The other day someone tried to break into my apartment. The person barely managed to get through my room, he was only in for about 3-5 minutes, and heard me enter, when he ran into my balcony and escaped. The incident shocked me and made me reconsider an advanced security system at home.
Security is part of our life now, we need to practice healthy security whether it is physical or your critical infrastructure. You never know when something bad can happen to you. Like the saying goes “It’s when you least expect it”.
Let’s take scenarios on how security plays a part in two organisations:
Case 1: You might be a business that is not too concerned about security and you might have just done a quick scan or may have carried out a pen-test two years ago thinking ‘yea that should be good enough’.
There is a chance you might not have put aside a budget for security thinking it’s a huge investment. Now, that’s where things get messy because hackers are focused on the weaker targets.
Solution: Good news is, if you have conducted a pen test or a quick scan, you are on the right track but you have a long way to go. To make it easy, contact a third party provider to help you plan your security stages for the year.
The service most business consider to start with is a cyber-security risk assessment, which literally identifies and prioritizes the risks you face from high to low. We highly recommend you do the assessment. It will be worth every cent.
Case 2: You might be a business who is afraid of a breach, so you have decided to take the umbrella route, which is to carry out all security practices, now you’ve exhausted your budget and you are absolutely certain that your business is 100% secure.
The truth is there is never a business that is 100% secure.
Here is why-
Have a look at all the companies that had a breach in the last 12 months?
They had a security team, maybe even third party vendors working with them and they followed best practices. What was that one security gap the hacker found?
Solution: If you have invested heavily in security, we do not need to preach any further. Consider the following set of services, if you have not looked at it yet:
Red Team Pen Testing- This kind of testing is more scenario driven and is heavily focused on advanced persistent threats. For eg; exploiting lost laptops, compromised DMZ hosts or unauthorized devices connected to internal network. The value that this engagement brings is you understand if your organisation can detect and respond to real world attacks.
Managed Endpoint Detect and Respond (EDR)- Most advanced threats start on the endpoint. With Managed EDR solutions, you get to detect and assess any suspicious activity on the network of your endpoints. EDR solutions are best suited for a proactive cyber security approach.
CISO as a service– Shortage of skills make it harder for many businesses. You need a whole team of experienced and highly skilled experts working with you and that is where we come in. We have a pool of resources you can choose from that best suit your needs.
Download our Security Roadmap for 2020.
If you are looking for an Information security consultant, you have come to the right place. Speak to our subject-matter experts to stay ahead of the security surface. We provide end-to-end security solutions that will protect your business from an attack. Contact Us to discuss your unique requirement.