Cyber Security

Why you need a Cyber Security assessment.

Did you know that 66% of the companies we have assessed have removable media vulnerabilities?

Most organizations still don’t recognize the threat that removable media and portable devices pose to their organizations. The threat here is twofold - the introduction of malware into corporate systems due to employees bringing in outside portable devices, and the theft/loss of IP, customer PII, and other sensitive records due to employees having access to write to removable media.

59% had no security assessment process in place.

With regard to security assessments, most organizations did not have any way of identifying systems with known vulnerabilities within their organization. Many also reported not having a penetration test done within the last year, if ever.

59% had potential Change Control issues:

As for change control, most organizations don’t have a change control system in place to request and authorize changes. . As for change control, most organizations don’t have a change control system in place to request and authorize changes. They also have no way of detecting changes being introduced to their information systems, whether malicious or accidental. This leaves them blind to potential attacks, and also leads to increased downtime in outages due to not being able to determine what changes may have caused an outage.

59% had software inventory issues:

With regard to software inventory, while most orgs appeared to have ways to identify systems within their networks and felt they had processes in place to handle patching, they did not have a handle on knowing what software was running on their systems. From a security perspective, they did not know what versions of software were running on their systems, meaning they don’t have a way to patch software with known vulnerabilities. This reinforces the need for periodic vulnerability scanning, which would help identify software with known vulnerabilities. They also did not have a way to identify unauthorized software on their networks, which could have both security implications and legal ramifications due to possibly unlicensed software within the enclave.

56% security assessments issues:

Most organizations did not have any way of identifying systems with known vulnerabilities within their organization. Many also reported not having a penetration test done within the last year, if ever.

With regard to security incident response, while most organizations felt people knew who to contact in the event of an incident, they did not have procedures for how to handle an incident and didn’t practice IR drills regularly. As a result, without practice and procedures, the organizations are at risk of extended downtime and losses due to not knowing how to recover and possibly worsening the problem by not having a programmatic approach to problem resolution.

Informational Slide Decks - External Links

Detecting and Preventing the Insider Threat

Detecting Spear Phishing Attacks Using DNS

Will you Be Breached?

You’ve Been Breached - Now What?

Is Your Data Literally Walking Out the Door?

Problems with Parameters

Links

Hardwater Information Security