Welcome to the Sentinel Blog!
We are proud to feature a carefully curated collection of articles and other content related to the most important technology topics of today and beyond. Our posts are composed and edited by Sentinel’s ALWAYS ENGAGED team of solutions architects, engineers, project managers and other subject matter experts.
Sentinel CTO Robert Keblusek Discusses Cisco IoT Aware Networking
At their Partner Summit earlier this month, Cisco announced plans to revolutionize the Internet of Things (IoT) through the development of a more intelligent network that will enable devices to connect and communicate with one another in an easier and more intuitive way. We asked Sentinel’s Chief Technology Officer Robert Keblusek to share some of his thoughts on these advancements and how they might affect the technology industry as a whole.
There is a need for intelligence in the network to recognize IoT devices and adapt appropriately. Many IoT devices currently lack embedded security elements and don’t communicate with the network on the policies needed for optimal communications, so any efforts that can be made to create a set of robust standards would be greatly beneficial. Similar to how Power over Ethernet (PoE) and voice intelligence drove a lot of enterprise network upgrades, there is an opportunity for devices to drive a similar upgrade initiative over time. If an enterprise can install an intelligent network ready for the IoT and cloud application services, that prepares them for the future. Innovation is key here, and I appreciate Cisco’s effort to take a leadership position.
Sentinel remains Always Leading by bringing innovations from Cisco and other technology vendors to our customers. For example, we recently worked with a manufacturing company to install intelligent factory automation using IoT devices, effectively turning their building into a next generation production facility. Beyond the actual equipment, we are also able to take advantage of the massive amounts of data generated by IoT devices to create visual interpretations and actionable intelligence that customers can use to improve their businesses.
Having worked with Cisco for many years, I have witnessed them innovate in many areas and applaud them for their efforts to improve the IoT experience. This sort of initiative is why many companies turn to Cisco for their networking needs.
Recently we witnessed some of the first attacks leveraging IoT, and they certainly won’t be the last. If we look at the history of Ransomware for example, we saw approximately 7 attacks from 2005 through 2013 and then a rapid acceleration with approximately 9 in 2014, 27 in 2015 and around 15 unique variants in the first quarter of 2016 alone!
We are likely to see a similar trend in IoT devices with a lack of security, patching and embedded security from vendors that are new to the IT security space. They will need to lean on experienced network and security vendors and partners to secure their devices. I see Cisco’s initiative aligned with these needs and welcome the opportunity to help Cisco bring this to market.
If you would like to learn more about the Internet of Things and how it can benefit your business, please contact Sentinel. We are also hosting a special Lunch & Learn about IoT security at our Downers Grove headquarters on November 30th. Please RSVP in advance if you would like to attend in person or via WebEx.
Sentinel Honors Our Veterans
Sentinel is proud to employ veterans and military families at our locations across the country. We are honored they have chosen to bring their valuable skills, knowledge, leadership and passion to Sentinel. In honor of Veterans Day, we asked Marine Corps veteran and Solutions Analyst Nadia Rios to share some reflections on her time in the military:
Serving in the Marine Corps shaped my life in so many different ways. It taught me the true meaning of teamwork and ethics. You depend on others to complete tasks, and they expect the same from you.
We learned to respect ranks and put aside any personal feelings in order to accomplish every mission. You knew that if you were a platoon sergeant, for example, all those beneath you relied on your knowledge; that these were your Marines and you were responsible for protecting them, guiding them and disciplining them as needed. Their success was your success, and their failure was a direct reflection of your leadership.
The Marine Corps helped me realize that I could accomplish anything I set my mind to. Most importantly, it gave me a newfound sense of pride and respect for my country.
Avoid Conference Room Conflicts With A Room Scheduler
By Jim Michalik & Frank Kristoff, Infrastructure Solutions Architects for Sentinel’s Technology Area Design Group
Most organizations find managing their conference rooms a challenge at some point, or at least to some degree. Double-booking rooms, ad hoc emergency meetings and interruptions due to non-participants accidentally barging in are common examples. In response, room scheduling has proven itself to be an easy technological solution for many of these problems.
The room scheduling panel is a small device that sits on the wall outside the conference room. Tied to the Microsoft Exchange or Notes server, it indicates whether the conference room is free (green lights) or in use (red lights). A meeting organizer can use Outlook to reserve the room as a resource, and meeting information is transmitted to the panel: subject, participants and duration. An organizer with an ad hoc meeting can book a room from any “green” panel, and this information is sent to the Exchange server to prevent conflicts. Meeting running long? Book an extra 10, 20 or 30 minutes right from the panel.
Scheduling panels like this are available from a variety of sources: furniture dealers (such as Steelcase) are offering them, as are audiovisual manufacturers (such as Crestron or AMX). Third parties are providing software for less expensive wall-mounted iPads and Android devices, although these devices sometimes suffer from reliability and theft issues.
Generally, a small API is required for the email server, and many products require an inexpensive, virtualized SQL database to track data completely. The panel itself is powered via Power over Ethernet, and is a network device; the panels can be recessed flush into walls or be mounted to glass (although hiding cables can be an interesting challenge).
Sentinel’s Technology Area Design group provides designs for these systems, end-to-end. For example, our design consultants address the code-compliant mounting heights, back boxes and conduit sizes from room to switch, as well as assisting you in proper budgeting for these systems. Another consideration for planners is how to mount the panels and what size is appropriate. Again, our consultants help make this transition easy.
Consideration of all these factors doesn’t need to be overwhelming to you, and the benefits are significantly greater than the costs of these systems. Sentinel can work with your new or existing facilities to help you manage your meetings successfully. Please contact us to learn more about room scheduling systems.
A Closer Look at Sentinel's Staffing Services
By Laura Curran, Staffing Sales Executive.
Additional contributions from Penny Clancy, VP of Human Resources
One of the biggest challenges businesses are facing today is the shortage of experienced or skilled IT talent. To build our own business over the past 30+ years, Sentinel has worked hard to attract and retain staff for a variety of IT departments and positions, including Administrative, Customer Service, Procurement, Accounting, Recruiting, Voice Engineers, Cloud Specialists, Route/Switch Engineers, Developers, Help Desk and Field Service Engineers just to name just a few. This recruiting experience combined with strong relationships across the technology industry enable Sentinel’s staffing department to help our customers find and hire top talent to fill open positions at their businesses.
My personal experiences and successes have relied heavily on Sentinel’s wide range of IT services, products and solutions. A recent staffing placement that I procured was introduced to me by another sales executive on my team. While working on multiple hardware and network integration projects with a customer, my colleague discovered that their network administrator would soon be leaving for another position. This presented a perfect opportunity to engage with them about our staffing solution services.
After a brief introduction, the IT Director and I had an in-depth discussion to determine what type of candidate they were looking for and the skills required to do the job effectively. One of the IT Director’s main priorities was to find a prospective employee who would be able to adapt fairly quickly to their infrastructure. Because of the customer’s past history with Sentinel, our on-site engineers already had an understanding of their environment, infrastructure, culture and business. This gave us a unique advantage over most other staffing competitors, who often select candidates based on a phone call with a client and standardized industry tests based around the requirements of the open position.
In order to determine the most viable candidate for the position, we asked one of our engineers who had worked on site with the customer to screen candidates in order to validate his or her technical abilities and organizational fit. Our engineers know we expect our candidates to live up to the Sentinel standard and that their technical knowledge and skills are at the level the client expects. Within a week we were able to identify a candidate who was local to the area and highly qualified for the position. After reviewing the candidate’s resume, the IT Director met with the prospective employee for a face-to-face interview where both agreed it was a perfect fit. An offer letter was extended to the candidate later that day. This all took place within two weeks!
In my 2.5 years at Sentinel, I’ve seen the incredible benefits and effectiveness of the marriage between our staffing solutions and IT consulting services. While technical qualifications are extremely important, we also take many other factors into account such as position requirements, hiring models (temporary, temp-to-perm, contract for hire, etc.), budget, length of engagement, desired business hours, geographic location, certification validation, communications skills and cultural fit before presenting a candidate.
Our recruiting department continues to grow as we work toward building stronger relationships with our current clients and continue to add new clients that can benefit from our unique abilities. We may not be a familiar name as a staffing solution provider, but we are intent on becoming our clients’ preferred vendor for staffing solutions!
To learn more about Sentinel’s staffing services, please contact us.
Ten Terrifying Tales of Technology Trouble
The world of IT can be a scary place, and not just because artificial intelligence will eventually become self-aware and destroy the human race. In fact, many of the situations that IT professionals witness on a daily basis are so bone-chilling they make horror films look quaint. We at Sentinel are no strangers to these nightmare scenarios, so join us if you dare as we chronicle ten of the most terrifying moments technology has to offer.
**When the Wi-Fi Goes Down**
As a society, we’ve come to think of wireless Internet as an essential part of our daily lives. The ability to look up information and connect with others via laptop, tablet or phone at the touch of a button is so convenient, it becomes scary the moment it’s not. Whether you’re at home or at the office, when the Wi-Fi goes down there’s the initial frustration at the inconvenience it’s causing, with the hope the connection will be restored within seconds. But as time slowly ticks off the clock, you begin to notice the deafening silence and panic begins to set in. Suddenly it becomes a question of not WHEN the Internet will come back, but IF. Of course the moment everything returns to normal there’s a sigh of relief, but for a few moments the world itself might as well have been ending.
**When Your Email Has Been Hacked and Sends Spam to Everyone You Know**
Unfortunately, passwords are not foolproof. Given the time and tools, hackers may gain the ability to access your email account and wreak all kinds of havoc should they be so inclined. This includes sending out all sorts of spam and malware-infected emails to your contacts, primarily in the hopes of gaining illegal access to their inboxes too. You may not even know it’s happening until friends, family or co-workers complain about it. By then, it’s already too late. Beyond that, attackers can also change your passwords, locking you out of your account entirely. Take a moment to rethink the strength of your password and inbox security.
**When Your Software Update Fails**
Every piece of technology requires an update from time to time, whether in an effort to improve functionality, fix bugs or increase security measures. Refusal to update or upgrade could make you vulnerable and an easy target for those seeking to do harm to you or your business. If only the update process wasn’t so agonizing. You’re stuck watching a progress bar or percentage slowly creep forward for what seems like forever, and should something go wrong it could fragment or even destroy your software or equipment. To receive an error message following an attempted update of a program or system can make you feel like all is lost. This is why it’s essential to have a backup!
**When The Least Technical Person You Know Asks for IT Help**
We all know at least one person who can be described as “not very tech savvy.” Most likely he or she is a bit older and doesn’t quite understand how to operate things like computers and smartphones with ease. Which is why you’re probably the first person on their speed dial whenever they need technology help. Wi-Fi not working? Expect a call. Document won’t print? Your phone will ring. Can’t get access to email? They might as well just hit redial. While it is a kindness to help, and there are few things better than the look on someone’s face when they learn something new, it often takes the patience of a saint to spend an hour talking a friend or loved one through a task you could have easily completed on your own in five minutes. When their name shows up on your Caller ID for the tenth time in a week, a deep shudder may instinctually course through your body.
**When Your Data Center Contains Products from Too Many Vendors**
One of the best things about technology is that there are so many different products and brands to choose from (Cisco, Dell Technologies, VMware, Microsoft, Apple, NetApp, Citrix, etc.). Such a diverse marketplace breeds competition, innovation and lowers costs. Depending on the particular needs of your IT department, it’s almost guaranteed components from at least a couple of different vendors can be found inside your data center. The greater the diversity of IT solutions however, the greater the challenges in managing them all. Older equipment might struggle to keep up or achieve compatibility with newer equipment, and if something breaks it can be a nightmare just figuring out the right technician to call. The good news is that Sentinel has an extensive array of partnerships and technical certifications with leading technology vendors, giving us single source accountability to not only provide the data center components you need, but maintain and support them too.
**When The Blue Screen of Death Shows Up**
We’ve all had the experience at least once in our lives: You’re sitting at a computer working on an important project, when suddenly the screen turns completely blue and a fatal system error message appears. This phenomenon, commonly known as the Blue Screen of Death (BSoD), has been plaguing Windows systems for more than two decades. It is caused by either hardware problems or issues with software running in the Windows kernel. The only solution is to restart your computer and hope for the best. Whatever you were working on may be lost, and the BSoD may be indicative of a critical problem with your system that will require fixing sooner rather than later. Even if everything returns to normal right away, the potential it could happen again lingers like a specter over every keystroke and mouse click.
**When Your Business Is Operating Without Disaster Recovery**
Running a business without disaster recovery is like driving a car without a seat belt – you can do it, but should the worst happen your chances of survival drop exponentially. Disaster can strike at any time, and without warning. It can destroy your files, data and general infrastructure, leaving the skeleton of your company a hollow shell that no amount of money can fix. Disaster recovery can’t prevent the destruction, but retains copies of essential data, applications and infrastructure elements in the cloud or offsite to restore key portions of your business quickly and in accordance with a previously established plan.
**When You Accidentally Hit “Reply All” For A Private Response on a Public Email Chain**
As far as emails go, most tend to be pretty innocuous and focused on the business at hand. But every now and then it’s cathartic to crack a joke or let off a little steam in a reply to a friend or co-worker. Spot a funny photo or video? Send it along to brighten someone’s day. Been having a rough week and looking for a friend to commiserate with? An email is one way to share the burden. Just be careful when and how you do it. Accidentally selecting “Reply All” when sending a joke or complaint response on an email chain can cause serious problems. An off-color joke or derogatory comment about a boss, co-worker or business associate have the potential to permanently damage your career and reputation. Shock, terror, dread and embarrassment are the primary emotions that most often accompany such a mistake, closely followed by desperation in the hope of taking it all back. Sadly, once it’s sent you cannot put that genie back in the bottle. Maybe it’s best to follow the old adage, “If you can’t say anything nice, don’t say anything at all.”
**When Someone Tries to “Fix” Something On Their Own**
Have you ever thought you could handle a task, only to discover it was much more complicated and difficult than you initially thought? This is a fairly common scenario in IT, as many employees with a rudimentary knowledge of technology believe they can fix hardware or software issues on their own instead of asking for help. By the time he or she realizes the problem requires the assistance of a certified professional, chances are it’s been made much worse through a series of failed attempts at solutions.
**When you forget your password**
If you follow proper security recommendations, you should change your passwords every 60 to 90 days. Not only that, but every password for every account you have should be different. That means memorizing multiple new passwords every couple of months. It can be quite the arduous task, especially with strict requirements involving character limits and complex combinations of letters, numbers and symbols. Everybody forgets a password from time to time, and the trial and error of running through all the passwords you remember but still getting nowhere can be frustrating at the very least. There’s the “Forgot Password?” button, which may (or may not) email you with that information…unless of course the password you need is for your inbox. Not every login screen will provide password assistance either, and some might even lock you out after too many wrong guesses. The whole ordeal can be convoluted enough to drive a person insane.
Not all technology has to be terrifying. Sentinel does our best to ensure customers have the right products, services and solutions to conduct business smoothly and with minimal disruption. Please contact us to learn more about our offerings.
Reflections on Cisco’s 2016 Security Partner Executive Connect
By Robert Keblusek, Sentinel Technologies CTO
As a security partner, Sentinel was invited to attend Cisco’s first annual Security Connect conference, which took place in Scottsdale, Arizona during the second week in October. The event provided an opportunity to learn more about the future of Cisco’s security portfolio, and provide feedback as part of a small group of participants. We were proud to have been selected to be part of this exclusive event helping to define the future of Cisco’s products in the security market.
Throughout the conference, Cisco provided insight into their current offerings and product roadmap. We were not only able to submit input on the products and services that make up their security portfolio, but also the messaging to the market as well. Cisco is highly focused on being one of the best and largest cybersecurity technology providers worldwide. Their products and services are remarkably strong, and when combined with partner engagement, enables them to offer customers real business value. The company has made some very important acquisitions and they continue to aggressively integrate their portfolio into a total threat defense architecture. Although no company does everything in all areas of security, it would be hard to find a company that can offer a more complete portfolio of best-of-breed products to protect an organization from cyber threats. When you combine excellent products with the threat intelligence and resources Cisco has with their Talos group, they are hard to beat.
In Sentinel’s Advisory Services offerings, we focus heavily on aligning an organization’s security practice around the NIST security framework. Our security operations center (SOC) concentrates on detection, investigation and response to the attack at various stages within the Cyber Kill Chain. When we combine Cisco’s portfolio with our Advisory Services, SOC and cyber threat recovery consulting, we feel like we have a very powerful combination to help even the most advanced security organizations improve their overall security posture. Together we can keep a customer protected from an attack, respond to an attack and in the worst cases recover from an attack quickly with the least amount of disruption to business operations.
The conference had an aggressive agenda which covered marketing, service enablement, Cisco service offerings, product direction and threat intelligence over a few short days. The general sessions, interactive sessions and networking events were a great way to enable partner-to-partner and Cisco-to-partner communications. I think it was planned perfectly and was very effective. Cisco brought the right partners, products and executives together, which gave us plenty of opportunity to have open one-on-one discussions. I know that those of us from Sentinel in attendance gained a lot of insight from the event and I am confident Cisco did as well. I expect that a great deal of our feedback will be incorporated into the upcoming Cisco WW Partner summit in November. Cybersecurity is top of mind for most companies today and it won’t change any time soon. Sentinel is proud to be a leader with our SecuritySelect™ portfolio of offerings and are very happy to have such as strong partner in Cisco.
An Overview of the 2016 Cisco Security Partner Executive Connect
Security is more important than ever in today’s increasingly connected world. The information we share electronically continues to create new challenges for businesses seeking to maintain their privacy and stay safe from those who intend to do harm via viruses, ransomware and other malicious attacks. This has led to a significant increase of investments in security products and services, which Gartner predicts will grow by more than $109 billion dollars over the next three years. Sentinel Technologies remains Always Leading by offering the latest security products and services from leaders throughout the technology industry. This includes Cisco, who held their inaugural Security Partner Executive Connect last week in Scottsdale, Arizona. It presented an opportunity for an elite group of executives from Cisco partners around the country to gather for a few days and discuss the past, present and future of security technology.
Sentinel’s Executive Vice President Brian Osborne and Chief Technical Officer Robert Keblusek attended multiple presentations from Cisco executives which highlighted a comprehensive range of security solutions to ensure businesses remain protected from external and internal technology threats.
Cisco’s Vice President of Product Management discussed integrated threat defense, which is the most comprehensive offering on the security market today. It protects networks from advanced threats and helps organizations meet their compliance requirements by correlating and analyzing data and telemetry across multiple security technologies and branch locations. This wider perspective enables businesses to make smarter and more detailed adjustments to their security setup as needed.
Dave Justice, Cisco’s Vice President of Global Security Sales, showcased how combining multiple security products such as Umbrella, Next-Generation Firewall, Amp and Stealthwatch can protect every aspect of an enterprise across all endpoints and devices.
Of course one of the greatest challenges with security is that it continues to evolve on a daily basis. Very few organizations are able to avoid every single attack. Jason Wright, Senior Manager of Vertical and Solutions Marketing, provided insight into security strategies and how Cisco solutions provide assistance before, during and after an attack.
When it comes to the future of security, researcher Will Largent talked about the latest developments with Cisco Talos. The Talos team is a think tank comprised of more than 250 security research analysts who review and act on information generated by Cisco’s wide range of security products. By understanding how organizations are using their security products and the different types of threats they are facing, Cisco is able to determine the best ways to adjust and develop their solutions to best serve the customer’s needs and keep them fully protected.
We’ll have more highlights from Cisco’s Security Partner Executive Connect in the coming week. To learn more about the wide range of security solutions offered by Sentinel, please contact us.
The Importance of Healthcare Breach Assessments
By Rick Spatafore, Strategic Solutions Advisor
Healthcare organizations have become a prime target for hackers. This is not surprising considering the treasure trove of information that exists on every patient. Patient records hold all the elements needed to completely compromise an individual’s identity: name, address, phone number, credit card information, social security number, insurance information, medical history, etc. If a bank becomes compromised or discovers indicators of compromise they can easily change card information and issue new cards to their customers. This risk avoidance comes at minimal cost to the banks and minimal disruption to our normal lives. When healthcare data is stolen or compromised, the effect has a much larger impact. Your credit card information can be exploited without setting off alerts at financial institutions. Your medical history and insurance information can be used to commit insurance fraud. This is much harder to unwind than simply issuing a new credit card number. You cannot simply change your address or your medical history.
Healthcare organizations that have acknowledged breaches up to this point have been mostly large organizations with a significant number of medical records. These institutions typically have the staff and resources to properly defend against attackers and protect their medical records. But what about the smaller organizations like rural hospitals, inner city clinics, critical access hospitals and doctors’ offices? These organizations typically struggle with security due to staffing and financial constraints, but still hold the same valuable medical records. How can they protect their information? How can they ensure they are taking the appropriate steps?
Many institutions have adopted electronic medical record (EMR) technology through the use of a maturity model such as the HIMSS Analytics Electronic Medical Record Adoption Model (EMRAM). This provides guidance, framework and analysis that organizations can follow on their journey to EMR adoption. This same approach could easily be adapted for cybersecurity and enable institutions to improve record protection using the same type of guidance. In partnership with Intel Health and Life Sciences, Sentinel Technologies has developed a 7 Level Cybersecurity Adoption Model to gauge the current maturity of your security program and help develop a strategy to enhance it even further.
It starts with a Healthcare Breach Security Assessment. This 1-2 hour engagement takes place with a qualified strategic advisor, who measures breach security safeguards in your healthcare organization against the industry recommended maturity model. The assessment is conducted by phone or face-to-face. It does not require a security expert from your healthcare organization to be present, just someone with strong knowledge about what security safeguards are in place. After the assessment, you will receive a report summarizing its findings, including your maturity level, how it compares with the rest of the healthcare industry, any gaps and a multi-year plan to incrementally build your breach security. Results of the assessment and reports are confidential. Only de-identified and anonymized information is aggregated with broader healthcare industry breach security posture data.
There are many types of breaches, including cybercrime hacks, loss or theft of mobile devices or media, accidents or workarounds, malicious business associates or insiders, fraud, snooping, improper disposal of private materials, ransomware and so forth. The healthcare breach security maturity model may be used to rapidly assess the breach security posture for a healthcare organization and establish the safeguards to mitigate a specific type of breach, as necessary. This develops a focus on top breach concerns, while also allowing healthcare organizations to measure their security posture across a variety of breach types.
+The healthcare breach security assessment is a quick checkpoint survey of potential breach security issues intended to inform participants where they stand on selected security practices in relation to other participants across the industry.
+It is not intended to replace participants, other types of compliance, or traditional security due diligence activities.
+It is also different from and complementary to risk assessments that are required by several regulations and security standards.
+It provides an opportunity to look at gaps and next steps that can be taken to improve breach security posture.
+A healthcare breach security assessment may identify needs and lead to deeper subsequent engagements including policy creation or update, risk assessment, penetration testing, vulnerability scanning, audit, user training or implementation of various breach security safeguards.
Security improvements based on this assessment can also help with compliance, visibility and traceability from safeguards in the maturity model to various applicable and commonly used privacy and security regulations, data protection laws, and standards. To learn more about Healthcare Security Breach Assessments as well as Sentinel’s 7 Layer Cybersecurity Adoption Model, please contact us.
How to Respond to Ransomware
By Rachel Jenkins, Security Product & Business Development Manager
Ransomware is a disastrous type of file encryption malware affecting more and more types of systems. It’s difficult to prevent because the infection typically starts from known sources, like your employees. Ransomware causes extensive downtime, can be expensive, can ruin the reputation of you or your customers and provides limited options for recovery.
The two most common types of ransomware in circulation are crypto-ransomware and CryptoLocker. Crypto-Ransomware leverages unbreakable encryption. It blocks access to specific system files or personal data, and demands payment in order to get your data decrypted. CryptoLocker completely locks you out of your computer. The files aren’t encrypted in this case, but the attackers still ask for payment to restore access.
Once infected with ransomware, a bogus excuse and demand for payment is displayed on your screen. In just the past couple days I’ve seen a threat masquerading as notification from the FBI attempting to charge a fine for visiting a pornographic website, and another for causing a corporate security breach – neither of which were true.
Ransomware creators, distributors and other cyber criminals are ruthless. They’ve automated their attacks to the point of targeting anyone and everyone. If you’re not paying close attention, simple things like day-to-day work tasks can infect you and your organization in seconds. This includes opening or clicking links in unknown emails, visiting a legitimate website secretly embedded with malicious code, or even being on the same network as someone who is infected. Criminals used to target home users and personal computers, but have moved onto bigger targets: police departments, city councils, schools, financial institutions, commercial/retail, manufacturing, and hospitals. In most cases executives are targeted because they have the authority to pay large sums of ransom. Other reasons include:
+that’s where the money is
+causing a business disruption or outage will increase their chances of getting paid
+complexities of IT systems can be prone to vulnerabilities and exploits through technical means
+security awareness training for employees is typically not a priority until it’s too late
+businesses would rather not report ransomware attacks for fears of legal or reputation consequences
+the larger the customer, the larger the database of personal and confidential information
+a successful attack feeds the ego of a cyber criminal, ultimately causing a desire to attack more/bigger targets
**Should you pay the ransom?**
My answer will always be HELL NO (sorry grandma)! You shouldn’t give attackers the satisfaction or financial windfall of winning. Plus, paying the ransom gives you NO guarantee that your data or access will be restored. 81% of companies believe they will get their data back, but on average only 42% actually do. The only other options for recovery from a ransomware attack are either to restore your infrastructure from a backup or completely rebuild it, which could take days, weeks or months.
Securing your perimeter and installing anti-virus software aren’t the only security solutions anymore. While those things are still important to have in place, neither are capable of completely preventing or stopping modern-day threats. Internal employees account for 43% of data loss and over 55% of security incidents. Make sure you have backups, and your employees are trained and knowledgeable of the impact that can occur. Sentinel can provide your business with the comprehensive security services and solutions needed to prevent ransomware attacks. Please contact us for more information or to request a quote.
The Present and Future of Security
By Robert Keblusek, Sentinel Technologies CTO
New phishing attacks, ransomware and large-scale personal information losses at major organizations have been in the news quite a bit lately, which has resulted in increased cyber security awareness. Attacks have become easier for perpetrators to execute and they continue to advance at a rapid pace. Hackers are more proficient than ever at profiling an organization and uncovering new ways to get inside data security protection with the help of unsuspecting end users. As a result, ongoing end user awareness training is essential for those committed to protecting their business. These need to be security training programs that go well beyond traditional new hire orientation.
Many attacks happen from inside an organization. For example, mobile devices without proper protection will become infected outside of their network and then spread to corporate resources once they are brought into the enterprise network. Other approaches include well-crafted phishing emails that appear to be legitimate corporate communications, or attackers physically dropping USB devices in an employee parking lot to lure unsuspecting users to run a program or click a link that triggers a cybersecurity breach from within.
A complete cybersecurity architecture is essential to keep your organization protected, along with security management tools that constantly watch for malicious activity and infections so IT can react as quickly as possible. Behavior-based technology that works in conjunction with network and mobility intelligence will help an infrastructure and network react more quickly to unusual activity. Technologies that integrate with embedded network security such as Cisco Identity Services Engine (ISE) allow for an automated response to threats, giving IT extra time to implement counter-measures before it is too late. Sentinel believes we will see a significant increase in these approaches. We have already seen an increased demand for technology such as Cisco ISE on both wired and wireless networks as well as integration with mobile device management platforms.
From a technical perspective, we are seeing a strong increase in movement with next-generation firewalls at perimeters and anti-malware technology at endpoints. In addition, Sentinel believes that while signature-based technology powered by vendor investments in threat intelligence networks will remain strong, there will be an increase in the deployment of behavior-based technologies at both the network and endpoint levels. Increased trends in mobility, cloud computing and continued advances in the actual attacks require layered approaches and automated response.
Sentinel has tremendous activity in our managed intrusion detection and security incident and event management (SIEM) offerings, along with our security operations services. All companies have some investment in security products, but very few are getting the complete value from these existing investments. Additionally, very few clients have a strong and well documented incident and event policy in place as well as a formal security program that works to secure the enterprise. Sentinel offers consultation and assessment services to assist with identifying your organization’s security maturity and areas of need. With our Security as a Service (SECaaS) offering, we bring together existing investments and give our customers the visibility needed to see their vulnerabilities in an easy-to-use and navigate dashboard with advanced reporting. This component is critical to any successful security program.
Sentinel’s SECaaS is a hybrid security experience both from a technology and operational staff standpoint. Measurement of success is key, and Sentinel has developed security scoring which provides a security posture baseline as well as ongoing measurement of how security programs are impacting your business. This is very similar to a FICO credit score and gives the IT department an easy visual score card showing executives and boards the impact of their security program. In some cases, this can also be very helpful with auditors and cyber security insurers when they consider taking on shared security risk with an organization.
Security is an ongoing effort, which is why a strong policy and the right tools to enforce and support it are more important than ever. Many customers simply don’t have dedicated security staff for 24x7x365 monitoring and response, and those that do often employ personnel that lack the necessary breadth of security experience across different practices and solutions. Sentinel’s security operations offer a well-defined set of tools backed by top quality expertise and processes. Delivered as a service from our CloudSelect® platform, we offer custom service level agreements (SLAs) to put together the right program to match a customer’s security program requirements.
To learn more about Sentinel’s security offerings and solutions, please contact us.