Cybersecurity: Why You Need to Detect, Contain, and Remediate, Not Just Prevent

“Most people are starting to realize that there are only two different types of companies in the world: those that have been breached and know it and those that have been breached and don’t know it. Therefore, prevention is not sufficient and you’re going to have to invest in detection because you’re going to want to know what system has been breached as fast as humanly possible so that you can contain and remediate.” – Ted Schlein, venture capitalist in cybersecurity companies

Good news! Recently, we here at Model formed a partnership with Alpine Security, LLC, to help enterprise-sized organizations tackle their growing cybersecurity needs.

Alpine Security, located in O’Fallon, Illinois, provides organizations with world-class cybersecurity services. They are world experts when it comes to detecting, assessing, and managing cybersecurity risks.

We chose this partnership for 3 big reasons:

Reason #1: Prevention is not enough for cybersecurity.

The reality is that the landscape of cybersecurity is changing, and changing fast. Never mind that ransomware attacks grew by 36% last year, or that roughly 230,000 new pieces of malware are created every day. Neither the increase in the number of threats nor the changing face of technology is the problem, though. (Although they do contribute to it).

To see why, consider an analogy: If a security system for your house can keep out one burglar, it can keep out a dozen. No, the problem is that the sheer size of organizations, and the scope of technology, make a complete picture of one’s cybersecurity situation extremely difficult. To expand this analogy: It’s like trying to use a perfectly functional home security system to secure a busy parking garage. Or, more accurately, a city block of parking garages.

In other words, prevention is not enough. As the Schlein quote above says, organizations are going to have to invest in detection, containment, and remediation as well. Because something will happen.

Now consider these research findings:

  • According to legal IT consultants LOGICFORCE, the average employee receives 16 malicious spam or phishing emails per month. In an enterprise with 500 employees, that would mean 8,000 correct identifications of malicious emails would have to happen every month.
  • 78% of people claim to know the risks that come with clicking unknown links in emails, and yet they still end up clicking these links.
  • Many of the malicious emails are set up to steal user credentials to further the extent of a breach. Microsoft estimates that 63% of all network intrusions and data breaches are due to compromised user credentials.
  • In 2018, a full 40% of data breaches are actually data leaks—that is, incidents where information is exposed as the result of a company’s poor internal processes or mistakes. Many of these revolve around use of personal devices, apps, and cloud drives for business tasks.
  • The average single data breach will cost the average company $3.8 million.

In other words, slip-ups are inevitable, and they open the door to further exposure, damage, and loss.

Reason #2: Enterprises need full service.

Alpine Security is well known for its detection capabilities, including penetration testing. Their assessment is objective, and is followed with a project review meeting with the same team that conducted the audit. That meeting reviews all vulnerabilities found, how they were found, and their relative urgency (critical, high, information-only, etc.).

But what about remediation after the fact? And future prevention? That’s where Model comes in. For example, we offer patch management and unified endpoint management solutions that can be used for remediation after testing has uncovered vulnerabilities. We can also get an organization’s infrastructure into shape so that only the appropriate users and endpoints have access to valuable data and resources. Few companies can offer both kinds of service (and for those that do, season reason #3 below).

The two services together—Alpine’s exhaustive reporting and Model’s remediation and automation tools—can make enterprise organizations secure and complaint, and do so quickly and efficiently.

Reason #3: Too many companies have a conflict of interest.

This is why a partnership is the ideal model. Both partners work well with each other, but their responsibility is to the end user.

Companies that offer both kinds of service often have a conflict of interest. There is pressure on the risk assessment side to refer business to the remediation side, and this encourages false detection to sell organizations on solutions. Solutions that, too often, turn out to be unnecessary or ineffective.

What Should Enterprise Organizations Do To Get Started?

Detection is step one. An organization needs to know what its vulnerabilities are, where it has been breached, and where it risks further breaches in the future.

So, organizations wishing to assess their vulnerabilities should contact Alpine directly. We’ll even give you a name: Jim Sundry, Vice President, Sales at Alpine (610-357-0439, jim.sundry@alpinesecurity.com). Tell him Model Technology Solutions sent you.

After your review meeting with Alpine, talk to us about remediation. We’ll also suggest ways you can further tighten your infrastructure and remove many of your vulnerabilities.

When we’re done, we’ll review with Alpine again. If all is clear, you’ll get a full letter of attestation, officially certifying that vulnerabilities have been addressed and that your infrastructure is safe and clear.

By |2019-02-28T10:07:24+00:00February 27th, 2019|Cyber Security, Endpoint Management|0 Comments

About the Author:

steve bowman

Model Technology

Let us help you get your end point and data center strategy on cruise control!  Ask about our Calibration Assessment.

CONTACT US

  • 12125 Woodcrest Executive Drive, Ste. 204 Creve Coeur, MO 63141
  • (314) 254-4138
  • sales@model-technology.com

RECENT TWEETS