I was drinking my coffee this morning and I read that FireEye was Breached. What? I read that a second time. This time I also found out that their testing tools were also stolen. This is bad, I thought, because FireEye is used in many industries, but to suffer a Breach and lose your testing tools will certainly compromise their reputation.
According to FireEye’s website, this came as part of a Global Campaign. More importantly, they are indicating that users of the SolarWinds Orion network monitoring product was the source of the Breach.
The issue here is that they gained access to the internal resources and utilized these resources internally to hide and disguise their activity. They indicated that these activities occurred earlier this year, sometime in the Spring of 2020.
When was the last time your company had a formal security assessment? How about an assessment for the software you use internally as well? While you cannot be everywhere all at the same time, mandating security assessments for the vendor tools you use is a good way to delegate. Don’t forget to have an assessment performed on the network, your design, and security policies and procedures.
Everyone thinks that they have it covered, until they don’t. It’s what they are missing that causes the Breach.
Everyone thinks that they have it covered, until they don’t. It’s what they are missing that causes the Breach. While we understand that no one wants to be told that they missed something.
Which is better
… the cost of a Breach is very costly usually $200k to $3.8M or more. These are also known as Business ending events.
The cost of a Security Assessment is generally a fixed priced and is easily absorbed by the business. However, the cost of a Breach is very costly ($200k to $3.8M or more), and it is shared by the business and all of its clients.
There are many ways to effect change in the organizations. The most beneficial are the ones that are driven from the top down. While organizations were built to support the business internally, the advancement of the attackers to gain access to the internal resources has changed the way we need to work on Cybersecurity.
Here are a few quick hits that will move the needle for you more in your favor.
As we have seen in the FireEye Breach and other Breaches, the attacks are from the inside – out. Meaning that they were able to get past the Firewalls, and not get detected by Virus scanners or other current technologies. These tools are all based on their ability to identify new attempts with the current Known threats. That leaves all of the previously successful Breaches, and attacks using unknown threats exposed.
The ITS SafeTM security appliance includes out of the box capabilities to start working right away. ITS Safe is built to Detect, Defend against and Destroy Intruders. We are shifting organizations from a traditional security approach to continual assurance.
By implementing ITS Safe, the detection of activities inside allows us to eliminate the threats that other tools miss entirely. Get ITS Safe Today to keep your business safe.
Minimizing the threats of attacks on employees and businesses are the basis for the development of the ITS SafeTM Managed Security Appliance. Because attacks can happen anytime, the ITS Safe appliance continually monitors activities inside the network for both Inbound and Outbound traffic.
Sign up today to get a complimentary consultation
 A Global Campaign makes sense because they are all connected to the Internet, and that’s still a Global network, if my memory serves me right.
Comments: 1 Comment
This is the interview on KDKA Radio News 1020AM, Pittsburgh, PA. This interview was on our ITS SafeTM Security appliance. Only the ITS Safe security appliance is a managed service.
The KDKA Radio website posted the following for your review:
If the computer network of your company or business is not protected, the ITS Safe security appliance would be a great tool to have.
“Virus scanners and firewalls attempt to block things. In reality, a virus scanner is looking to see if it can identify that you’ve already had a breach. It’s a reactive tool, not a preventive tool,” said Albert Whale, Founder of IT Security Solutions, inc. during an interview with KDKA Radio on Tuesday.
“Our tool looks at the packets coming in, on the network and determines if they are good or bad. If they are bad, we drop them and we block the hackers from getting to your computers.”
Private information can be leaked and identities can be stolen if an individual breaks in to the network of a business; it can be very serious.
“Sysco came out with some other marketing for our webinar, and they said 43% of companies fail within six months after a data breach,” Whale explains.
ITS Safe is different from other platforms because they identify attacks that are in progress.
“We have controls in place that detect this malicious activity, and then we can block it before it hits your computer.”
This is could also be called, the 5 stages of grief for consumers and business owners.
If you are using a Credit or a Debit card, chances are that you have or know someone that has experienced someone else using their Credit/Debt card. This is an extremely horrible feeling, and border on the feelings of being violated.
So all of the above, and my personal experiences are for what we, the consumers, feel when this occurs. Spin this around for business owners now. There is no one that makes them whole, in fact their clients are all looking for assurances that they are not going to be hacked, and that they are whole.
The problem is that most businesses are NOT getting a Security assessment, to determine what their baseline level of security really is. Without a baseline assessment, how secure are you, really?
The mission of the Risk Avengers podcast is to discuss current cyber security issues, procedures for protecting your business, as well as Compliance requirements for business owners.
Our 10 minute format is designed to make it easy for listeners to get up to date on the current People, Processes and Problems for your Business.
The show is Hosted by Albert Whale, Founder & CEO of IT Security Solutions, and Jim Loeffler, President of InTune Business Advisors.
Join us to discover the road for improved security and protecting your business, be it small or global.
The information discussed on this podcast is presented for informational purposes only. It is not intended as nor does it constitute specific information security or accounting advice and should not be acted upon as such.
Comments: No Comments
Cyber Security conversation with Brad Stoller and Albert Whale
Many organizations are overwhelmed with today’s efforts to secure the organization. Whether they are a small to mid-sized business, or a global organization. Today in the US we are short more than 3.5 Million experienced Cyber Security professionals.
If we think of a Computer Virus as something similar to a virus that you can catch (like the flu), how effective are the tools you are using currently? The typical organization using both Firewalls and Virus Scanners, has less than a 40% chance of discovering the infection.
The premise of the Virus Scanner is a reactive tool which is attempting to discover the initial infection, after the breach has already occurred. These tools are used as a reactionary tool, and are less than 40% effective.
The ITS SafeTM security appliance works differently, because we are reviewing the traffic BEFORE it reaches the end point destination. That makes our ITS SafeTM appliance a differentiator, because we are being proactive, and stopping the malicious attacks before they reach your computing environment.
IT Security Solutions, Inc. is a cyber security organization which wants to improve and protect your organization with the latest tools and services for improving your organization’s security. The first question we want to ask you, when was your last security assessment? How often do you have an assessment performed? Would you consider that Constant monitoring could benefit your organization?
Let’s start with a conversation today. You can reach us at firstname.lastname@example.org or at 412-889-6870.
Comments: No Comments
Here are two reasons:
• Hackers have the same tools.
• They know how to evade them.
Using the Internet allows attackers to follow you inside the firewall.
GmailRead More “A positive change, with Albert Whale and Jim Loeffler – Episode 8”