CyVent

Recent Posts

How To Build An Effective Endpoint Security Policy And Prevent Cyberattacks

Posted by CyVent on Jul 18, 2022

How To Build An Effective Endpoint Security Policy And Prevent Cyberattacks

Endpoint protection is one of the central elements of any cybersecurity strategy. Many experts consider endpoints to be one of the weakest security link within an enterprise, giving hackers easy access to an organization's data. In fact, 51% of IT professionals consider their organizations ineffective at surfacing threats because their endpoint security solutions are not effective at detecting advanced attacks. So we’ve pulled together everything you need to know to ensure you can build an effective endpoint security policy.

In this article, you will discover:

Why do Endpoints Matter?

An endpoint is any physical device that connects a user to a network. Examples of endpoints include computers, tablets, smartphones, smartwatches, servers, printers, and scanners, among others. 

Many companies overlook the breadth of endpoints. It is common to see companies install endpoint protection systems on their corporate computers, but they may omit the many other devices, including IoT.

With the increase in remote work, the number of endpoints has grown and made it more difficult for managers to track them. According to the report Take A Proactive Approach To Endpoint Security, 76% of IT security decision-makers indicated their firm’s use of endpoint devices increased since the beginning of the COVID-19 pandemic. The same report indicates that 66% of respondents believe securing modern business environments requires a proactive approach to endpoint resilience.

To make matters worse, there are still other data indicating that many companies do not provide the devices to their employees, making it even more difficult to control the endpoints. According to SailPoint, in 2020 1 in 3 U.S. employees (33%) stated that they use their own computer and smartphone to enable remote work, while only 17% use a computer and smartphone owned by their employer.

An endpoint policy will establish security parameters that all devices connected to the company's network must follow. In addition, it offers managers a centralized console where they can access the corporate network to monitor, investigate and act on incidents.

CYV_linkedin_quote_v4

3 Critical Endpoint Security Challenges:

 

1. New Devices, New Threats

With the evolution of technologies, new gadgets are often invented and popularized. The problem is that most of the time manufacturers are not concerned with security devices. Often the protection of these devices is weak and they become an easy target for hackers.

 

2. Endpoint Repairs Policy

Repairs are also an area that deserves attention from the company. When going to repair, gadgets can often be accessed by malicious agents, or become vulnerable to hacker attacks. A policy for managing items in need of repair is also important.

 

3. Limited Access

The company needs to have a strict policy regarding endpoints that have access to business data. Only gadgets that have been verified and configured with the security policies of the business can have access to the system. Otherwise, the endpoint security policy is at risk.

 

Endpoint Security Needs To Be Aligned With the Company's Global Cybersecurity Strategy

Endpoint security must be combined with other cybersecurity strategies, such as network security. It's important to remember that endpoint security is not the same thing as antivirus. 

Antivirus is one component of an endpoint security strategy, which is made up of many other elements. Antivirus has the mission to protect the endpoint itself, be it a computer or a smartphone. Whereas Endpoint Security's mission is to protect the entire network, which is interconnected. To combat threats, you need to invest in a holistic approach to security.

 

The 6 Critical Elements You Need For An Effective Endpoint Strategy

1. Keep Operating Systems Up To Date

Keeping device systems up to date is a simple task, but it makes a difference for a security policy. Updates fix system weaknesses and flaws that can lead to major vulnerabilities. This is true even for non-traditional endpoints, such as smart devices and sensors.

 

2. Use The Principle of Least Privilege

Restricting server access is also a good alternative to protecting the network that connects the endpoints. Employees should have access to basic servers, accessing servers with more important information only when necessary.

 

3. Using a Virtual Private Network (VPN)

In addition to controlling access, managers can limit access to important information through a private network or VPN, ensuring information privacy.

 

4. Attention To All Existing Threats

No matter the type of threat: malware, phishing, social engineering… The Endpoint Security policy must protect all potential threats that could interfere with the internal network. Therefore, the security policy must provide for constant updating, to always be aware of new threats.

 

5. Controlled Tests

Sending controlled tests allows you to identify the extent to which your company is susceptible to attacks. In addition, fictitious attacks give clues to where the biggest vulnerabilities are and which aspects of cybersecurity the company should strengthen.

 

6. Qualified And Constant Training of Employees

Keeping employees trained and on the lookout is critical to ensuring a functional end-to-end cybersecurity strategy. Attacks by criminals are increasingly sophisticated. Users need to know the importance of following Endpoint Security and not connecting personal devices to corporate networks. 

 

Conclusion

Endpoints remain a weak point for most companies, especially with the increase in remote work. This makes it even more difficult for IT professionals to control the behavior of their employees. 

This article has highlighted the key challenges related to endpoints, including the emergence of new devices, the device repair policy, and user access control. To effectively combat all risks, the endpoint security policy must be aligned with the company's other cybersecurity strategies to cover all potential risks.

Although endpoint control is essential for an effective cybersecurity policy, more than half of  organizations lack in-house expertise and resources around endpoint protection. If this is the case for your business, CyVent experts are on hand to assist in the diagnosis, strategy, and implementation of an endpoint security policy for your business.

 

If you want more information, book a call on  https://www.cyvent.com/assess-company-cyber-threats/ 

CYV_banner_1_alt-1

 

Cyber Security for SMB

Posted by CyVent on Apr 7, 2022

Cyvent Cyber Security Solutions

Many small and medium-sized businesses (SMBs) are still unaware of the dangers of cyberattacks. Executives believe that because they are a small company, they won't get the attention of hackers and criminals. After all, they are interested in valuable data and in targeting multi-million dollar companies, who can pay a multi-million ransom, right? Yes. However, it is not just that.

According to the 2020 Data Breach Investigations Report, 28% of data breaches in 2020 involved small businesses. The report Underserved and Unprepared: The State of SMB Cyber ​​Security in 2019 showed that 80% of SMBs were worried that they will be the target of a cyber attack in the next six months. According to another report, Cost of a Data Breach Report 2021, 287 days is the average time needed to identify and contain data breaches. Small businesses do not often have that much time.

The lack of specialized resources, equipment, and software to combat cyberattacks is compounded by the lack of qualified staff to properly manage cybersecurity.

Why do small and medium businesses suffer from cyberattacks?

Until recently, there was a myth in the cybersecurity universe: only large companies suffer from the dangers of cyberattacks. In part, this is correct. Large companies are the primary target for hackers because they have more money and more valuable data.

Still, smaller companies are more susceptible to attacks and, therefore, become easy targets. Many cybercriminals shoot without aiming and end up hitting companies with weak protections. The result can be disastrous.

Especially after the pandemic, the need to invest in cybersecurity is becoming more evident. After all, just like large companies, small and medium companies had to deal with remote work. The Check Point report indicated that 76.5% have adopted the hybrid work style while 15% more support some kind of remote work. This means that the company lost control over the daily lives of its employees and expanded the number of endpoints.

What are the main security threats that SMBs face?

The main threats that small and medium-sized companies face are the same as those faced by large companies. According to the Check Point report the top four security threats SMBs experience include:

  • Phishing Attacks (#1 threat at 90%)
  • Malware (68%)
  • Credential Theft (43%)
  • Ransomware (38%) 

In addition to the attack itself, this type of problem has other consequences that can drag on for weeks or months. The company suffers from system downtime, financial losses, destabilization of employees, and damage to the brand. Moreover, cybercriminals may also gain access to:

  • Bank information
  • customer list
  • Expansion plans
  • Industrial processes
  • Confidential product information

How can small and medium businesses defend themselves against cyberattacks?

In addition to investing in structure, technology, and human resources, good cybersecurity also depends on the company's culture and daily actions aimed at preventing attacks. Here are some recommendations for making your SMB more secure:

Train your employees

Education and organizational culture have never been more important in fighting cyberattacks, especially when it comes to top employees, as they are often the weakest link. Phishing attacks are growing every day and are one of the most common ways hackers get into company systems. More and more, a cybersecurity educational program, using online-learning tools, is a must-have.

Haven Cyber Defense

 

Do a risk assessment

Being aware of the risks your company runs is essential to understanding the best actions to take. Through a qualified assessment, managers will be able to understand exactly what the weaknesses of their operations are, who has access to privileged data, and also where the most important information for the company is stored.

Invest in software and keep it up to date

After a careful look at the organization's risks, it becomes easier to identify which system can meet the cybersecurity needs of the business. There are many great options in today's market that offer complete protection, allowing for continual updates, at an affordable price.

CyVent proudly offers Haven by Corvid Cyberdefense. Haven™ is a managed protection, detection, and response solution made for businesses of all sizes, providing enterprise-class security protection, along with controls, management, and monitoring options.

CyVent Resources

As an answer to those challenges, Haven™ provides an adaptive, preventive security platform service solution featuring:

  • Endpoint Security
  • Email Security
  • Network Security
  • Vulnerability Scanning
  • Employee Awareness Training
  • 24/7/365 Security Operations Center for Detection and Response

Is Cyber Security Protection Expensive?

Cybersecurity protection can be costly, especially when it comes to multiple endpoints. Those expenses include employee training, specialized contractors, specialized software, and regular updates.

The good news is that effective cybersecurity is not just for large businesses. Haven offers a powerful product for small and medium-sized businesses. Delivered as an affordable, monthly service, with consulting from CyVent allows for complete protection and support in all of your cybersecurity needs. Having peace of mind when it comes to cybersecurity should be for all businesses.

CyVent Cyber Security Solutions

See more and schedule some time to speak with one of our experts: https://www.cyvent.com/products

5 tips for choosing the best MSSP for your company

Posted by CyVent on Feb 14, 2022

In running a business, focus is critical. The list of responsibilities for an executive tends to be quite lengthy. Therefore, the more tasks you can delegate to professionals or specialized companies, the more you’ll begin to notice the productivity and performance of the company improve.

With cybersecurity, this is no different. A Managed Security Services Provider (MSSP) is a provider that performs the strategy, planning, and execution of part or all of a company's security operation, through outsourcing.

What does an MSSP do?

Some of the traditional services of an MSSP provide:
  • Enabling you to ensure 24/7/365 monitoring for a fraction of the cost of building your own staff
  • Pre-emptive screening for emerging threat
  • Endpoint security
  • Employee awareness training
  • Neutralization of threats
  • And more

The list of responsibilities is huge, as it involves training, updating hardware and software, in addition to monitoring potential threats. Services are customized according to the needs of each company and its segment of activity.

Hiring an MSSP is an important decision. Therefore, crucial factors need to be taken into account. In this post, we have selected 5 tips to help you choose the best MSSP.

5 tips to choose the best MSSP for your company

 

1. Expertise and Flexibility

The cybersecurity market changes fast. Every day, new threats and opportunities are disclosed. For example, 46,000 new phishing sites are created every week.

Expertise and Flexibility

Having an MSSP that is responsive and flexible to change is critical to ensuring good performance. Go beyond glitzy marketing materials and probe the fundamentals:

  • Make sure they provide a true SaaS service that doesn’t tie you down to a multi-year commitment but rather offers you an exit clause for your convenience. 
  • Understand their level of maturity, their Service Level Agreements,  and compliance with the main security standards such as NIST, ISO, GDPR, CMMC, etc. 
  • Check where their Security Operations Center is located and how well protected it is. 
  • Evaluate the company's responses to recent threats as well as its contingency plans to address urgent issues.

2. Check the credentials of the professionals involved with the company you’re considering

A skilled and experienced team makes all the difference when it comes to identifying needs, preventing, and also fighting cyberattacks. Therefore, it is essential that the chosen company has a qualified team, with certified professionals, low turnover, and a lot of experience. One of the most efficient ways to attest to this is through a professional profile on LinkedIn.

Evaluate the profiles of the professionals involved, see the professional experiences and also the testimonials left by co-workers. Make sure you’ll have direct access to Subject Matter Experts for each service they provide.

At CyVent, we like to keep our directors' Linkedin profiles open. You can access them at this link: https://www.cyvent.com/#team

3. Evaluate the frequency and quality of reports delivered

Evaluate the frequency and quality of reports delivered

Geoffrey Moore has a quote that says: “Without big data analytics, companies are blind and deaf, wandering out onto the web like deer on a freeway”. In fact, the data brings clarity about the real situation of the business, which are the main threats, and which points deserve attention. This guides decisions and makes them more assertive.


A good MSSP provides periodic and complete reports with data and analysis and recommendations that are really relevant to business executives. This is an important aspect that must be evaluated before hiring. Request a view of these reports and understand how the MSSP can help you manage your business.

4. Make your main goals clear and ask for references

When contacting a vendor, make your expectations and priorities clear regarding the company's cybersecurity. Below are some of the most common concerns of cyber leaders:

Make your main goals clear and ask for references

Understanding the business objectives and the characteristics of the company, the MSSP is better able to offer references that are assertive so that the client can identify whether the work performed is compatible with expectations.

A good analytical tool is case studies. Review case studies of companies related to your industry to gather more information to help with decision-making.

5. Ask for a list of their IT providers

We know that one of the main sources of vulnerabilities is supplier relationships. According to the Global Cybersecurity Outlook 2022 report, 39% of organizations have been affected by a third-party cyber incident in the past two years.

Therefore, being aware of the third-party risk involved in the transaction is important. A tip is to request the list of the main IT providers involved and also the certification processes for choosing business partners.

If possible, perform a risk assessment. CyVent works with RiskRecon to offerup-to-date and reliable reports that help you analyze, control, monitor, and reduce cyber risks associated with third-party vendors.

Ask for a list of their IT providers


Make a choice and transition calmly

 

Installing or transitioning an MSSP is a delicate operation that involves the transfer of important data and can leave gaps. The best way to deal with problems is to assume that they can happen and work out an action plan to minimize their consequences. So the more time you have to do the research, hiring, and actual installation, the better.

If you are considering switching MSSPs, do so calmly. Allow a few months before the end of the contract to go to another supplier and calmly research everything.

Remember: more than notifying you when there is a threat, a good MSSP should take a proactive stance, analyzing the company to identify points of vulnerability and helping executives combat those weaknesses and strengthen their strengths.

About CyVent:

CyVent is a leading cybersecurity services and consulting company that leverages true deep learning, offering a unique-effective suite of products and services designed to enhance and strengthen your cybersecurity infrastructure. CyVent’s cutting edge, AI-driven solutions help organizations transition from the classic remediation approach to security to a more pre-emptive posture which ultimately increases prevention, decreases times-to-resolution, and automates cybersecurity operations. For more information, please visit: https://www.cyvent.com


 

How to Select a Managed Security Services Provider for Your Business?

Posted by CyVent on Jul 26, 2021

Understanding that data is the new oil, security measures are not just a good idea, but a must have to keep organizations and sensitive information safe. Managed Security Services Providers (MSSP) offer remote monitoring and management of IT security functions delivered via shared services from remote security operations centers.
Does your organization consider hiring and working with a MSSP?

Hiring a MSSP can bring great benefits to your organization, since it offers trained staff to deal with the daily-basis security issues. You may want to hire a MSSP for numerous reasons such as:

  • restricted IT budgets
  • not having an IT Security team
  • avoiding the herculean job of staying on top of the new and extreme sophisticated cyber threats.

How to evaluate and choose a MSSP?

 

Cyber Security is hard work, and choosing a MSSP is a delicate balance. Below you can find 5 points that will help you and make this important decision easier.

1. Are they qualified?

This is a crucial point. You must evaluate the qualifications of the MSSP and their technical team. Make sure that the MSSP has plenty of experience in your work field and certifications.


2. What should they offer?
Hiring a MSSP who offers a multi-layer security system is paramount. Make sure they offer the following protections:

  • Identify vulnerabilities consistently by routinely scanning the footprint in order to identify potential security gaps and fix them;
  • Network security with next-gen firewalls, threat prevention and detection (IPS/IDS);
  • Endpoint protection with the most advanced AI Driven capabilities;
  • Security Operations Center (SOC) working around the clock - 24/7/365;
  • Block malicious and phishing emails;
  • Training users regularly to identify phishing and raising the awareness of Cybersecurity in your organization.
3. How do they handle your data?

It is important to understand where your sensitive data is stored. How do they handle it? Be assured the MSSP takes data protection seriously and that they understand the data regulations involved. The ideal MSSP provider will safely store your data and make sure it can not be commingled with the data of other companies to whom they provide services.


4. Can they provide a leading-edge cybersecurity service?

Security threats are becoming more complex and sophisticated and MSSP providers should upgrade their footprint to provide leading-edge protection. At CyVent, we are pleased in offering Haven, from Corvid Cyberdefense.

5. What are their references?

As a matter of fact, Corvid Cyberdefense team is a Military-grade cyber security company with the best professionals in its field and they service the U.S. Department of Defense (DoD).

 

See more and schedule some time to speak with one of our experts: https://www.cyvent.com/products

 

What is third-party risk and how to mitigate it?

Posted by CyVent on Apr 15, 2021

The rapid increase in digital third-party relationships contributes to escalated cyber risk. With service outsourcing, companies need to grant access to the system to partners or organization’s supply-chain, which puts confidential business information, financial transactions and sensitive employee and customer data at risk.

The problem is not new , Target is just one of countless examples. In 2013, Target’s security breach occurred from e-mails sent to Fazio Mechanical, one of the companies affiliated with Target, that lead to the leak of 70 million customer data and 40 million bank information. Year after year, companies are exposed to more risks from their business relationships, weakened by poor safety standards of other companies.

According to the Ninth Annual Cost of Cybercrime Study (Accenture, 2019),
61% of organizations have experienced an IoT security incident and 67% observed an increase in security breaches in the last five years. Another shocking fact is that over half of all companies have experienced a third-party breach yet only 16% are able to mitigate those risks (Ponemon Institute. Data Risk in the Third-Party Ecosystem. 2018).

CYV_banner_RR_v2_CYV_Post_2_LK

This type of threat is not always malicious. Most of the time, it is caused by negligent behavior. According to a recent report conducted by the Ponemon Institute, negligent behavior is the most costly to companies annually, even though its cost per incident is lower. On the other hand, criminal behavior is less frequent, although it costs approximately 3x more per incident.

The problem involves the entire company, since relations with third parties are present in services that involve logistics, sales, customer support, marketing, among many others. In addition, each company has a partner management model. Thus, the solution needs to be adaptable to different realities.

How to manage your business relationships securely?


In order to avoid commercial relations problems with third parties, the company needs to adopt strict security standards, which involve the choice of its partners and their cyber security management. Compliance and security standards must also be extended to third-party companies.

The Ponemon Institute's “Data Risk in the Third-Party Ecosystem” analyzed companies that were successful in avoiding the third-party data breach and named best practices to reduce incidence of third-party data breaches:

* Evaluation of the security and privacy practices of all third parties
* An inventory of all third parties with whom you share information
* Frequent review of third-party management policies and programs
* Third party notification when data is shared with Nth parties
* Oversight by the board of directors

To meet these protocols effectively, we need to have the support of technology. There are currently several tools on the market that offer risk analysis and protection from third parties. The challenge, however, is to find the most complete and adapted tool to the needs of your company.

At CyVent, we are confident to appoint RiskRecon, a Mastercard company. It’s the only solution that automatically provides risk prioritization and continuous monitoring.

Why choose RiskRecon?


We are thrilled to be RiskRecon partners. RiskRecon automatically collects security information from vendors, partners and your own enterprise to help you understand how well each organization manages their digital footprint.

CYV_Post_3_LK

 

It provides risk-prioritized ratings based on issue severity and the system value at risk. The platform data is independently certified to be 99.1% accurate. The accuracy is achieved by a combination of patent-pending machine learning automation and analyst quality control.
The system evaluates over 40 security criteria across 9 domains. The impact of all vulnerabilities is analyzed to produce a cyber risk score.

There’s a direct correlation between RiskRecon scores and actual data breaches. Based on a sample of 46,000 Companies, entities with a score of “C” experience a 3x higher frequency of breaches than those with a score of “A”.

All assessment details are visible to you and your vendors, and RiskRecon provides a report that includes a summary of your organization's current cybersecurity posture at no additional fee. In addition, the platform automatically produces action plans to highlight only issues that exceed your company’s risk policy.

With all this information, you can easily keep your business secure from businesses that aren’t. It allows you to select new vendors faster, prioritize your third-party assessments based on RiskRecon-rated vendor performance, focus your vendor assessments on areas where you know they violate your risk requirements, improve your M&A analysis and more.

See more and schedule some time to speak with one of our experts: https://www.cyvent.com/en-us/prevent-your-company-from-third-party-risk-with-riskrecon

Calculating ROI for Your Cybersecurity Project: How to Choose the Right Security Tools

Posted by CyVent on Feb 22, 2019

CyVent Cybersecurity ROICISOs and Board members face a balancing act as they look to build out strong security programs. What tools are truly worth the investment versus the costs of a damaging cyber attack? Though well-known, the potential repercussions of a data breach are still alarming. By some estimates, cybercrime damages were set to reach $6 trillion by 2021.

For both CISOs and Board members a thorough cybersecurity strategy is a critical way to address risk and promote business health and longevity. The risks at stake, in addition to regulatory scrutiny as well as compliance concerns - think GDPR - are motivating Boards to take a closer look, and they’re turning to CISOs for insight. The challenge for CISOs is selecting the best tools from a sea of offerings, and then working with the Board and senior execs to deploy them within the organization.

By calculating cybersecurity ROI, CISOs can quantify the value of a new security project to Board members, demonstrate how it aligns with the business’ overall strategic goals, and foster faster decision-making.

Calculating ROI for Cybersecurity

At a basic level, one way of calculating cybersecurity ROI involves taking the average cost of an incident and multiplying that number by how many incidents a business might experience in a given time frame. With an approximation of potential costs, companies can then assess whether the price of the solution and the reduction in incidents it will bring is worth the investment.

Of course, there are many more factors that come into play, which is why calculating cybersecurity ROI is notoriously challenging. The equation also has to represent issues at stake beyond dollars and cents, including potential loss of intellectual property, loss of reputation, and business disruption. There are numerous formulas for calculating cybersecurity ROI, and much research has been done on the subject. How to Measure Anything in Cybersecurity Risk by Douglas W. Hubbard and Richard Seiersen is a highly-recommended resource for an in-depth exploration.

The bottom line is that breaches are expensive. Calculating cybersecurity ROI starts a conversation about whether investing upfront to prevent a major disruption outweighs the small probability of a significant breach and its ensuing costs.

Benefits of Calculating Cybersecurity ROI

CISOs and boards benefit from calculating cybersecurity ROI as it helps them determine the value of an offering for their unique security environment. Many organizations already have upwards of twenty cyber tools in place. Why invest in another? Vendors regularly contact CISOs with solutions claiming to be the answer for new and emerging attack methods. Once the technical due diligence is done, determining ROI gives CISOs a method for evaluating a product, prioritizing among different options, determining what level of peace of mind it will bring, and what problems it will solve.

The next step for CISOs is to communicate their rationale to the board. Executives feel a growing responsibility for cybersecurity decisions, with regulatory, reputational, and business risk weighing heavily on their minds. The CISO’s voice is critical for communicating the reality of cyber risk and providing the leadership team with the information they need to make informed cybersecurity decisions. CISOs understand the board’s motivations and concerns and dedicate more time to craft a message that clearly articulates how cybersecurity fits into overall business strategy.

Embracing Security Tools with Proven ROI

No single cybersecurity solution can solve all of an organization’s security challenges. A layered approach is the best way to defend the entire attack surface. Recent advances in cybersecurity technology do offer powerful ROI and are resolving some of security professionals’ biggest challenges: the sheer volume and sophistication of attacks, the dwell time of many breaches, the high rates of false positives, the resources required for incident response, and the cyber skills gap.

Artificial intelligence (AI) and automation provide some of the highest cost savings opportunities in comparison to other technologies. Overall, AI is extremely adept at reducing the number of security incidents. As attackers begin to adopt AI, organizations that already have AI-based tools in place will be better able to stop them. In the immediate term, the rise of deep learning AI has already started to significantly move the needle towards preemption and the reduction of false positives, allowing security teams to focus on responding to only the most dangerous threats.

Automation streamlines the management of incidents that do penetrate a company’s defenses. When an attack is detected, workflows are already documented and automated, allowing IT teams to be more productive and efficient.

The cybersecurity landscape is truly complex. At CyVent, our mission is to support CISOs as they select and sort through the different offerings on the market. Calculating cybersecurity ROI helps prepare for the coming environment where the fight will be AI vs AI and companies that do not have the appropriate AI talent and tools may be at a disadvantage.

If you have questions about the tools on the market, we’re here with guidance and advice. Get in touch with our team.