Strategic/tactical, executive level training placing cybersecurity in the context of your corporate cyber strategy (Public-Private Cloud, Virtualization, SDN, Big Data, DevOPS, Bring Own Device, Automation, Managed Services, etc). An effective cybersecurity program reduces corporate risk and improves business resiliency (BC/DR). Half and full day sessions available along with regular followup briefings.
Small and medium sized businesses face the same cybersecurity risks as large enterprises, but are usually without dedicated Chief Information Security Officer (CISO) resources. Larger corporation Board of Director Audit Committees may want an independent cybersecurity technical resource during audit times, but can't justify a full-time headcount. Ash Grove Cyber can fill the void, meeting your part-time or seasonal needs.
Failed cybersecurity audits have consequences for leaders and organizations. Though compliance with requirements and controls is only part of the picture, a governance program in line with a comprehensive cybersecurity framework provides a necessary "due-diligence" foundation. Let us help you proactively identify, fix and appropriately document controls/processes before the auditors arrive.
Before entering a business relationship with another entity, you need to ensure that that their cybersecurity program: (#1) exists, (#2) is effectively implemented, and (#3) is in line with your company's requirements. These Due Care and Due Diligence Reviews need experts who ask the right questions and request followup when unclear responses are received. It's better to go in to "Day One" with a remediation plan than to discover on "Day 31" that you have an expensive mess on your hands.
Oldtime baseball stadium vendors used to yell, "You can't tell the players without a scorecard!" For us, you can't start to do cybersecurity until you've established an accurate inventory of servers, workstations, routers/switches/firewalls, appliances, applications, scripts, databases, tools, etc. The next step is keeping track of the hardware, firmware, software versions as well as standard and node specific configuration details.But before you begin collecting inventories and configurations, you need to figure out which content management database to use. If you have anything more than a few nodes/endpoints, you'll also want to automate ongoing data collection to keep information current.
Even good passwords are a weak link if they are compromised through a phishing attack. Let us help you implement multi-factor authentication and other controls to help secure your network.
Cybersecurity threats are constantly evolving. What was “safe” yesterday may be a new attack vector today. One of the most effective ways to prevent breaches is to keep Operating Systems updated and devices patched. Figuring out what needs to be patched with what version requires time consuming research. System Admins typically are short on time so your MSSP can do most of the leg work and can design tests which ensure that the new patch won’t break your application. An MSSP can also keep you informed about end of life dates for devices so replacements can be planned into budget cycles. Ash Grove Cyber can also take over management of your Firewalls and Demilitarized Zones (DMZ).
Log files are essesntial for cybersecurity event detection and can also help operations teams assess the health of their networks. In order to be effective, nodes must be capable of generating logs, logs must be turned on, set to the proper level of detail, protected from tampering and the logs must be auto-transfered to a repository to facilitate analysis and free up space on the node. There should never be any question about node access attempts, script runtimes, elevated privilege commands, configuration changes, alarms, etc.
When properly configured, computer networks and devices produce and store a lot of information in log files useful for assessing system health and determining what nodes and data were accessed. After a system breach or outage, these log files often reveal that problems go back weeks or months. For example, problems with a backup device might not be noticed until primary device failure and a full outage occurred. In other cases, a hack might cause your company’s proprietary data to be sent slowly out of the network to avoid detection. The role of a SIEM (Security Information and Event Management) system is to automatically collect the log data, analyze it according to a rule sets, and notify the 24x7 Security/Network Operations Center (SOC/NOC) so that actions can be initiated in accordance with your Service Level Agreement (SLA). Tier 2 & 3 technical teams also study the data stored in the SIEM to identify new rule sets needed to adjust to changing conditions. Ash Grove Cyber’s SOC/NOC will be opening in June 2019.
Denial of Service Attack? Ransomeware? Data Breach? Loss of Power or Conectivity? Fire Destroys Your Building? You need a plan that addresses Business Continuity and Disaster Recovery whether it is a cyber event or a natural disaster. The plan must identify risks and responses and be kept up to date. We can help integrate cyber risks into your existing plan or work with your team to develop and test a full scope plan from scratch. The key is Business Resiliency. It may not be cost effective to have a full "hot standby" alternate facility, but failure to have system recovery files and essential data backups offsite is a mistake.
All the best cyber security technology can be defeated by a human making a bad decision or not following processes. In depth cyber security training, as well as ongoing awareness reminders, are an essential part of your cyber defense. Ash Grove Cyber can provide training and even do email phishing tests to assess how well your team members are protecting your network.
Ash Grove Cyber LLC
3000 Atrium Way, Suite 212
Mt. Laurel, NJ 08054