breaches at Equifax and Capital One. Many technology executives consider using their current staff to manage their cybersecurity needs. However, in-house IT teams do not have the experience and expertise to handle large-scale cyber attacks in the workplace. It’s possible to avoid this scenario by outsourcing your security monitoring to a managed security service provider for the ultimate cybersecurity protection.

An MSSP offers a variety of services to keep your data secure, such as advanced virus and malware protection, network monitoring, next generation endpoint protection, risk assessments, and vulnerability & patch management services.

Access to Threat Intelligence

Keeping up with all of the latest changes in cybersecurity is never an easy task. However, an MSSP has access to the most recent threat intelligence to help your business stay prepared to fight the latest cyber threats. New cyber threats continue to evolve at a rapid speed, and an MSSP can help your organization keep pace and stay up to date with the latest technology.

On the other hand, an in-house IT department is more focused on maintaining your IT infrastructure and doesn’t have the extra resources to continue to invest in state of the art technology.

Cybersecurity Expertise

An additional benefit of using an MSSP is that you will gain access to cybersecurity analysts that have many years of experience in cybersecurity. A managed security provider works with multiple clients in maximizing uptime and is always available to offer additional support. An MSSP will help maintain patching and vulnerabilites up to date and monitor your network for any potential areas of vulnerability. These cybersecurity professionals play a key role in minimizing downtime and improving the daily operations of your business.

Working with an MSSP like Cybriant is a great investment for companies in today’s highly competitive work environment. Improving cybersecurity, gaining access to new technology, and around the clock IT help desk support are just a few of the numerous advantages of outsourcing all of your technical needs in the workplace.

Technology is the key to a successful business, and a managed service provider is an affordable long-term investment that offers immense benefits compared to hiring an in-house IT team.

Cybriant makes Cybersecurity Easy

pretect

Cyber Security Challenges: Higher Education and Local Government

Campus leaders today are already riddled with cyber security challenges including the data privacy of their students. The recent hacks that have reported in the higher education industry are adding to the stress of these campus leaders.

cyber security challenges

Recent Cyber Security Challenges

Regis University, Denver, CO

In a disturbing trend of college campuses that have been hit by hackers, Regis University in Denver is the latest victim of a cyberattack. According to the Denver Post:

A forensic investigation at Denver’s Regis University confirmed Friday that the private college’s technology systems were attacked by a “malicious threat” likely from outside the country.

“Immediately upon discovering this issue, we quickly and intentionally took our information technology systems offline in an effort to protect the university and your information while we initiated an investigation and notified law enforcement,” Regis said in a statement Friday. “We are unfortunately only the latest entity to face this kind of incident.”

It isn’t clear whether the cyber attack was based on a ransomware attack, the matter is currently under investigation.

Stevens Institute of Technology, Hoboken, NJ

Stevens Institute of Technology is still struggling to restore their network in time for the new school year. According to NJ.com,

The Hoboken college admitted on its website on Aug. 8 that it was the victim of a “very severe and sophisticated” cyberattack and it was working to “resolve this as quickly as possible.

The computer system is still down Monday, officials said in an online update.

The school also advised users, including students, “for your own protection, please shut down and do not use any computers that have been connected to the Stevens network until further notice.”

Stevens Institute of Tech student went to Reddit to post an open letter to college officials, saying:

As a Stevens student and an unfortunate victim of the ongoing ransomware attack, I am appalled by the latent and opaque response of the Stevens Administration surrounding the recent exploit and ransom of devices on the Stevens network.

Let me begin by stating that although the security of the Stevens network has long been called into question and the prolonged response by the Information Technology department is a cause for concern, I am not writing to express my displeasure for the actions that have been taken by the people directly combating the attack nor the future actions of Stevens’ department of Information Technology.

Rather, I am writing on behalf of the Stevens community to express our widespread disappointment in the Stevens Administration. I hope to facilitate and encourage an open and transparent discussion surrounding the status of our personal data, the competence of our current administration, and most importantly the lack of assistance offered to the Stevens students affected by this attack. Read more on Reddit.com

State and Local Governments Suffer Cyber Security Challenges

State and local governments store massive amounts of data on private citizens, making them a hot target for hackers. Just as colleges and university store data for students, hackers want to take advantage of this information.

22 Texas Towns Attacked

The mayor of one of the municipalities in Texas admitted that hackers are asking for $2.5 million to unlock their files.

According to NPR,

Experts say that while government agencies have increasingly been hit by cyberattacks, simultaneously targeting nearly two dozen cities represents a new kind of digital assault.

“What’s unique about this attack and something we hadn’t seen before is how coordinated attack this attack is,” said threat intelligence analyst Allan Liska. “It does present a new front in the ransomware attack,” he said. “It absolutely is the largest coordinated attack we’ve seen.”

Liska’s research firm, Recorded Future, has found that ransomware attacks aimed at state and local government have been on the rise, finding at least 169 examples of hackers breaking into government computer systems since 2013. There have been more than 60 already this year, he said.

Louisiana Forced to Declare a State of Emergency

Homeland Security was forced to activate its Crisis Action Team in response to the State of Emergency announced by Louisiana Governor, John Bel Edwards. Louisiana’s Emergency Services Function-17 was also activated to coordinate the response of the cybersecurity incident.

“The state was made aware of a malware attack on a few north Louisiana school systems and we have been coordinating a response ever since,” Gov. Edwards said. “This is exactly why we established the Cyber Security Commission, focused on preparing for, responding to and preventing cybersecurity attacks, and we are well-positioned to assist local governments as they battle this current threat.”

See the Emergency Declaration here.

This was the first activation of Louisiana’s emergency support function, which is newly created in Louisiana, in anticipation of the threat of cyber attacks.

More Cities, States, and Local Governments added to the List

In a year, local governments in Collier, Florida have been scammed out of nearly $1 Million. Read the report here.

The city of Atlanta is still recovering after spending upwards of $1.4 Million after ransomware attacks. Read the full report here.

La Porte County, Indiana forced to pay $130,00 in bitcoin following a ransomware attack. Read the article here.  

Heavy Regulations add to Cyber Security Challenges

Governments and Higher Education Institutes are some of the most heavily regulated industries in the United States. Just to name a few:

  • Family Educational Rights and Privacy Act of 1974 (FERPA)
  • Health Insurance Portability and Accountability Act of 1996 (HIPAA)
  • Gramm Leach Bliley Act (GLBA)
  • Fair and Accurate Credit Transaction Act of 2003 (FACTA or “Red Flags Rule”)
  • Privacy Act of 1974
  • E-Government Act of 2002
  • Federal Information Security Management Act of 2002 (FISMA)

These compliance regulations are put in place to protect the data and privacy of private citizens and students.

While these regulations should protect these organizations from cybersecurity challenges, they don’t always allow for the constraints that governments and higher education institutes typically face. Funding, Staff time and expertise, as well as calendar time,  are just a few of the common constraints facing these cyber security challenges. 

Outsourcing Reduces Cyber Security Challenges – at an Affordable Rate

By outsourcing your cyber security to an MSSP like Cybriant, you can potentially reduce your threat landscape. How?

  • You get a fully trained team of cybersecurity experts, watching your network around the clock at fraction of what a full-time team would cost.
  • You get competitive threat intelligence gathered from all the clients we serve. We’ve seen a lot.
  • We monitor your network for suspicious activity around the clock. Either through your SIEM or EDR technology, we have an inside view of what is happening.
  • Leave the patching and vulnerability management to us. Our team creates helps automate this function, so it is no longer an overlooked task.

Conclusion

Start with a strategy. Most security leaders agree that spending a small amount of time on creating your cybersecurity strategy (including deciding on a framework) has the biggest overall impact. Yet, many overlook this crucial step.

Consider an assessment. A Security Risk Assessment is the best way to determine any gaps in your security strategy.

Outsource to the experts. Your staff can focus on the tasks necessary to help your organization. Our team acts as an extension of your team. 

PREtect: Making Cybersecurity Easy

pretect

5 Ways an MSSP Can Optimize Network Security

5 Ways an MSSP Can Optimize Network Security

While there are many benefits to using an MSSP, optimizing your network security is one of the top ways. Check out the 5 ways an MSSP can help by optimizing your network. 

mssp

Network security is always a main topic of concern due to the ever-growing number of cyber threats in the workplace. Trying to handle network security on your own is a time-consuming process that can quickly overwhelm many business owners. However, choosing to outsource your IT needs with an MSSP can play a key role in maximizing security for your company.

How Can an MSSP Optimize Your Network? 

Here are five ways that a Managed Security Service Provider (MSSP) can optimize network security for your small business.

#1 Mobile Device Management

Mobile device management is essential in today’s work environment, as employees are increasingly using tablets, laptops, and smartphones for work-related purposes. Mobile device management from an IT security service provider like Cybriant offers a variety of features, such as application whitelisting and blacklisting, data encryption, and remote wiping services. Mobile device management also allows an IT provider to monitor employee activity while giving your network an added layer of security.

Through our Managed Detection and Remediation service, your endpoints are protected with 24/7 monitoring and incident remediation. We are able to detect, block, and contain malware before it can execute and cause damage. 

#2 Around the Clock Monitoring

Around the clock network monitoring from an MSSP plays a crucial role in proactively identifying cyber threats. These network monitoring services maximize uptime for your company to ensure that your employees always remain productive. An IT service provider can also quickly identify suspicious activity on the network to limit the damage of a cyber attack.

Cybriant has take around the clock monitoring another step and created PREtect. With this tiered service offering, we are able to monitor your siem, networks, update patches and vulnerabilities, as well as detect and remediate any issues with your endpoints. It’s an all-in-one service that will help reduce your organization’s threat landscape. 

#3 Automatic Security Updates, Vulnerability Scans, and Patch Management

An IT service provider can optimize network security by automatically downloading and installing the most recent software and security updates. These updates play a crucial role in improving software functions while also repairing any potential security vulnerabilities. Downloading these security updates as soon as possible is always a top priority to keep your business well-protected from the ever-evolving number of cyber threats. 

While vulnerability scans and patch management seem like a simple task that you team should take care of, it is an often overlooked, menial task that has caused some of the biggest hacks in cybersecurity history. 

#4 IT Security Awareness Training

Educating employees on the latest cybersecurity topics is critical in keeping your network safe and secure. A managed service provider can offer these employee education seminars on a routine basis to limit the number of mistakes in the workplace. These classes are a great way for employees to learn simple yet highly effective tips to increase network security and avoid becoming the victim of cybercriminals.

Companies like KnowBe4 offer security awareness training combined with simulated phishing attacks so you know your most phish-prone employees and can offer those employees more training. 

#5 Creation of Data Backups

A network crash can cause you to lose a significant amount of data and devastate the reputation of your company. However, you can stay prepared for this worst-case scenario by using an MSSP that offers data backup and recovery services. An IT service provider will automatically upload all of your critical information on to the cloud for added protection. A managed service provider will also create an incident response plan to handle a variety of situations to ensure that your company is always well-prepared.

Optimizing network security is always a high priority with a managed service provider. Mobile device management, around the clock monitoring, automatic updates, employee education, and data backup services are only a few ways an IT service provider can maximize uptime for your network. Cyber threats will never stop evolving, but your MSSP plays a vital role in keeping your network secure at all times.

Conclusion

No matter the size of your organization, you need a formal security strategy starting with a framework. But, most organizations aren’t able to afford the type of security tools and services necessary to protect their data and networks. By outsourcing to an MSSP like Cybriant, you are able to get enterprise-level security at a fraction of the cost. 

Security Operations Center

Download: Insource vs. Outsource

Interested in comparing the cost of building a 24/7 security operations center (SOC)? Download our ebook, “Insource vs. Outsource – Cost Comparison for Building a 24/7 Security Operations Center”. 

We will take you through the exact costs of building an internal SOC for a medium-sized business and compare it to the costs of outsourcing to a cybersecurity firm like Cybriant.

Download Today!

Biggest Bank Fraud Cases in History

Biggest Bank Fraud Cases in History

Take a look at some of the most serious cases of bank fraud in recent history. Hackers, insider threats, and more are at the root cause of these. Are you doing everything you can to prevent fraud in your organization? 

bank fraud

The team at Fortunly recently created an infographic with the information on the biggest bank fraud cases in history. 

Common Security Threats

These cases are filled with so much drama that books have been written about them and Hollywood movies have been created using these storylines. 

When you look at the facts, there are certain underlying similarities that you can prevent at your organization. Prevent bank fraud by being aware of these potential threats: 

Insider Threats

Some of the cases of bank fraud include hacks and cover-ups from former employees. But, you are always at risk of insider threats when it comes to your security. It’s important to be sure your employees are aware of security threats and be aware of suspicious emails, etc. You also have to protect your employees by using technology or services like Managed Detection & Response that could prevent malware from executing.

Phishing Emails

Hackers are getting smarter, cyberattacks are getting more and more prevalent in 2019.

Why? Because cybercrime is big business. In 2018 alone, cybercriminals received $1.5 Trillion in revenue. 

According to a new study, 70% of American workers don’t grasp web security and privacy. The majority – 70% – of US employees fail when it comes to security and privacy best practices. Employees represent the biggest threat to their company or organization’s cybersecurity, this is just further proof. The email phishing statistics below are proof of this fact.

While this is alarming, it’s important to understand that organizations are not spending enough on the technology or services to prevent cybersecurity issues from happening. While budgets are rising slowly, employees still need to be aware that they are the biggest threat to their organization. Read more phishing email stats here. 

New attack vectors and vulnerabilities are discovered every day. Your organization likely has firewalls, IDS/IPS, and AV solutions installed that look for malicious activity at various points within the IT infrastructure, from the perimeter to endpoints. However, many of these solutions are not equipped to detect zero-day attacks and advanced persistent threats. Consider using a service like our Managed Detection & Remediation.

Hackers

When your goal is to protect your organization’s data, you need to have a baseline framework that will help all future decision making. When you have a framework in place, an assessment Compromise Assessments is helpful to discover the potential gaps in your security strategy. 

Cybriant offers a service called PREtect that provides all the baseline necessities for your cybersecurity needs. With different tiers available, you could receive cyber threat detection and response, endpoint protection and remediation, and vulnerability and patch management. 

Biggest Ever Cases of Bank Fraud