Training is a critical component of a comprehensive cybersecurity program. As the cybersecurity environment is continuously changing, we recommend a two-step approach.

Step One involves the targeted, electronic delivery of mini-training modules, every four-to-six weeks. These short modules typically take ten minutes or less to complete. They’re designed to highlight current attacks and recommend a response to the illustrated threat. The attacks are explained in an easy-to-understand format, with a bare minimum of technical jargon. Each module presents several, multiple-choice questions to ensure that the trainee has a firm grasp of the topic. The continuous “drip” nature of this timely information is important to keeping cybersecurity concerns at the forefront.

Step Two involves the distribution of periodic phishing emails. The emails consist of general phishing, spear phishing, and highly-targeted “whaling.” Anyone found susceptible by clicking on those specially-crafted attachments or links will be immediately taken to an online refresher course to be trained how to spot fraudulent emails.

We monitor your systems’ security health on a daily basis. This includes determining if security patches are available, ensuring that your anti-virus software is up-to-date, and reporting on the status of your disk encryption.

Our monitoring software also detects changes to your system. If we detect changes that appear to increase your risk, we will contact you to discuss why the change occurred, what the nature of the risk is, and whether it is acceptable to you.

In addition to monitoring changes, the software records system events. This information can be useful during event investigation or to proactively hunt for threats.

Knowing what the world sees from your front door to the internet is important. Our Public IP Monitoring scans your static IP address daily to detect configuration changes. For example, if we see new ports open to the internet, we contact you to verify the changes were intentional and explain any potential risk the change may create. We don't want your network exposed because the Tech installing your new copier decided to expose it to the internet. We recommend a static IP address, but if you have a dynamic IP address, we will coordinate with you to perform periodic scans.

Knowing where sensitive information is stored and who has access to it is a critical part of managing risk. This may be information you are storing locally, it may be information you are storing in the cloud, or it can be information stored on your behalf by a third party. The inventory will allow you to easily track how information is backed up, how it’s being secured, what third parties are being utilized, and which of your staff members have access. The final component is especially valuable as you review access annually as your policy should require you to do. It is also valuable during personnel changes to ensure access is promptly revoked for terminated employees.

The cybersecurity landscape is constantly evolving. Cyber attackers change their methods and tactics in response to our defenses. The regulatory environment will continue to focus on cybersecurity and risk management. Your Security program must be able to adapt to this. We constantly monitor the threat landscape and, if needed, work with you to modify your policies and procedures. We also meet with you on an annual basis to review your cybersecurity program, discuss how well it performed, and determine potential areas for improvement.

In addition, to help keep you safe, the cybersecurity program outlined above will help you demonstrate to both your clients and the regulatory bodies that you have a formal, comprehensive, well-conceived, and well-executed security program in place.