Posts

Year-End IT Planning

Year-End IT PlanningAs we move into the last quarter of the year, it’s time for the annual review and realignment of your IT planning and strategy. Of course, you have actively been implementing your IT roadmap throughout the year, but a year-end IT planning and review is an opportunity to evaluate its effectiveness and update it for the upcoming year. Here are some things to keep in mind as you plan for the end of the year.

Year-End IT Planning and the IT Road Map

An IT roadmap is a strategic plan that outlines how your business will use technology to achieve its goals. A well-planned roadmap can help your business scale, improve ROI, reduce risk, and increase productivity.

Utilizing an IT roadmap ensures that your IT investments drive value and growth. In addition, a comprehensive plan can help identify areas of your organization’s IT infrastructure that need improvement and prioritize addressing them.

As with any plan, a strategic IT roadmap is only effective if you use it. A high-level annual review offers an opportunity to evaluate successful goal completion, realign with business goals, re-examine key initiatives, acknowledge and implement a plan for gaps, and provide valuable data for setting future KPIs.

What Should a Year-End Review Encompass?

As with other company activities, the year-end technology review reflects what you put into it. So don’t regard it as a meaningless exercise; instead, see it as an opportunity to get valuable information about your company. While results vary from firm to firm, there are certain aspects that all year-end reviews have in common.

1. Review the Current Technology Roadmap

Appraise the initiatives, tactics, and timelines of the current IT strategic plan to evaluate successful completion and future updates.

Reassess the technology of the organization, including:

  • Cybersecurity practices and policies
  • Technology infrastructure
  • Cloud storage and applications
  • Processes and data governance
  • Due diligence, compliance requirements, and risk management

2. Review Business Goals

The review process should also start with refreshing yourself with your company’s mission, vision, and values. Then, this is an opportunity to assess business functions and realign with these foundational pillars.

Of course, a review would not be complete without the inclusion of the business goals for the year you are looking back over. These business objectives can help you formulate a list of questions that can be answered through your review.

Review current business objectives, initiatives, and IT needs across the organization to determine IT initiatives. SWOT analysis can help identify gaps in IT needs across the organization. Key elements to include in the plan include proactive cybersecurity, compliance requirements, business drivers, expected growth, risk management, and identifying opportunities.

3. Assess Key Performance Indicators and Results

Determining success by reviewing metrics is key to establishing the effectiveness of any plan, and an IT roadmap is no exception. Beyond assessing whether goals were completed, there’s also plenty of insight to be gleaned from evaluating the objectives you did not reach. Undergoing this exercise is where the work of developing next year’s IT roadmap through identifying gaps and deficiencies, goals out of alignment, and new technology needs begins.

4. Putting IT All Together for Next Year

The outcome of this exercise is to use these findings from this strategic year-end IT planning process to set initiatives and develop strategic goals for your organization for the upcoming year.

Additionally, business leaders should look externally and evaluate business drivers and market forces, apply competitive research, and assess technology disruptors when determining upcoming IT priorities and business goals to include in next year’s plan.


Download our e-book Paving the Road to Success with Strategic IT Planning to learn more about how developing and implementing an IT roadmap can steer your firm towards success.


Chris Messer, Chief Technology Officer at Coretelligent, HeadshotAbout Chris

As Chief Technology Officer at Coretelligent, Chris Messer is a transformational and strategic IT leader who establishes and leads Coretelligent’s technical vision and technological development. Click here to learn more about Chris.

Top IT Priorities

It is safe to say that the top IT priorities facing C-suite and IT leaders in 2022 continue to come straight from the headlines and include topics like cybersecurity, privacy, emerging technologies, and more.

The pace of change is accelerating at a heightened pace, and this dynamism isn’t expected to slow down any time soon. So, to get the most value from IT in 2022, here is a list of key initiatives that should top your agenda for the year.

Top IT Priorities

1. Cybersecurity

If ongoing events in Ukraine are any indication, 2022 will see continued, intensifying cyber threats. Already, as many as 61% of SMBs reported at least one cyberattack during the previous year. As a result, continuous improvement and monitoring of cybersecurity posture should be at the top of business leaders’ to-do lists. From state-sanctioned attacks to increased supply-chain attacks and everything in between, security experts are anticipating that the remainder of 2022 will be an even more challenging.

Some of the key areas to consider strengthening are MFA, endpoint security and user awareness, zero trust policies, and better evaluation of partners’ and vendors’ security policies and practices.

2. Privacy and Compliance

With various privacy laws, like CCPA/CPRA, GDPR, and NY PPPL getting updated or coming on board, 2022 is a big year for data privacy. Experts anticipate that by the end of 2023, 75% of the world’s population will be covered by a complex network of data privacy regulations and increased enforcement of those laws. As a result, executives will need to allocate more resources towards security and compliance to mitigate risk and avoid costly data breaches and fines and penalties for non-compliance.

3. Automation with AI, ML, and Low Code/No-code

Just as more resources will need to be allocated to respond to cybersecurity and compliance challenges, leveraging opportunities offered from AI, ML, and low code/no-code solutions will be critical in 2022. These solutions have been considered emerging technologies but are now becoming mainstays for market relevance for many verticals, including financial services and life sciences. These technologies enable streamlining workflows and processes and recoup time spent on routine tasks for investment into revenue-boosting tasks. Coupled with personnel labor shortages, AI, ML, and low code/no-code will become integral to aligning IT strategy with business strategy.

4. Hybrid Workplace in 2022 and Beyond

There has been plenty of recent debate about in-person versus hybrid workplaces. The reality for many businesses is that some form of hybrid work will continue into the unforeseeable future or will remain as a permanent fixture. CTOs, CISOs, and executives facing a hybrid model should continue to focus on applying best practices in their implementation. It is undeniable that the hybrid model does place additional burdens on IT resources, especially regarding cybersecurity and support.

5. Hiring and Staffing Challenges

We are all aware of the current US and worldwide labor shortages, and IT is not immune to the situation. While the need to invest additional resources in IT is growing, many organizations face the challenge of not being able to fill critical roles within their IT units. Experts predict that this talent gap will persist beyond 2022, so savvy executives and IT professionals will look to outsourcing by employing a managed service partner to extend their internal IT capacity.

6. Emerging Technologies and Trends

And if increased cyber threats, compliance, and labor shortages are not enough to juggle, leaders also need to keep up with what is on the horizon with 5G, quantum computing, the metaverse, and other emerging technologies.

Let’s take a closer look at the possibilities. First, 5G is poised to transform the banking and the financial sectors from improvements like increasing the speed of payments to creating environments for superior data collection and more efficient backend processes. Additionally, quantum computing will bring a whole host of challenges and opportunities, including the need to protect data from quantum-empowered cyber criminals further. And finally, while enterprise use cases for the metaverse are not likely to develop in the next year, life science executives (among other sectors) should very much “watch this space” as this technology develops.

Some of these technologies may seem more appropriate for a sci-fi novel, but shrewd leaders will contemplate possible use cases for potential competitive advantages.

IT Planning and Strategy is Key

 

With careful planning and strategizing, CXO and IT leaders will be ready to take on these and other critical initiatives this year. With threats like cybercrime and data breaches on the rise, it is more important than ever to allocate resources to cybersecurity and respond to shifting compliance standards. Automation with AI and ML can help improve workflows and increase productivity. Outsourcing some (or all in some cases) of your IT functions can help alleviate skill gaps and other challenges from labor shortages. And finally, executives must stay ahead of emerging technologies like 5G and quantum computing to ensure their businesses remain competitive. By preparing for these challenges, IT leaders can ensure their organizations achieve success in 2022 and beyond.

Reach out to learn more about how Coretelligent can help your enterprise solve these and other initiatives.


About Chris

As Chief Technology Officer at Coretelligent, Chris Messer is a transformational and strategic IT leader who establishes and leads Coretelligent’s technical vision and technological development. Click here to learn more about Chris.

 

Business technology trends

Think About It
It is no secret that business needs to stay on top of the ever-changing technology landscape. Companies that do not keep up will not succeed in the digital age. But, depending on how fast your business adapts, you could be missing out—or left behind altogether.

As a new year begins, we start to see lists touting the latest information technology trends to watch. However, it can be a challenge for non-technological business leaders and busy IT managers to keep up, digest, and make thoughtful decisions about the technologies in which to invest.

In this post, I share nine tech trends that we consider the most impactful for our clients and similar companies in the coming year.

For a deeper dive on how these trends will impact your business, download the free white paper → The Top 9 Business Technology Trends to Prepare for in 2022.

The Top 9 Business Technology Trends to Prepare for in 2022.What Are the Biggest Technology Trends for 2022?

  1. Data Fabric

Gartner defines data fabric as a “concept that serves as an integrated layer (fabric) of data and connecting processes.”

  1. Distributed Enterprises

As we have seen the rise of remote and hybrid work, we also see an increase in the distributed enterprise model. The distributed model entails co-locating various teams that make up a company.

  1. Cybersecurity Mesh

Escalating cyber threats and decentralizing the workplace requires an innovative approach to cybersecurity. Enter the concept of cybersecurity mesh which broadens defense beyond a central physical plant.

  1. Hyperautomation

The growing utilization of artificial intelligence (AI) in business processes has been a powerful technology disrupter. Hyperautomation is one of the leading outcomes of this development.

  1. Privacy-enhancing computation

Privacy-enhancing computation (PEC) is part of a collection of methods helping to solve the challenge of achieving data privacy.

  1. Low-Code/No-Code

Low-code and no-code techniques allow non-developers to piece together without specialized knowledge.

  1. Predictive Analysis

Predictive analysis is a data-driven assessment that is used to forecast the likelihood of a given future outcome using historical data and machine learning.

  1. Networking, Connectivity, and Security for Remote and Distributed Work

Whether part of a formalized hybrid or distributed workplace model or just a liberal remote work policy, dealing with protecting data and systems is the new normal.

  1. Cybersecurity

Finally, cybersecurity deserves to be singled out as it will remain a constant focus for IT in the coming year. Discover which types of cyber attacks are expected to increase in 2022 in the whitepaper.

Technology Trends and Strategy

While these are not the only tech trends of note, they are the trends that we expect to have the most impact on SMBs in specific sectors. We, at Coretelligent, will be tracking these trends and collaborating with our clients as they navigate the challenges and opportunities they bring.

The business landscape is constantly changing, and it’s crucial to adjust your business strategy accordingly. As a leading managed service provider with industry-specific experience and a full suite of IT solutions (including IT strategy and planning, cloud services, and more), Coretelligent is exceptionally well-positioned to help executives and business owners decode these trends. We can help guide your business in determining what technology enhancements are appropriate to incorporate into your technology strategy.

Reach out to learn more about our solutions and continue the conversation about technology and strategy.


Chris Messer, Chief Technology Officer at Coretelligent, HeadshotAbout Chris

As Chief Technology Officer at Coretelligent, Chris Messer is a transformational and strategic IT leader who establishes and leads Coretelligent’s technical vision and technological development. Click here to learn more about Chris.

9 Obstacles to Scalable Technology for Growing SMBs

Think About ItScalable technology is an area of regular concern for companies throughout the growth cycle, but it is a make-or-break-it concern for early- to mid-stage companies. At this point, the introduction of IT compliance requirements for privacy, data storage, cybersecurity, reporting, and more create a technology imperative that cannot be ignored. Due diligence requests from investors to determine a company’s viability combined with government-mandated compliance requires a serious assessment of an organization’s technology. And that means proving that your technology infrastructure can meet its current business needs and effectively scale as your company grows.


You can read more about the intersection of compliance and technology here (and specifically for  financial services here and life sciences here).


9 Obstacles to Scalable Technology for Growing SMBsScalable Technology is Mission Critical for Growth

In considering scalable technology solutions, it is essential to remember that IT functions do not exist in a vacuum but touch every aspect of business operations. In addition, the roots of technology extend further into operations as your company grows. IT impacts the success or failure of every function from quickly and seamlessly onboarding an ever-expanding pool of employees to implementing software to manage clinical trials and for your biotech startup or developing a technology stack that guarantees uptime for your investment firm. Leveraging technology’s power will become critical as your company progresses from startup to Series A and B.

Technology scalability can be defined as the range of a system’s ability to expand as demand changes. Anticipating how quickly storage loads can be increased or how databases will respond as new users are added are examples of gauging scale. Scalability is an almost constant operational concern but matters most during periods of rapid growth. The twin points of capacity and flexibility can be used to measure the scalability of any technology system.

Scaling technology should be viewed as an investment that reduces growth busting complexity and silos, includes flexible software and infrastructure, aligns with industry best practices, increases efficiency, and recognized as a revenue enabler and driver.

Taking a deeper dive, just what are some key areas of consideration for scaling technology for early-stage to mid-stage companies?

9 Factors for Delivering Scalable Technology

  1. Cloud Infrastructure – Cloud computing offers businesses the opportunity to realize cost savings, increase flexibility, and reduce complexity. However, things can get complicated as a business needs a scalable system. Out-of-the-box cloud services may no longer provide the required sophistication, and a customized mix of public, private, or hybrid cloud solutions is necessary. Increased spending will be needed to address additional processing, storage, and security requirements.
  2. Emerging Technologies – Be aware of developing technologies that could act as disruptors to your industry. For example, machine learning and AI have transformed various industries—some companies were ready to adapt, and some were not. Whether they deliver opportunities or challenges, emerging technologies can be significant game-changers that require a series of proactive steps or investments. For example, just think how different Blockbuster’s future could have been if they had only taken advantage of the industry-disrupting online DVD rental market sooner than they did.
  3. Avoid Data Silos – To the digital enterprise, data silos are anathema to growth, yet they are prone to develop as an organization scales. Therefore, as a company expands, it is essential to have a data management and governance program to address these silos before they become entrenched.
  4. Growing Employee Base – Your workforce is only as good as the technology it utilizes. From employee onboarding to performance management, your technology needs to seamlessly accommodate a growing workforce.
  5. Software Integrations – Be mindful of painting yourself into a corner with software applications and integrations as your organization scales. The scalable approach is to deploy a line of business applications with native support for integrations. These scalable business applications reduce the likelihood of data silos and the creation of time-consuming processes to counteract non-interoperability.
  6. Managing Collaboration – Collaboration is critical at any stage, but effective collaboration can suffer as an organization grows. A scalable collaboration platform should enable file-sharing and facilitate workflows seamlessly across a growing user base while protecting against security breaches.
  7. Building Processes – Document processes as your business scales to ensure a framework for producing repeatable and predictable results. Scalable processes can be executed quickly and efficiently as increased volume, more users, and greater complexity demands.
  8. Growing Necessity for Support – No matter your sector, planning for IT support is integral for your growing enterprise. As you add capacity, support can quickly become unwieldy or unresponsive and be a real stopgap to growth. As the number of users expands, the demands on an internal support team magnify. Planning for this challenge by outsourcing support to an IT partner will keep your firm on a growth trajectory.
  9. Increased Need for Cybersecurity and Compliance – Both cybersecurity and compliance increase in complexity as your company grows, especially in heavily regulated industries like financial service and life sciences. As a company progresses from startup to the funding stages, it needs to be prepared to take on the increased cybersecurity and IT compliance requirements that come with growth.

Leave Technology to the Experts

One solution for managing these scalability factors and optimizing growth is to focus on core competencies and leave the technology to the experts. A recent benchmarking study from Fidelity demonstrated that financial services advisors who outsourced reported higher growth. By outsourcing some or all your technology functions, you can focus on expanding your business and not your IT unit. Building in-house IT requires an enormous investment in both people and technology. Instead, choose the best scalable solution by partnering with Coretelligent to leverage our years of experience, industry-specific knowledge, and strategic technology advisors. Our scalable technology solutions will allow your internal teams to increase their focus on revenue-generating activities and achieving business goals.


Chris Messer, Chief Technology Officer at Coretelligent, HeadshotAbout Chris

As Chief Technology Officer, Chris Messer is a transformational and strategic IT leader who establishes and leads Coretelligent’s technical vision and technological development. Click here to learn more about Chris.

Kaseya Ransomware Attack

Kaseya Ransomware Attack A breakdown of the Kaseya ransomware attack and how Coretelligent successfully evaded any impacts.

The July 4th weekend Kaseya ransomware attack should be a warning to all organizations from small- and mid-sized businesses to multinational corporations. Not only did the attack compromise and exploit the Kaseya VSA product itself, but the hackers’ true focus and intention were to access as many downstream customers through the platform as possible to maximize the potential earnings from their ransomware attack. This kind of attack is referred to as a supply chain ransomware attack. In the Kaseya/REvilware ransomware incident, the hackers responsible for the attack hoped to magnify their results by targeting a service provider and gaining access to client’s systems. Unfortunately, in the eyes of cybercriminals, many ransomware victims are better than just one victim. More victims increase their chances of collecting on a significant cryptocurrency ransom demand, particularly within the realm of managed service providers and their downstream customers.

Shots Fired

While this is the most massive ransomware attack on record, it could have been much worse. Considering that the company is one of the largest in the remote monitoring landscape, the thousands of victims affected could have been tens of thousands. Today, Kaseya VSA users were the targets, but tomorrow it could be the customers of an even more popular vendor or Software-as-a-service (SaaS) provider. There is no enterprise in the world that does not utilize service providers as a regular part of their business—not to implicate any specific company, but think about the prevalence of Microsoft, Adobe, Amazon Web Services, Salesforce, Zoom, and many others. This incident indicates an escalation by cybercriminals, and we should all be paying attention. Sorry to say, but this is the proverbial shot fired across our bow, and now is the time is now to batten down the hatches for the next potential attack.

What Made Coretelligent Different?

Not all of Kaseya’s customers were impacted, however. Neither Coretelligent nor any of our clients were affected. At the same time, other MSPs and their customers were caught up in the Kaseya ransomware attack and locked out of their systems, awaiting backup restoration efforts or a decryption key. We credit this outcome to the fact that we do not rely on any single tool to provide our only means of security, and we have robust incident response planning and workflows to handle such an event. We have multiple layers of protection in place to protect our critical systems and data. Additionally, we were able to mobilize our team immediately upon news breaking of this event to take swift action to mitigate and protect until further information was available.

While not directly impacted, Coretelligent immediately enacted our Incident Response Plan out of an abundance of caution upon learning of the attack in progress on July 2nd. Doing so allowed us to eliminate any potential issues and keep all customers protected until further information on the attack became available. As leaders in the MSP space, we must follow the very same incident response guidance that we offer as recommendations to our clients.

Coretelligent’s robust, multi-layered approach to cybersecurity, also referred to as defense-in-depth, protected us—and, more importantly, our clients.

Here are some of the key provisions that make up this layered defense model:

  • Perimeter Security – Strong firewall policies to allow only necessary services access, security scanning (antimalware, antivirus), DNS/web filtering, Intrusion Detection and Prevention (IDS/IPS), and geo-blocking all help reduce the ability of malicious actors to access services such as Kaseya that were public-facing.
  • Multi-Factor Authentication – All critical services are secured with multi-factor authentication to reduce the possibility of unauthorized access due to compromised credentials.
  • Role-Based Access Controls (RBAC) – Coretelligent operates a tiered and segmented permission structure within our environment. Employees are granted the appropriate level of access to systems based on their role, responsibility, and seniority. This process helps to govern and restrict full administrative access to key systems and infrastructure to a select group of senior internal resources; as such, there are fewer accounts and avenues for attackers to gain access and do damage.
  • Endpoint Protection – Coretelligent leverages SentinelOne Endpoint Protection for all our corporate servers and workstations. This platform, along with others, can detect/block these types of exploit attacks.
  • Security Logging and Monitoring – All critical infrastructure is monitored in real-time via our CoreArmor platform. Logs and data are aggregated from all our critical systems to look for anomalous or suspicious behavior and immediately alert our team.

As Coretelligent’s infrastructure was protected with the provisions noted above, our customers were also still protected via endpoint security software from our other partner providers, SentinelOne and Webroot.  In addition, subscribers to our CoreArmor service benefitted from additional real-time alerting and protections against this attack as the indicators of compromise (IOC) used in this attack were discovered and reported. This coverage allowed for security products to better detect and protect against this attack from further spreading or infection of new targets. All our key security vendors provided security updates and tracking information throughout this event to help block the ransomware and additional infected files to reduce further spread and infections.

The Plan You Hope You Never Have to Use

An Incident Response Plan is a set of guidelines and procedures put into effect during a security incident. Generally, this type of plan includes guidelines for the initial response, escalation, containment, and recovery or post-incident activities.

As our Incident Response Plan recommends, we quickly shut down all activity from the Kaseya compromised servers. In addition, we followed the additional steps outlined in our plan to safeguard our resources and those of our clients. As a result, neither Coretelligent nor any of our customers experienced any impacts—excluding inconvenience—as we proceeded through our Incident Response Plan. Additionally, to honor Coretelligent’s commitment to transparency, our team provided twice-daily email updates to our customers, which are also available in this blog post.

As the attack unfolded, Kaseya shared that the hackers were able to gain access through a zero-day. A zero-day is a previously unknown vulnerability discovered in software or system design that cyber criminals can exploit to gain entry to networks. A patch was released on July 13th to address the vulnerabilities, and after careful review of the fix, our Coretelligent engineers begin implementing the patch on July 14th.

Future Plans

Moving forward, Coretelligent will address any concerns we may have with Kaseya and provide an update and recommendation to our clients.

Kaseya Ransomware AttackFrequently Asked Questions About the Kaseya Ransomware Attack

What is Kaseya?

Kaseya is a leading provider of cloud-based IT management and security solutions for small, medium, and large businesses. The Kaseya VSA platform is just one tool that Coretelligent uses to help manage, access, and maintain customer servers and workstations.

How does Coretelligent use Kaseya?

Coretelligent uses Kaseya to remotely access, troubleshoot, monitor, and manage servers and endpoints of our customers and perform automation and maintenance activities for customers who subscribe to that service. Additionally, Coretelligent uses a combination of tools (Kaseya and LogicMonitor) to monitor customers who have signed up for proactive monitoring services.

Who is behind the ransomware attack?

This attack was perpetrated by the cybercriminal group known as the REvil Ransomware Gang. The threat actors were implicated in the June 2021 hack of the meat-processor JBS. After the JBS attack, the group warned that they would next target U.S. companies. As a result, the White House called for President Vladimir V. Putin to shut down the Russia-linked gang and other ransomware groups targeting the U.S.

How did Kaseya get hacked?

The attackers exploited four vulnerabilities in Kaseya’s VSA product to bypass authentication, upload ransomware, and other payloads, and then execute the malicious code/files. This vulnerability allowed the hackers to upload the malicious software, create Kaseya procedures (scripts) to copy files and execute the ransomware. They then executed these procedures against all customer agents tied to each Kaseya VSA server to start the ransomware attack and deliver a ransom note to downstream customers. They then removed logs and other forensic evidence to cover their tracks.

A more detailed technical breakdown is available at TrueSec.

Why were some Kaseya customers infected and others were not?

This question is not yet fully answered at this point, and more forensic details may still need to be shared from the impacted MSPs with Kaseya, law enforcement, and various security firms that are involved in this incident.

From what we can tell, customers utilizing multiple layers of protection were better protected against this attack. For example, Coretelligent uses perimeter firewalls, DNS filtering, geo-blocking, multi-factor authentication, and other security controls to protect our VSA servers. This practice, commonly referred to as defense in depth, provides multiple hurdles for an attacker to bypass, making for a more challenging target to crack.  This approach may encourage the attacker to move on and works to protect Coretelligent and its customers.

Additionally, it should be noted that only premises customers, meaning those with on-premise VSA servers, were impacted.

Is it safe to use Kaseya now that it has been patched?

YES—our Kaseya VSA environment is safe and secured for use. Coretelligent successfully applied version 9.5.7.a patch, which resolved multiple security vulnerabilities in the product and has made all the necessary configuration adjustments and security recommendations to our Kaseya VSA servers as of July 13th.

Kaseya Help Desk Resources:

Our VSA servers continue to be protected by multiple security layers and restrictions, along with comprehensive security monitoring and alerting, which we believe will continue to keep our environment protected and secure.

Will Coretelligent continue to use Kaseya for Remote Monitoring and Management (RMM)?

Coretelligent will undergo a careful forensic review of this experience and decide whether to continue with Kaseya for remote monitoring and management or switch to a different vendor platform. In the interest of full transparency, we will communicate our decision with you, our customers, and provide background and justification about our decision.

How can we reduce the risk of this kind of supply chain attack?

Partnering with a tested, transparent, and expert managed service provider like Coretelligent is your best defense against ransomware and other cyberattacks. We offer best-in-class services covering a full range of technology needs with specialized expertise in cybersecurity.

What is the official response and guidance from the U.S. government?

The Deputy National Security Advisor Anne Neuberger has provided regular updates about the Kaseya ransomware attack and law enforcement is continuing its investigations to safeguard critical infrastructure and prevent future incidents. In an early statement about the attack, she remarked that President Joe Biden had “directed the full resources of the government to investigate this incident.”

Additionally, the Cybersecurity Infrastructure Security Agency, one of the federal agencies tasked with protecting U.S. assets, released a CISA guidance advisory which included a multitude of recommendations for hardening IT systems, including:

  • Using authentication process controls, like multi-factor authentication, the use of which might have saved the Colonial Pipeline from getting hacked.
  • Adhere to best practices for password and permission management
  • Regularly update software and operating systems
  • Employ a backup solution to automatically and continuously back up critical data and systems. Store backups in an easily retrievable location that is air-gapped from the organizational network.

Comprehensive Cybersecurity Protection

For more recommendations and information about how Coretelligent’s cybersecurity practices and solutions can protect your organization from incidents like the Kaseya ransomware attack, reach out to schedule your complimentary initial consultation. Coretelligent also offers expertise working with specific industries that have cybersecurity compliance requirements like financial services, life sciences, real estate investment, and others.


Think About It with Chris Messer, CTO

Chris Messer, Chief Technology Officer at CoretelligentAs Chief Technology Officer, Chris Messer is a transformational and strategic IT leader who establishes and leads Coretelligent’s technical vision and technological development. Chris shares a post each month called Think About It.

Click here to learn more about Chris.