Core CISO Data BreachesHumans tend to move on to the next big thing quickly, and with rapidly changing security and regulatory environments, CISOs are no different. We all face new challenges daily, but as we focus on the latest priority in front of us, we must also remember to look back and revisit previous events to ensure we’re practicing hard lessons learned.

Thousands of hacks and data breaches have been reported this year, with victims ranging from public and private companies to local governments and school districts. However, several breaches stand out to me, and now that the dust has settled on them, I think they warrant a deeper dive to uncover what lessons can be gleaned from them.

In this post, I’ll share the story of three data breaches and highlight the salient details you need to know to protect your organization in this age of cybercrime.

Looking Back – Three Data Breaches

  1. The Okta Breach

Okta works with several partners to help manage its enterprise. Hackers targeted an employee of one of these partners, the Sitel Group, who had privileged access to provide customer service to Okta clients and data. That account was empowered to reset passwords and reset multifactor authentication.

The Sitel Group serves many more customers than Okta. To perform their jobs, support staff often need administrative privileges in their customer’s environment. The attack highlights the increased risk of outsourcing access to your organization’s internal environment.

  1. The Microsoft Breach

In March, Microsoft revealed that an employee account was compromised, which granted hackers “limited access” to Microsoft’s systems and allowed the theft of the company’s source code. Microsoft referenced the hackers’ use of “social engineering and identity-centric tactics” in a blog post detailing the breach. This attack illustrates why training employees about phishing and other social engineering tactics is so important.

  1. The Nvidia Breach

Nvidia, one of the world’s largest graphics processing unit (GPU) manufacturers, was breached in a cyberattack that resulted in the theft and release of over a terabyte of proprietary data and over 71,000 employee credentials. In a statement after the breach, an Nvidia spokesperson did not disclose how hackers were able to gain access, only referring to the attack as a “cybersecurity incident,” but a well-known hacking group quickly took credit for the attack.

What Do These Attacks Have in Common?

It is no coincidence that I am looking back at these three cyber events. The hacks were all claimed by a hacking group known as the Lapsus$ group. Lapsus$ claimed responsibility for the Okta breach, the Microsoft breach, and the breach of Nvidia, among others. It first made headlines in December 2021 when it conducted a ransomware attack against the Brazilian Ministry of Health, but its origins most likely can be traced back at least a couple of years. However, the most surprising piece of information is that the group is allegedly run by a group of teenagers.

Lessons to be Learned from Teenagers?

The tactics used by the Lapsus$ group are wholly unsophisticated but have still proven time and time again to be effective. The good news is that because their tactics are easily thwarted, organizations have plenty of opportunities to avoid getting hacked by following best practices.

Lapsus$ primarily relies on social engineering schemes to gain access to a target directly or seek access via an organization’s supply chain or service providers. The group claims that its goal is financial and has no political agenda; however, its chaotic approach is just as destructive in its pursuit of exploiting data.

The Lapsus$ group’s attacks are a reminder that even the most robust cyber defenses can be circumvented if attackers can exploit weak links in the chain. These weak links can be found in both the technical and human domains, but the likeliest way for hackers to gain access is via end-users. As a result, organizations need to be vigilant in educating employees about cyber threats and how to identify and avoid them.

Third-party risk management is also critical in protecting against the type of supply chain attack used against Okta. Companies need to vet their service providers and have security protocols in place to prevent attackers from exploiting these relationships to gain access to sensitive data.

Additionally, the Lapsus$ group’s attacks show that even small groups of relatively primitive attackers can cause much damage. This fact should be a reminder that organizations must be prepared for all threats, not just those from well-funded and well-developed cybercriminals.

It is important to remember that breaches can and will happen, whether perpetrated by Lapsus$ or other sources, and your company’s response can make all the difference in whether it will survive unscathed. The risk of lost revenue, fines and penalties, and reputational damage require that your company set and follow disaster response and recovery plans.

What Can You Do to Reduce Your Risk from Data Breaches?

Data BreachesThere are a variety of actions your firm can take to reduce your risk of being hacked, but here are a few key points to keep in mind:

  • Employ multifactor authentication.
  • Review all critical users’ access levels.
  • Perform due diligence for service providers and third-party vendors.
  • Conduct tabletop exercises to identify possible gaps in controls and training. For example, if an internal employee shared their credentials with an attacker, how could you tell?
  • Take care of your employees. Disgruntled employees are more susceptible to bribes.

Next Steps

Lapsus$’s attacks are a reminder that cyber defenses can be circumvented if attackers can exploit the weakest links in the chain. The best defense is to employ a multilayered cybersecurity solution that includes end-user training, comprehensive security policies and protocols, incident response planning, regular security audits, and more.

In today’s digital world, data is the new currency. And like any other type of currency, it needs to be protected from those who would exploit it. Unfortunately, the Lapsus$ group is just one example of the many cyber criminals out there looking to profit from the data of others.

Whether you work with an internal team or outsource your IT functions, employing robust cybersecurity solutions and regularly reviewing them against your risk profile is critical. Reach out to our security professionals for help evaluating your cybersecurity program to find gaps and areas that need improvement. Implementing security controls is not “set it and forget it” but must routinely be assessed to match the needs of your business and the external challenges of today’s cyber landscape.


JasonAbout Jason

Jason Martino is passionate about the intersection of security and compliance. He is responsible for Coretelligent’s internal cybersecurity programs, governance, risk, compliance activities, and educating staff and customers on an ever-evolving threat landscape.

Life Sciences Industry Innovation is Where Business & Technology Intersect

Life Sciences Industry Innovation is Where Business & Technology IntersectThe life sciences industry is experiencing a period of rapid growth. Not only does the sector produce life-saving and life-enhancing treatments, but it is fueling investment across the globe. For example, 78 startups went public in 2020 in the biotech sphere, representing a 77% increase from the previous year. Additionally, the first half of 2021 saw already seen 62 biopharma companies progress to IPO status. With the increased demand for innovative drugs, medical devices, and other therapies in the wake of the ongoing COVID-19 pandemic and vaccine development, various trends within the industry (like changes to clinical trials), and increased levels of investment, 2022 is shaping up to be a big year for the sector.

Innovation is the driver of the current expansion within the life sciences market. However, the key to maximizing this ROI, or Return on Innovation, requires that business and technology synchronize. This imperative calls for a carefully planned IT roadmap that enables companies to achieve a competitive advantage and improve business outcomes throughout the development, startup, growth, and expansion stages.

To help executives better understand the timeline, Coretelligent has developed a chart outlining the technology and business needs of the life sciences ecosystem throughout their life cycle. Download our datasheet Innovation is Where Business & Technology Intersect outlining how to plan your company’s IT strategy as you move through funding phases.


To dive deeper, download our data sheet → Innovation is Where Business & Technology Intersect.


In an earlier post, we shared some of the IT challenges faced by early-stage life sciences organizations. With this post, let’s take a deeper look at later-stage companies and what their IT strategy should be focused on as they scale.

What are the main IT priorities of life science firms as they move into their growth and expansion stages?

 

→ Employ technology for data management

As biotech, biopharma, and other life science enterprises grow, managing data increases in scale and complexity. As a result, cloud-based solutions and SaaS applications must align to ensure that enterprise data is available, usable, consistent, reliable, and secure. Employing the right technology solutions, including cloud-based services, backup and recovery, and others that store, manage, and protect data are critical at this stage.

→ Leverage technology to drive innovation

Not only has innovation come to the life sciences space, but it’s also bringing emerging technological trends with it. Advances in Artificial Intelligence (AI), Robotic Process Automation (RBA), Machine Learning (ML), Cloud/Big Data, and other developing technologies are evolving as disrupters to the sector. Successful life science companies will envision how to capitalize on these tools.

→ Optimize technology to grow operations

Even as innovative technology trends shift the landscape, IT becomes more integral to the core business operations as companies scale. While some may be using a managed IT model, most companies likely employ co-managed solutions during the later stages. A co-managed service provider empowers internal IT staff to drive technology delivery at scale and focus on strategic priorities. A technology partner can lighten the load by fulfilling tech support, plug critical skill gaps, and complement in-house capabilities with specialized technology services.

→ Utilize technology to ensure security and compliance

As a life science firm grows, compliance requirements increase in size and scope. At the same time, these companies have become more attractive targets for cybercriminals. As a result, life science firms must prioritize implementing robust cybersecurity tools and compliance processes to keep pace with evolving regulations while protecting sensitive data from bad actors.


Related Content → GxP and FDA 21 CFR Part 11 Compliance with Egnyte for Life Sciences.


Developing IT Growth Strategy for the Life Sciences Industry

The life sciences industry is booming, and the future looks even brighter. But the key to success involves more than just innovation—effective growth also depends on how well your life sciences company can leverage IT capabilities throughout your life cycle. In building out an effective IT strategy for startups, begin by understanding where your organization stands today, followed by preparing for those IT areas that will require digital transformation. Furthermore, leveraging new technologies like AI, RPA, ML, and Big Data, can help accelerate your progress and open up new opportunities in the journey towards achieving your goals.

To sum up, you need to understand what’s possible before embarking on any journey. By taking stock of current practices, planning ahead, prioritizing initiatives based on pain points, incorporating new technologies, and teaming up with a technology partner, you’ll be well-positioned to meet future growth. Coretelligent is an industry leader with extensive experience in the life sciences sector. To learn more about how Coretelligent can help your company successfully scale so that growth doesn’t stifle innovation, talk to one of our technology experts today.

security and compliance for financial services

security and compliance for financial services

From operational processes to security challenges and regulatory uncertainty, the financial services sector has very specific IT requirements. Whether you are interested in scaling vertically or horizontally, simply maintaining secure document management and compliant levels of access for employees can be difficult. Managing complex financial services workflows and meticulous processes requires intensely powerful technology, which can be more expensive than financial services firms can afford and still fuel growth engines. With the rise of platforms and partners dedicated to the digital needs of financial services firms, it is more important than ever to fully vet the security and compliance levels of your systems while forging ahead with digital transformation.

Safely Taking Advantage of the Benefits of Cloud

In many ways, cloud computing has paved the way for financial services firms to envision new ways of doing business that are faster, more automated, more compliant and more secure. Managing the huge amounts of data inherent in financial services has caused many firms to shy away from privately hosted or aggregated data centers and move exclusively to the cloud. While the cost-savings can be significant with this shift, the instant scalability of cloud computing is what has been most seductive. The variability of transaction rates over time allows for faster scaling and better control over the consistency of transactions. Even with all the benefits, not all cloud storage and transactions are the same as the security of your cloud partner could be the chink in your armor that cybercriminals are hoping to exploit.

The Rising Importance of RegTech

There was FinTech, and now RegTech: the technology utilized to ensure you are fully complying with the regulatory authorities of the world. This is particularly crucial for financial services firms that often work with individuals and organizations around the globe. This dramatically increases the complexity of the challenges you are facing, and as more countries adopt their specific data privacy policies the intricacy of avoiding regulatory risk will skyrocket. Financial services firms must either comply with these regulations or choose not to do business in that region, something that can severely hamper growth potential for the future. Many organizations are being faced with the option of patching together multiple existing systems and workflows, hoping to capture the spirit of regulations without full confidence that compliance has been achieved. Finding a way to create flexible and scalable — not to mention compliant and secure — systems will continue to be a challenge for financial services firms that manage their technology internally.

Reducing Risk from Security and Compliance for Financial Services Sector

In an ever-changing regulatory and security climate, financial services firms that attempt to meet the obligations set forth by regulators by utilizing manual processes can quickly cause inconsistencies that are not easily discovered without a full audit of systems and processes. Where RegTech can step in is through creating a more resilient base for the organization, allowing for greater scalability as new reporting, security and workflow requirements come to light. Solutions that include AI and machine learning in cybersecurity are often able to detect abnormal activity within a network, aiding in financial crime detection procedures by scanning millions of transactions in a short period of time. Employing machine learning solutions ensures that the systems are able to grow over time — improving their ability to detect inconsistencies and alert technology and business staff to a potential situation.

Trusted Cybersecurity is Vital to Scalability

Third-party vendor risk is often underestimated but is a topic that should be brought top-of-mind for financial services professionals. The highly sensitive information stored within the financial services sector and the increasing data privacy regulations have made the level of security for partners and your data storage providers a key concern. Knowing that your cloud provider has resources dedicated to cybersecurity provides distinct advantages in the face of ever-shifting compliance reporting and security risks.

Finding the right mix of proactive support, regulatory knowledge and cybersecurity experience can be difficult for firms in the financial services sector. With their compliance assurance and engineering excellence, the professionals at Coretelligent are helping financial services organizations find the path forward to scale. Our consultants and technicians represent a broad spectrum of technical expertise, ensuring we have the resources in place to support growing financial services organizations across the country.

Proactive cybersecurity support

Proactive cybersecurity solutionsImproving the operation of your business often starts with consolidation: creating a more cohesive structure that eliminates redundancy and slashes inefficiencies throughout the organization. Business leaders have been focused in this direction for generations, often looking for the smallest advantages that will allow them to outpace the competition. With the renewed focus on cybersecurity, it’s not unusual for businesses to focus more on protecting the security of their organization than attempting to improve operational excellence. What you may not realize is that some of the same initiatives that will help smooth operational hurdles can also provide added levels of cybersecurity. What can be difficult is finding the spaces where you can bring these goals into alignment and create a comprehensive strategy that addresses the holistic needs of the organization and provide proactive cybersecurity support.

Shifting Cybersecurity From a Defensive Strategy

As hackers continue to expand their reach throughout the business community, technology leaders often double-down on the defensive postures that can help guard against the immediate threats of ransomware, phishing emails and direct data breaches. While these are important steps, it’s also important that you create a more active role for cybersecurity within the organization. Consider the cybersecurity and data security compliance requirements as enablers of innovation that will help the business move forward, instead of restrictive policies that are being forced upon the organization. This mental shift offers a broader scope that can become a platform for evolutionary change within the business.

Proactive Cybersecurity Support as a Competitive Advantage

The same work that you’re doing to build your cybersecurity posture and disaster recovery strategies provides your business with an opportunity to review business processes that have been part of institutional knowledge for years and challenge the status quo. Businesses often find that there are high-level items that can quickly be resolved, as well as finding deeper growth options that will reduce work blockages and help you maintain a greater velocity for your business. Business leaders may find that situations that have been causing inefficiencies can be overcome if the changes are in alignment with best practices for cybersecurity and business continuity. In this way, focusing on cybersecurity actually becomes a competitive advantage for your business, tightening operations and removing inconsistencies. While it is easy to see how these strategies could enhance the operations of the organization, getting started or even scoping the breadth of the necessary changes can be overwhelming. This is one of the reasons that businesses are shifting to a co-managed IT services model that allows internal teams to focus on the future while the day-to-day operations and Help Desk support are managed through a network of trusted providers.

Protect your business from operational slowdowns when you explore the Co-Managed IT Services from Coretelligent. This approach allows us to empower your internal technology teams to drive innovation at scale while relying on Coretelligent to provide the best-in-class cybersecurity and infrastructure solutions that your business needs. Our team has expertise providing trusted technical support, in-depth strategies, planning and more to a range of businesses from life sciences and financial services to manufacturers.

Outsourced IT Solutions

Outsourced IT SolutionsEven with all of the available technology solutions, one of the biggest challenges you will continue to hear from technical teams is lack of time. Everything from upgrading current platforms to researching new solutions requires dedicated focus, and the ability to shut out all by-the-minute frustrations and do the work required to move your organization into the future. It’s not surprising to find that many business professionals feel as though they are being shut down by IT teams and attempt to “go rogue” — something that would be less likely to happen if IT teams are able to meet their needs more quickly. Outsourced IT solutions is a cost-effective and practical way to solve these challenges.

As the cost of cybercrime around the world rises into the trillions and companies look to IT for differentiation, it’s clear that something in the traditional business model that includes standalone internal IT teams simply must change. Working with a trusted and reliable outsourced IT provider offers a way for internal teams to retain control of their solutions while offering ways to expand the reach of technology to support new and unique business models.

  1. Help Team Members Focus on What Matters the Most

Time and resources are always a constraint for businesses, so how do you choose where to focus your efforts and attention? Technology is ever-changing, and it can be extremely difficult for small teams to find the time to keep new projects moving forward and support a complex IT infrastructure. When you work with an outsourced IT services provider, your internal teams suddenly gain hours each day — time that isn’t spent tracking down passwords, freeing up storage solutions, administering software and more. This helps boost the focus for your over-leveraged technical teams, allowing productivity to skyrocket on these critical innovations your business requires.

  1. Gain Access to Enterprise-Scale Solutions

It’s easy to envy enterprises with their near-unlimited resources, extensive IT budgets and expansive technology teams. Fortunately, IT managed services providers are able to provide you many of the same resources used by these larger companies without the upfront investment or ongoing costs that are usually required. Since an outsourced IT company works with many different clients, they can often afford to provide you with enterprise-scale solutions for network infrastructure, VoIP calls, data storage and cybersecurity. Plus, you’re not tasking internal teams with learning yet another software platform — instead, you are relying on a trusted partner to administer these solutions using ever-changing industry best practices.

  1. Enhance Your Cybersecurity Profile

Government technology leaders agree: cybersecurity is on the rise and your company has never been at greater risk. Companies of all sizes are vulnerable to these rising attacks, 2021 saw a year over year 17% increase in reported attacks . Without a robust and multi-layered approach to security, you are putting your company in a dangerous situation. Remediation after an attack is extremely costly, with companies citing losses of millions of dollars per data breach for remediation, customer notifications, lost revenue and more. Having access to the enterprise-scale tools and information you need to maintain business operations is a mission-critical endeavor for organizations — particularly those in the life sciences, financial services or other high-touch, fast-moving businesses.

  1. Empower Business Teams with Rapid Problem Resolution

When your business teams are confident that their problems can be quickly resolved, they are able to reduce their stress levels and the time spent on stressing over any technical issues. Having the least amount of uncertainty in your business processes can cause teams to fall into a low period in terms of activity, particularly in complex projects with many moving parts. Outsourcing your IT help desk support provides the peace of mind your teams need to know that any reported problems can be quickly resolved — allowing teams to maintain their forward momentum on important projects.

  1. Improve Your Customer Experience

Are your customers citing issues such as slow response times to customer service inquiries, the latency on your websites or other problems that can be tied back to your network operations or data storage solutions? Having a single point of contact for your IT infrastructure and help desk solutions helps aggregate these issues and allow them to bubble up for quick remediation. Your customers will appreciate the ability to rapidly access their information and your services, and reward your company with additional revenue and improved reviews. Customers are unwilling to wait for information or service answers for more than a few minutes. Don’t frustrate your clients and your staff with slow-moving networks that don’t offer the optimal experience.

Pulling together all of the various aspects of your IT solutions often requires working with several different service providers, but that’s not the case when you partner with Coretelligent. Our deep experience in a wide range of industries allows us to leverage cross-functional knowledge to provide the smooth and exceptional IT support that your company deserves.

Cyberattacks and data breaches are omnipresent in the headlines, and this trend shows no sign of slowing down. In fact, for a third consecutive year, instances of data breaches have been on the rise compared to Q1 of the year before. And what is even more troubling is that data exfiltration has become routine in many of these attacks.

What is Data Exfiltration?

Data exfiltration is the theft or unauthorized removal of data from devices or networks arising from a data breach. While many cybercriminals aim to steal and sell data—think of that big Target data breach from 2013 in which hackers stole $40 million credit and debit card records—not all are so straightforward. Not all hackers are looking to steal data to sell on the dark web. Instead, some use data exfiltration as leverage to force compliance with their demands.

In looking back at some of the cyberattacks from the past year, we hope to demonstrate how data exfiltration works and the potential risk from this form of attack—as well as the importance of putting security measures in place to avoid facing your own attack or breach.

Data Exfiltration in Action

In May 2021, the Colonial Pipeline shutdown caused East Coast gas prices to soar amid panic buying. The cause? The fuel pipeline was shut down because of a ransomware attack carried out by a cybercriminal hacking organization. In addition to hackers targeting the company’s billing systems, they also stole nearly 100 gigabytes of data and threatened to release it if the ransom wasn’t paid. The attack lasted for five days and ended when Colonial paid the $4.4 million ransom for the encryption key and avoided data release. While some of the payment was eventually recovered, the company had already taken considerable losses in productivity and reputation and even faced class-action lawsuits because of the breach.

Less than a month after the Colonial Pipeline attack, JBS Foods found itself in the crosshairs in June 2021. While JBS Foods claimed that there was no evidence that any company data was exfiltrated, independent investigations into the attack found that the hackers did steal data for months leading up to the attack. The attack and subsequent delay in productivity generated fears of exacerbating existing supply chain shortages and inflating prices which led JBS to pay an $11 million ransom, one of the largest publicly acknowledged ransoms of all time, to bring their plants back online.

In July of 2021, an attack was launched against Kaseya. This attack compromised and exploited the Kaseya VSA product itself, but the hackers’ true intention was to access as many downstream customers through the platform as possible to maximize the potential earnings from their ransomware attack. This kind of attack is referred to as a supply chain ransomware attack. In the Kasey ransomware incident, the hackers responsible for the attack hoped to magnify their results by targeting a service provider and gaining access to clients’ systems. While there was no documented evidence of data exfiltration from this attack, the potential for widespread data theft from this type of attack should be obvious.

Three Attacks, One Lesson

These cases echo the same message: potential risks from a deficient or merely adequate cybersecurity posture are significant. In March, United States President Joe Biden issued a statement on the nation’s cybersecurity that echoes a similar sentiment saying, “You have the power, the capacity, and the responsibility to strengthen the cybersecurity and resilience of the critical services and technologies on which Americans rely. We need everyone to do their part to meet one of the defining threats of our time — your vigilance and urgency today can prevent or mitigate attacks tomorrow.” It is more evident than ever before that as the cyber threat landscape continues to escalate, it requires a rigorous and proactive security strategy to protect a wide range of potential methods, including data exfiltration.

The Next Step

When was your company’s last risk assessment? Did you make the recommended improvements? What is your current cybersecurity posture? Even if you operate a small or medium-sized business, a lack of a robust cybersecurity posture can be detrimental. In fact, in many cases, small to medium-sized enterprises are even considered more attractive targets due to their likelihood of having lesser cybersecurity measures and because they don’t generate unwanted media attention on the hackers. Businesses of all sizes must protect their assets, intellectual property, and employee, vendor, and customer information with a robust cybersecurity posture.

A good place to begin evaluating your current cybersecurity readiness is by utilizing our Cybersecurity Evaluation Checklist as an assessment tool. This checklist is a jumping-off point to help your firm determine its current cyber risk exposure and readiness for critical event management.

After completing the checklist, reach out to learn more about how Coretelligent can help to strengthen your cybersecurity posture and protect your data. You can learn more about what we offer, including cloud-based solutions, backup and business continuity services, IT planning and strategy, compliance solutions, and more here.

Core CISO Risk Management

Core CISO Risk ManagementThis is the debut post from Coretelligent’s Chief Information Security Officer (CISO), Jason Martino. Jason will be regularly sharing his thoughts about information security on the Coretelligent blog.

With the shift towards security as a business priority, the role of the Chief Information Security Officer (CISO) has expanded and gained prominence within corporate structures. CISOs have long been the subject matter experts on cybersecurity best practices, but as the threat landscape has changed, so too has the position in the ongoing effort to protect company assets and manage risk management.

As the CISO of Coretelligent, I am responsible for our internal cybersecurity and compliance programs. I function as a conduit between IT and business and weigh in on IT and non-IT decisions, ranging from access control reviews and vendor selection to mergers and acquisitions. I also educate staff and customers on their roles in this increasingly dangerous threat environment.

At Coretelligent, we understand the risk of an inadequate security posture. Our C-suite appreciates and values the expertise of its information security professionals in evaluating and mitigating risks and connecting them to business objectives. Unfortunately, in my experience, I have seen too many businesses that do not give their security team a seat at the table. From my perspective, those businesses are still thinking of IT security as a cost center and not a revenue center. This approach is out of step with today’s reality of protecting assets in addition to a company’s reputation and brand.

To persuade any executives who need convincing, here are three takeaways that every CISO wishes their executives would better understand about information security and its role within risk management.

3 Things Your CISO Wants You to Know About Cybersecurity and Risk Management

 

1. Cybersecurity is About Risk Management and Not the Sole Responsibility of IT

Treat cyber risks as a risk-management issue and not solely as an IT function. Facing increased cyber threats, companies must address cyber risk in a business context or face dire consequences, including lost revenue, loss of critical data, reputational damage, compliance fines and penalties, and even the complete failure of the business. Therefore, risk needs to be identified and reduced to an acceptable level as guided by the company’s risk tolerance.

Companies must seek out and mitigate cyber risk on many levels and integrate cyber risk management throughout the organization. Unfortunately, when some executives think about information security, they mistakenly consider it a function of the IT team. But information security and information technology require different skillsets and involve entirely different responsibilities.

2. Prioritize and Practice Policy

Given the opportunity to assess hundreds of companies’ policies, I’ve realized that most companies treat policy as a checkbox activity. However, policy is more powerful than you realize.

Essentially cybersecurity is everyone’s responsibility, but executive buy-in is critical in successfully implementing an effective strategy. Executive buy-in is the crucial first step in aligning business objectives to policy and eventually to practice.

Second, creating policy shapes behavior to manage obligations and mitigate risks. Policies explain requirements for specific processes and the responsible parties involved. Keep content at a high level to avoid overloading policies with best practices, procedures, and other details that will overwhelm non-experts. Policies should be clear and achievable, setting the tone for behavior and expectations.

3. Focus on the Basics

If my inbox is any indication, there is an endless amount of vendors that claim their product or service will make your business more secure. While that may be true in some cases, it is critical to start with a good foundation. Just like you cannot decide to learn a language and become fluent overnight, focus on the fundamentals when mitigating risk. Advanced security products, services, and techniques will not be effective if you do not first build a solid foundation.

Asset management is the beginning of any security journey. To that end, create an inventory of your organization’s IT infrastructure and data and repeat this process continuously. You cannot protect an asset or confidential data if you do not know it exists. This process will allow you to understand your risk exposure. Additionally, an inventory is necessary for knowing where, when, and how to implement security patching versus functional patching.

Not all data is created equal. A one-size-fits-all approach to data protection just does not work in today’s data-driven business landscape. To that end, a tiered approach to protecting data may be more effective than blanket coverage. For example, consider who needs access, data storage and recovery costs, compliance requirements, and other parameters in determining your organization’s strategy. However, it is imperative that you identify and protect the crown jewels—the data assets that generate the most value for your company—and develop a plan that provides the best coverage for those assets.

Once you have a clear outline of your assets, the next step is to perform a risk assessment. Just as all data is not created equal, not all risks are equivalent. This exercise will enable your organization to identify and prepare for the most critical threats.

A critical component of any risk assessment involves identifying threats and vulnerabilities to IT assets. This step connects your inventory to the associated risks and allows your organization to develop a roadmap to mitigate those risks. A useful tool in completing this task is a risk heat map. A risk heat map is a data visualization tool that can help identify, prioritize, and communicate your risk exposure. In addition, it can highlight where best to allocate resources to mitigate risk.

Mitigating Risk Management

I have no doubt that there is more that your organization’s CISO would like to share with you. So, reach out to them and to our experts here at Coretelligent to learn more about protecting your business and mitigating your risk.


JasonAbout Jason

Jason Martino is passionate about the intersection of security and compliance. He is responsible for Coretelligent’s internal cybersecurity programs, governance, risk, compliance activities, and educating staff and customers on an ever-evolving threat landscape.

life science cybersecurity

As the life sciences industry evolves, so do the cybersecurity threats it faces. Cybercrime has risen dramatically in recent years, and life science organizations are increasingly the target of these cyber threats. Access to personal information and sensitive, proprietary business information make the life science industry an attractive option for cybercriminals.

However, being aware of critical vulnerabilities can help keep your organization a step ahead of those looking to exploit them. Below are some of the most common vulnerabilities facing the life sciences industry today.

Keeping Pace with Growth:

Life sciences organizations often undergo rapid growth as they transition from the investigational stage to market launch. As the company grows, so do opportunities for cyber threats that target employees due to the increased staff size needed to meet the growing company’s needs. A critical vulnerability comes when companies are unprepared to scale up their cybersecurity, compliance, and IT plans to match their growth. Establishing an IT roadmap can help minimize vulnerabilities associated with rapid growth.

Maintaining Compliance:

The high level of regulation in the life science industry can make maintaining compliance difficult. There are compliance rules and regulations on storing the organization’s data and the secure transference of said data to outside entities if needed. However, in many cases, simply maintaining compliance isn’t enough, as the regulations are frequently evolving to further protect personal data, preserve patient safety, and maintain a considerable level of transparency. Due to this evolution, life sciences organizations must be ready to pivot quickly to maintain overall compliance.

Protecting Intellectual Property:

Intellectual property (IP) is invaluable to a life science organization. A cybersecurity breach that leads to the theft of IP can be detrimental to the organization’s market value and competitive stance. Reliance on external contractors and partners, who often have access to sensitive networks that house intellectual property, poses a significant potential vulnerability—especially for smaller partner organizations that may not have robust cybersecurity defenses and processes.

Business Continuity:

Events of recent years have served as a wake-up call for organizations in life sciences to re-evaluate business continuity plans. Is your organization prepared for the next major catastrophe it will face? Risks are particularly acute for the life sciences industries due to the nature of the data housed within them. Being caught unaware or unprepared can expose vulnerabilities that cybercriminals can take advantage of. While it isn’t always possible to anticipate future events that could threaten normal business functions, it is possible to create a plan preemptively to minimize the impact of these events and continue serving customers.

With a solid background in supporting life science organizations at all stages of growth, the experts at Coretelligent have the knowledge and experience required to address any needs you may have. Our team of technical and business professionals will support each stage of your journey from inception to IPO, ensuring that you have the solutions and support needed to fuel your growth. Contact us today at 855-841-5888 or fill out our online form.

 

With so many different managed IT service providers (MSPs) out there, it’s easy to end up going with the wrong one.

As is the case with most any product or service, the way to get to the bottom of just how good the MSP is, is for you is to ask questions.

There are, of course, plenty of questions you could ask, but which ones will get you the right info?

While there will always be differences in what to ask based on each firm’s individual circumstances, there are certain points in common that will help bring about the right answers.

So What Questions Should I Ask a Potential MSP?

Finding out more about how an MSP does business is key to establishing whether or not that particular MSP is right for you.

Keep these questions in mind about an MSP for the best shot at success.

What kind of price structure do you use? 

While there can be similarities in pricing structures among businesses, there are enough points on which businesses can differ to make this question worthwhile.

It’s not just a dollars-and-cents issue, but rather a matter of how the billing takes place.

Whether it’s flat-fee, custom, or in certain minimum blocks, knowing how the company bills for its services can mean the difference between good service and a waste of money.

What are your price options?

It’s important to find out if your MSP offers customizable pricing.

Some MSPs offer tailored solutions specific to the level of management needs on each device to make it flexible for your needs.

Find out if the MSP will be flexible for you instead of trying to fit your business into its box.

Are there any co-management options?

Many companies have their own IT departments, and not just “that guy in sales who’s good with computers.”

For those firms, taking on some of the responsibility of managing managed services can result in a cut in the price, if the MSP offers co-managed IT options in its project management style.

Many MSPs have an all-or-nothing model.

If you have some internal IT resources, this could mean you are overpaying.

In these cases, Coretelligent specifically seeks to augment your existing staff, not replace them.

What security measures do you use?

If you’re outsourcing data of any kind, you know you want it protected.

In some cases, you may have state or even federal regulators who insist on that protection, and can slap you with hefty fines for failure.

Knowing the cybersecurity measures is therefore vital, a make-or-break decision that either makes it clear your data is safe and regulators are happy, or not.

What’s your discovery process like?

An MSP should always conduct a scan of the network to ensure accuracy.

If an MSP is simply proposing an offer to you based off an inventory list — or just what you’ve told them about your network — beware.

You want an MSP that values accuracy in all it does.

Additionally, the scan can provide you valuable insight into potential security issues, inventory management and equipment lifecycle.

What hardware and software do you recommend?

A quality managed service provider will not only use best-in-breed technology for monitoring and management, they will always recommend best-in-breed technologies for their clients.

Check references from the MSP to see what has been installed, and match that against recommendations from industry analysts like Gartner.

Is there a service-level agreement?

This is also a vital question; a service-level agreement (SLA) is effectively a contract between the provider and the user, guaranteeing a certain amount of service, commonly uptime.

If the agreed-upon level of service isn’t provided, there are often direct measures that apply to make the contract whole, like refunds or free service after the term of the agreement.

SLAs should also be centered around response times.

Your MSP should have written documentation in the contract spelling out impact levels including a mean time-to-respond associated with each impact level, and a mean time-to-remediate.

How often is the contract renewed?

Most MSPs offer both one-year and three-year terms. A one-year term can be useful in “testing out” an MSP but — bear in mind — you will most likely pay a higher price for that contract, and changing providers is not an easy process.

If you have negotiated “cause for termination” clauses, you should be fine with a three-year term.

Most MSPs have auto renewals in their contracts. Sometimes you can negotiate the renewal term to one year.

Make yourself a calendar reminder six months prior to the expiration to give yourself plenty of time to negotiate with other providers and make a transition if needed.

What accreditations and certifications does your company have?

Accreditations and certifications are, essentially, tangible reputation.

A company that has these points has reached certain levels of skill, verified by an independent body that has no stake in the company’s success or failure beyond the payment of certification fees.

While some accreditations and certifications carry more weight than others—and you can specifically look for these as part of your information-gathering process—having these is better than not.

Find out if the MSP is a Gold Partner with companies like Cisco, Microsoft, Dell, etc.

Ask to see how many CCIEs, CCNAs, and MSCEs they have. Additionally, do they have VMware certifications or security certifications like CISSP or CISM?

Who can I talk to that’s already worked with you?

If accreditations and certifications are tangible reputation, then referrals are intangible reputation.

Most reputable companies will have a list of references already on hand; they want to show off their successes as surely as any of us would.

While there’s some risk here of cherry-picking and seeded lists—they only give you a list of the successes, not the failures—using this information in concert with everything else will provide a truer picture of the company’s capability.

How Should I Start to Find the Best Managed Service Provider (MSP)?

Now that you know the questions to ask, all that’s left is to find the place to ask them.

The best place to start asking questions is with us at Coretelligent, where we have the answers you’ll likely want to hear.

Whether you have the unique needs of a mid-market firm, the specific demands of a finance or healthcare firm, or something particular to your own situation, our staff and partner firms are ready to help produce the answers to all the questions you might have.

Cybersecurity Tips

Cybersecurity TipsCybersecurity Awareness Month, now in its 18th year, aims to raise awareness about the importance of cybersecurity in both our professional and personal lives.

Held every October, Cyber Month is a collaborative effort between government and industry to ensure that individuals, organizations, and businesses have the cybersecurity tips and resources they need to be safe and secure online.

Every year, led by the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cyber Security Alliance (NCSA), Cybersecurity Awareness Month sends a clear message about security and the importance of partnership between government and industry, from the White House to individuals.

Doing our part to help raise awareness, Coretelligent will be sharing information and resources to help keep your business safe from cybersecurity threats.

To kick things off, we have put together a list of cybersecurity tips as a quick introduction to persuade your team to assess your firm’s current security readiness from a cyber attack. Stay tuned throughout October for more cybersecurity tips and resources.

Cybersecurity Tips for Good Corporate Cyber Hygiene

  1. Double (or triple) up on login protection.

    Enable multi-factor authentication (MFA) across your organization for all accounts and devices to ensure that only authorized users gain access to your secure data. CISA’s Multi-Factor Authentication (MFA) How-to-Guide is a good resource for more information.

  2. Shake up your password protocol.

    According to the NIST guidance, users should consider using the longest password or passphrase permissible. Encourage end-users to switch up passwords across applications, accounts, and websites. Using unique, strong passwords can make it more difficult for cybercriminals to gain access and protect your organization in the event of a breach.

    A password manager and online password generator can be employed to generate and for remembering different, complex passwords. Another solution is to employ SSO to control passwords centrally and avoid user password sprawl across various platforms, which can lead to poor password choices, reuse, and insecure safekeeping.

  3. If you connect, you must protect.

    Whether it’s a laptop, smartphone, or another networked device, the best defense against viruses and malware attacks is to perform updates on a regular basis to verify that the latest software updates get applied to your software, browser, and operating systems.

    A plan that includes the automatic security update is a critical layer of security and part of a multi-layered defense strategy.

  4. Don’t get hooked.

    Cybercriminals use phishing tactics, hoping to fool their victims. So if you’re unsure who an email is from—even if the details appear accurate— or if the email looks phishy, do not respond and do not click on any attachments or suspicious links in emails.

    Instead, report the phishing attempt to help your IT team and email provider block other suspicious fake emails before they arrive in your inbox. In addition, the use of random phishing simulations are a valuable exercise to help end-users spot phishing attempts.

  5. Beware of social engineering traps.

    Many people don’t realize that much of the posts seen on social media asking for seemingly random details are created by criminal networks. They use these posts to gather data that can be mined for potential passwords and other secure information.

    For example, posts like, “What car do you wish you still had?” or “Tag your childhood best friend” can be used to help criminals work out the answers to your security questions.

    Not only can these tactics impact personal data, but are used to target employees in order to gain access to corporate networks. Read CISA’s Social Media Cybersecurity Tip Sheet for more information about good social media and cybersecurity practices.

  6. Don’t forget about mobile.

    Most connected Internet of Things devices are supported by mobile applications. Mobile devices are often filled with suspicious apps running in the background, or using default permissions users never realized they approved, that are gathering personal information and login credentials without user being aware.

    A robust cybersecurity posture should include a plan for protecting data from employees using compromised mobile devices to access to corporate networks.

  7. Stay protected while connected.

    Utilizing Virtual Private Network (VPN) for employees remotely connecting is the best way to protect networks. A VPN creates a secure connection that encrypts information so that it’s hidden as it travels. This connection makes it harder for attackers to see and access data.

    VPNs are essential when accessing sensitive data like personally identifiable information (like social security numbers) or protected health information, especially when using public wi-fi networks. In today’s hybrid workplace, VPNs are a must to protect against suspicious activity.

From a phishing attack to a ransomware attack, cyber threats are constantly evolving. If you are unsure whether your firm employs good cybersecurity hygiene practices or not, then it may be time for a security check-up.

Remember, cybercriminals will use any security vulnerabilities they can find to gain access and steal data. You can start with these cybersecurity tips and move on to using our free Cybersecurity Checklist to review your security measures.

Coretelligent is here to help with advice from our cybersecurity experts. Protect your business and learn more about our enhanced managed cybersecurity services designed specifically for small-to-mid-sized companies. Reduce your risk from security incidents – contact us today for help responding to your cybersecurity gaps.