The Cybersecurity Crowd #4

Russian Cybersecurity Defense Explained

March 27, 2022

Susan Gosselin, a Senior Writer at Integris, sits down with Nick McCourt, a vCISO at Integris, to take an in-depth look into Shields Up. With reports of the Russian government looking into opportunities for increased cyberattacks, what should businesses be focusing on when it comes to their own cybersecurity? Also of interest: a previous episode delving deeper into cyber insurance.

Check out the transcript below and listen along with the embed, Spotify, Apple Podcasts, or find us on your favorite podcast app.

 

Transcript

Introduction

Susan Gosselin: Hello everyone. And welcome to the Integris Helpdesk podcast. I’m Susan Gosselin. I am a solutions writer in Integris marketing, here today with Nick McCourt. He is one of our foremost experts on cybersecurity. He is the man with the plan for our clients, wanted to bring him on today because we have a lot to talk about in the world of cybersecurity.

In case most of you haven’t noticed we are in scary times right now. We are recording this on March 21st. The conflict in Ukraine is raging and there is also this heightened danger of cyber attacks right now. President Biden has come out with a plan called Shields Up, which is a set of recommendations that they’re giving to companies of all sizes and stripes to talk about what they need to do to be prepared against the increased level of cyber attacks that we are having right now.

So that’s what Nick and I are here to talk about today. We want to parse this out with you and get down to the nitty gritty of some of the things you need to be considering as a company as you’re making your cybersecurity investment.

Cyber attack statistics

Susan Gosselin: So with that I just wanted to start off with a couple of scary statistics, right? Not to be too much of a fearmonger about this, but I was just recently looking at some stats that was talking about the level of cyber attacks in 2021 versus 2020. And the number is really startling. Overall, cyber attacks, including denial of service, ransomware, phishing, and spoofing. All the whole umbrella was up by about 105% this year. That is really huge.

And, Nick, I’m wondering as you’re looking at Shields Up and the situation that we’re in right now, how seriously do you think companies need to be taking some of these recommendations that we’re being given?

Nick McCourt: Well, all companies, no matter what size or shape they are, they definitely need to take this very seriously. It doesn’t matter what security layers they have currently, either. It doesn’t matter what level of operational maturity they are, it is very important moving forward.

Shields Up overview

Susan Gosselin: Yeah. So, you know, let’s talk a little bit about Shields Up.

I had a chance to try to look through some of the technical specifications, and I’m not a technical person, but that was okay. Because when I looked at the actual specs that they had in there, they were actually rather general recommendations. I’m wondering if you could give us an overview a little bit about what some of those general recommendations are.

Nick McCourt: Yeah. So overall, the biggest part of that initiative is to make sure that organizations are focusing on heightening their awareness of intrusion attempts. So this means, making sure that they’re doing things like patching and making sure that they have an active vulnerability management program.

It also means active threat hunting, active alerting. Making sure that all of that increases the resilience for their cyber defenses so that it lessens the likelihood of an actual attack that hits and causes either a security incident or becomes actually validated as a breach.

Susan Gosselin: So they’re basically making the recommendation of, you need to have particular kinds of tools that will help you in the event of an attack, but they’re not really getting very specific you need to buy the certain brands or this exact kind of thing.

Multi-factor authentication

Susan Gosselin: So let’s talk a little bit about, specifically some of the things that they’re asking for companies to do. One of the big things that I saw in there was the whole concept of multi-factor authentication, which is, how we sign in for our passwords. And how we make that is no longer acceptable just to say well, I have one password on my email and that’s it.

You really need more than one sign in for everything that you do. Could you explain that little bit?

Nick McCourt: Oh, it comes down to a list of critical assets that each organization should have. Email is almost always a critical asset. In the meantime, you have financial information in a financial system, you have data storage, you have your on-prem VPN connections to different systems that you might have on location, or you might have VPN connections into the cloud.

These all require more than just the password at the end of the day, because passwords can be stolen, and even multi-factor authentication to some extent can be affected. So of course the idea is to really increase that awareness. And then of course increase the number of layers required for somebody to authenticate, to prove themselves.

So MFA’s important. But it’s no longer, it’s no longer good enough to just secure email.

Susan Gosselin: Now, to your point, you’re saying, all right, we have all these different things in our company that have to be secured.

We have all these different things that require passwords. So once you get to a certain size as a company, Just having the two factor authentication on all these different things. It gets to be really difficult to manage. So you need some better kind of umbrella that makes that easier for everyone when they’re traveling in between different systems and programs.

That turns into what kind of a system would that be?

Nick McCourt: Well, that turns into single sign-on or potentially even zero trust. And what you do is you take all of the needs for extra authentication for all these critical assets. And then instead of having all these different applications with all these codes or text messages or anything like that, it’s all distilled down into one code or one password with that code or a token instead of a password, all of that gets put in. And then what that does is that allows the average employee to click a button after authenticating and proving, they are who they say they are. And suddenly they have access, if they’re supposed to, with role-based access.

Yes. You should have access to finance. Yes. You should have access to that email. Yes. You should have access to these files. And we’re able to manage that on a higher level so that it becomes more scalable for an organization that is getting bigger. They need to have something scalable.

Susan Gosselin: And, I think the important thing to remember too about zero trust is that it’s not just when you’re signing into a new program, you’re being authenticated all through the day. It’s counterintuitive, you think the fewer passwords you’ve put in the less safe that would be, but it’s actually the opposite of that because of the way the zero trust systems work.

So definitely something that people need to be looking at. So as your company grows, the nature and style of multifactor authentication that you’re using will change. And that’s something you need to be thinking about it, at all parts of your journey. Right?

Cloud-based offsite backup

Susan Gosselin: Let’s talk a little bit about backup.

Now. This is a really tricky situation for a lot of companies, right? Because so many times we hear. Hey, I’ve got backup covered. I’ve got backup going to my servers and my server room. I have a backup server in our server room, so we’re covered. But one of the things that we’re really seeing in Shields Up is they’re recommending that every company consider getting cloud-based offsite backup.

What does that do for your organization? What does that prevent specifically?

Nick McCourt: Backups, if done right, prevent total loss. Backups cover so many different items, right? They cover incident response, they cover business continuity, they cover risk, they cover compliance requirements.

There’s so many different things that backups do. At the end of the day, probably one of the most important parts is they really cover you if you lose everything. Whether it’s ransomware or a natural disaster or anything in between.

Susan Gosselin: Right. So let’s talk about how that plays out, right? So let’s say I’m a midsize company, I’ve got a cloud-based system offsite. So if there’s a big rainstorm, or my sprinklers come on, or we have a big power outage. My main system might be down, but my backup is still out there. So you can theoretically take all of that information.

Have it downloaded in a period of minutes, and you’ve got backup. You’re back in business. You’ve only been out for a few minutes instead of a few days or a few weeks. That’s what makes backups so incredibly important, right? For everybody. That’s why it’s considered a cybersecurity tool and not just a disaster recovery tool, because when you have ransomware and they shut down your system and they say, you can’t run, unless you pay a ransom, you can say, yes, we can, because we already have all this.

You don’t have our files. We have our files.

Nick McCourt: Yeah. There are so many different things that we can talk about with that. I know there are different forms of ransomware that might be able to separate that out. But at the end of the day, is very important for business to be able to get back into process after or during a ransomware attack. And this of course leads us to the different types of backups and how we want to function. And at the end of the day, if you only back up once a day that can cause more problems than perhaps doing an incremental or differential backup once an hour, where it’s at least checking all the different changes.

If you have a different type of cloud system backup, it may be checking every change, regardless of whether you’re waiting five minutes or whether you’re waiting an hour, but most good backups are at least checking every hour, making sure that it’s there. And then of course you want to make sure that it’s in different locations, right?

You mentioned the sprinklers, right? So the sprinklers came on. Somebody left the window, open the server room shouldn’t even be near a window, but let’s ignore that component for just a second, right. Somebody put a server room there, with a window open. So the water comes in from the sprinkler. And of course, you might have your server and you might have your on-premise backup server as well.

And that one is protected. That’s great. But water is not something that it’s meant to back up. And so that goes down and if you’re backing it up on an hourly basis, and then that is throwing it up to another location in the cloud. That’s where yes, you can either download in minutes or, depending on how much data it is, it may take hours.

It could take a day or two, but you can actually start pulling things down, as you mentioned, in minutes to keep the organization running, while you figure out who the heck opened a window in the server room, but that’s a different story.

Susan Gosselin: Yeah. Well, whoever that poor guy was, he’s going to be in a lot of trouble.

Backup for business continuity needs

Susan Gosselin: Right. So, you know, but this does get to a more important question, right? Which is if you’re a company and you’re looking at buying your backup, you can’t be looking at it just as strictly a cybersecurity thing. You’ve also got to be looking at it as a, what are my business continuity needs?

So for instance, if I’m running a dental practice or something, it might be okay if there’s a two hour gap in the information that is coming into my system, it might be all right, but if I am running a online retail business where I’ve got transactions coming in, minute by minute by minute by minute.

Every minute that I am down is going to cost my organization big time, not just for the actual sale itself, but the reputation and everything else that goes with that. The amount of money that you’re spending on that. And the amount of time that is cycling is all something that you need to be thinking about.

So it’s not just, what’s the big, bad hacker are going to do, but you know what our big, bad circumstances going to do and how do I recover from that. Right.

Crisis Control

Susan Gosselin: It’s interesting cause the more you talk about backup and you talk about recovery and all of that kind of leads me right into a whole nother conversation. And that’s on crisis control. One of the things that they say rather obliquely, I think in the Shields Up documentation is you need to have a crisis control plan, for when things go bad, like what’s your crisis control plan going to be. And that’s a really big question.

That’s communicating, that is remediating. That is, there’s a lot of pieces to that pie. What do you recommend to people when it comes to that kind of crisis management?

Nick McCourt: So one of the most solid practices for any organization is how the organization is governed.

And that always leads back to the same thing. It leads back to IT security policies, plans, and procedures. And as far as this, as far as this topic, this leads us to some specific policies and plans. It leads us to disaster recovery policy and plan. It leads us to incident response management, which policy and plan, business continuity.

You may actually have, even something as simple as a server hardening policy or assistance hardening policy. But all those are built out. And then of course, risk management, which that borrows from government and governance. And it also deals with compliance. So those are your major components.

And if you don’t have a plan that details how to do these things as an organization, that’s one of those very important procedures that nobody wants to use, but if you don’t have it, you may not be able to recover. And that’s the important component to that is making sure that an organization has a higher operational maturity level and building that foundation, building those policies, plans, and procedures, and establishing essentially programs through them, which risk management is a program.

Incident response to some extent is also a program, so is disaster recovery, because at least on an annual basis, you want to have members of executive leadership for an organization, sit down and have a tabletop exercise. You might want to run a disaster recovery test on either quarterly or a monthly, or, some people are going “monthly, how dare you,” but in at least an annual basis. That’s that kind of practice that becomes a program and not necessarily a set it and forget it type thing.

Susan Gosselin: So when you’re putting together a plan like this, right? A lot of people think, Ugh, gosh, okay, we’ve got to have a policy and then we have to have an action plan and we’ve got to have the policy written down.

And that can be a really daunting prospect, especially for a much smaller company. If you’ve got somebody that’s primarily working with an MSP and they’re just, you know, they don’t have, a big IT department it’s like, where do you even start for something like that, is this the sort of thing that your MSP can come in and say, Hey, here’s the sample plan.

Let’s start with this. And we can build out from here. How does that work?

Nick McCourt: Yeah. So interestingly enough our President recently signed the Cyber Information Reporting Act. I think that was last week, but essentially this, it folds into the Shields Up. It’s very much about, organizations need to develop and have practices with us.

And, as an MSP, Integris, we do have an option to provide these policies or these plans. And they’re not canned, I get this question a lot. Can I just have a canned policy? It doesn’t work because variety is the spice of life and every organization is different, right?

So at the end of the day, you can have a template, but it’s gotta be scaled. And that, that needs to be scaled by somebody who can talk to the organization, understand what is going on, understand the business, really map out the needs of that organization, and then build that into each policy, each plan.

You can’t state in every single plan that the CEO will, in the event of disaster recovery, they are going to parachute from a plane into a new location. It doesn’t work right. Some people might be able to do that, but what we really don’t want to do that, I think there are some CEO’s, there are some vice-presidents and different people out there that are going. There is no way I am going to parachute anywhere, thank you very much. It’s that kind of idea.

And so of course this other law that was just signed in, it really requires a Chief Information Security Officer. It elevates that position a little bit higher because the purpose of that is to protect the reputation of an organization.

And you really want to have somebody own that. And so either having a Chief Information Security Officer or having a Virtual Chief Information Security Officer, that’s a service that can be provided that really, that person is dedicated about protecting the reputation of the organization and they would own these plans and policies.

Susan Gosselin: The answer then is that if you are a small or medium-sized company that is working primarily with an MSP, you need to ask the hard questions of your MSP and say, can you provide me with vCIO certification, can we have someone who is on your staff, whose job it is to manage our policies and our disaster responses.

And then if you are a medium sized company or a company that has at least part of your IT function in-house, you may be wanting to look at hiring that person or, creating that as a big part of the job for your CIO.

Filtering and detection response

Susan Gosselin: That gets us to yet another thing that companies need to be looking at and determining, what’s the good services from the bad, and that is on the whole subject of filtering and detection response.

One of the things that we tend to see a lot is there are a lot of I can call them shady companies necessarily, but they’re companies that are just offering very basic AI powered scanning, and that’s it. They’re making claims that they can run thousands of calculations a second and find these things coming into your system and keep you protected 24 7.

It’s really only a piece of the pie of what needs to be done, right? So I was wondering if you could talk a little bit about what makes a good detection response system and what doesn’t like, what are the pieces and components that companies need to be paying attention to?

Nick McCourt: So let’s start with the basics.

And that is antivirus is sometimes called endpoint detection response. And to some extent that can actually be the case if it’s a higher level of antivirus, but we have to consider the fact that antivirus or endpoint detection response. That should be the last thing used because most of the time that’s signature-based, right.

So once you get past that level, then we’re talking about actual either extended detection response, which is where we talk about, Hey, this is automated, and don’t get me wrong. I would love for R2D2 to basically take a look at everything. Cause R2D2, well, is pretty awesome.

But at the end of the day, there are so many different things that, that you have to look at. And those are all built off of predetermined filters. That AI functionality is still a predetermined filter. Hey this should look a little, concerning, so what can be done about it? And so the final level, and this is what I like to recommend is you marry that extended detection response, where you have some of the AI filtering, but then you actually put a person, an actual trained expert with kind of eyes on glass 24 7, where they’re seeing this come out at the other end and they’re going.

Well, let’s take a look at the people component, right? Let’s actually character profile was happening during all these different communications going across the network or going across systems through the cloud. That sort of thing. If we see these events coming in, how is this being done by a person and kind of the easiest way to describe it as you, you have the basic alerts. This is a bad alert. This is a concerning alert. We’re not sure if we should do anything with this. And then here’s a green alert. I turned on my computer.

So that pops up as, as an event. That’s fine. What XDR does is it adds a few more colors and variations instead of just the typical traffic light. Maybe there’s red, but then there’s magenta. And maybe you have yellow, but then you have gold. And then you have green and then you have the turquoisey teal color.

In the meantime, when you add that managed detection response it’s a rainbow of colors, right? Because look, you open up, your web browser and it’s 2:00 PM. Okay. We can expect you to do something at 2:00 PM, but then you open up your web browser and it’s 3:00 AM.

How is something that’s supposed to be fully automated going to actually realize, you don’t usually work at 3:00 AM, right? There’s a problem here. You’re not usually doing this. Maybe something else is going on. And that’s where that 24 7 eyes on glass managed detection response becomes very important to matter what the size of the organization is.

One of my favorites, was an example for, if you’re running a credit card, right? If you run a credit card and you get a phone call, Hey, you just ran your credit card and you’re in Barbados. Were you supposed to do this? That’s your antivirus.

Or you can get that phone call. Hey, you’re getting ready to run your credit card in Barbados, are you in Barbados? That’s where the managed detection response separates itself from everything else and goes up to a different level because they’re able to capture in real time and they may even be able to call it before you run the credit card, how cool would that be? And that folds into what is known is active threat hunting, and it’s having your own special assassins to be there and make sure that nothing gets in before it gets out.

Susan Gosselin: So it’s really a matter of detecting unusual activity. It’s monitoring your system and determining these are typical patterns.

And when you’re talking about all of those colors, that’s where all of the coding comes in, right? This is a perfectly normal green thing. And then here’s this really red thing. That’s a red behavior. We shouldn’t be doing this. What really separates the AI scans is that the AI scans can identify that, but it really takes that managed response, that human being, to be able to say, no, this really doesn’t look right.

Or that’s a false positive or, Ooh, wait, here’s something that we need to be concerned about. And then they can verify and stop, whatever it is that is the suspicious activity before it has a chance to run loose in your system because, if you’ve just got a scanner and the scanner, find something at 2:00 AM and there is nobody to check it.

What happens then? So really, even for the smaller companies, this has become scalable now. That’s the thing I think that we’re struggling always to say to people is that, these tools sound very sophisticated and they are, they all sound very enterprise grade, but the beauty of all of it is that it’s being scaled down so that you can buy the services now only for the size and scope of what you need.

So you pay for only what you need.

Nick McCourt: Absolutely. Yeah.

Common mistakes businesses make with their cybersecurity programs

Susan Gosselin: Well ,with all that in mind let’s talk a little bit about what is like for companies that are buying these services. They are having to make some pretty big decisions right now about what they spend and what they don’t spend.

One of the things that we see a lot is we see companies of certain sizes making the same sorts of mistakes or miscalculations when it comes to putting together their plans. There’s always like very similar holes. So I was wondering if you could talk a little bit about what are some of the key things that you see.

Smaller to medium-sized businesses doing when they’re shopping and trying to put together a cybersecurity program.

Nick McCourt: And so the biggest mistake most companies make if they’re small or medium-sized is they try to add cybersecurity to the current budget for technology and there’s a huge difference.

There’s an actual separator there, but let’s talk about technology, right? You need technology to run a business. You might need it for financial. You will need it for, inputting different services. You need it for file management. You need it for just day-to-day activity.

Keep the idea on you buy a computer. A computer has a depreciating value like a car does right. So you buy the car since you drive it off a lot. Oh my gosh. Just depreciated in value. The computers don’t have a massive depreciating value like that just coming off the lot, but hey, the computer year after year there are new versions of the computers, that sort of thing. We still need to invest in that.

For cyber security, the only way it really truly has a depreciating value is if you don’t manage it. And the most important component to this, and this is why this should be a separate budget. Is because cybersecurity for a lot of organizations, especially if they have compliance or they have regulations or just as simple as we kinda need our cyber insurance plan. Right. We need a cyber insurance policy.

So if you have a plan for that. This is an investment that a lot of organizations are starting. Just starting to realize that, Hey, if I invest in cybersecurity separately, then I can use this for governance of the organization. I can use it to help limit or minimize risk, which of course causes issues for organizations all the time.

And then of course, oh my gosh compliance requirements, everybody with compliance. Oh, I’m always required by compliance to do X. Okay. That’s fine. But if you have compliance requirements and you’re investing in cybersecurity, it also allows you to go depending on your industry, it allows you to go after new business opportunities.

It really allows an organization to actually get ahead of their competitors and do more things. So that becomes an investment in the future with cybersecurity. There is your biggest separator. And that’s usually the biggest mistake that most organizations make. They start looking at it and they say, you know what, I’m just going to cut IT in half and fine.

Now we’re developing in cybersecurity and whatever, we’ll have to figure something else out. Suddenly you can’t buy computers or the budget doesn’t allow for, updating new cloud services or purchasing a new server. You don’t want to do that. Cause that continuity of the business, but cybersecurity it’s about protecting that continuity and it’s about setting you up for a really successful future.

Susan Gosselin: Right. Yeah, you can’t really carve cybersecurity from an existing pot, you really need to create a whole new pot of money for that. And that pot of money needs to increase. It’s like a bad news, good news kind of situation. So the good news is that as the threat levels increase.

The tools increase. The bad news is you have to pay for that increase in tools, from a year to year basis. If you had to, so let’s say you’ve got that pot of money and you’ve put your pot of money down for cyber security this year. How much more should you be budgeting for the next year coming?

Should you be adding on an additional 5% or 10% every year that you’re just planning for?

Nick McCourt: That’s going to depend on what you have in place. So there is a, there’s a finite number of security layers that most organizations can have to defend and protect what they have. So if you have nothing, the increase will probably be large.

If you already have things like your policies, plans and procedures, and you already have somebody established to actually run some of those programs that you have on a regular basis. Then you really want to look at the basic requirements. For your compliance for your industry. And then of course, look at the basic requirements that you see in cyber insurance policies.

You need to have security awareness, training and phishing simulation. You need to have vulnerability management programs. You need to have a logging system. You need to have managed detection and response. You’re going to need some of the basics like, Hey, do you have MFA or single sign on or zero trust set up?

Do you have different role-based access layers, is your backup implemented? How is your backup implemented and then basics? Do you have a firewall? Do you have a spam filter? How are you limiting access to your emails? Where are you limiting access? Those all get built in, and some of those are implied at a lot of them are stated out now in cyber insurance policies and they say, Hey, do you have this?

And no means you might not get that policy this year.

Susan Gosselin: Yeah. And let’s take a second to just give a little shout out to the necessity of cyber risk insurance. What cyber risk insurance will do for you all is when you have it. If you have a ransomware attack and you end up having to pay that ransom that will pay for you, it will handle your crisis plan, all of the extra IT consulting that you might need to remediate the problems. It’ll help you with your communications and your legal costs and all the things involved. And it generally, when you consider everything that it costs or covers, it doesn’t cost all that much.

But. And here’s the kicker. You can’t get cyber liability insurance, unless you have already met a really high bar for all of your cybersecurity tools. So everything that Nick just mentioned. All those things, you got to have them all. It doesn’t matter what size you are, you gotta have them all. And you’ve got to be able to prove that they’re working.

And so then you’re able to get that insurance. Another thing I want to point out about cyber liability insurance is that it is a requirement for a number of companies that will be working with you. So there are customers who may not sign on with you unless they know that you have it. If you’re trying to bid for a bit of business from the Department of Defense, you will not be able to bid on that.

And it is a part of several compliance structures. If you are bound by certain compliance structures for your industry, that may be one of them. If you’re not thinking about cybersecurity right now is more than just the Russians, you got to worry about, right? It’s the lost business opportunities and things that you may not have.

So that is my little soap box today on cyber risk insurance. I do want to point out too, that we have another podcast that we’ve done. That really goes over all of this in detail. We’ve got some of our best experts on cyber risk insurance talking about it. So I would encourage you, that will be in the show notes to take a look at. I mean, what are your thoughts on cyber risk insurance?

Yes, no, good, bad.

Nick McCourt: There are so many things that are out there and you already mentioned it, they’ve changed how it works. You have to have those layers in place in order to even have this. It used to be that these things were optional and right before the pandemic, it was starting to change anyway, but the pandemic really accelerated this.

You want to show that you have an operational maturity level, just to be able to have the insurance. You want to have it to be able to continue making money in your chosen industry to, to be able to open up business opportunities. And this is such a different aspect than what we use to deal with. Oh, IT or a managed services. Managed service is very important, right.

But cybersecurity really is sectioned off, and it is a service, but you really do need specialists to really focus on that for any size organization to make sure that they know what they’re doing, because everybody wants the opportunity to grow. And nobody really wants to have to pick up the pieces after some sort of devastating something that happens to their business.

Susan Gosselin: Yes, absolutely. Absolutely. If you’re a business owner right now and you are looking at the future of your business chances are you’ve. You may already be on a certain path for this year, but it’s still not a bad time to do a rethink and a reboot on your cybersecurity situation, whether you’re working with an MSP or whether you’re working with internal IT exclusively, or some combination thereof.

Rebooting your policies and procedures

Susan Gosselin: What are some of the things that a company needs to be looking at right now? If they’re looking at just rebooting their policies and procedures and everything.

Nick McCourt: I’ll always have somebody that’s in charge of that. And if you don’t then look to have a Virtual Chief Information Security Officer.

Once you do that, then that helps lay the groundwork for defining all the different layers that you as an organization need to have. One of my favorites is nobody wants to pick a security framework to follow, but once they do and everything set up, then they feel really comfortable afterwards. And that’s often what Virtual Chief Information Security Officer does.

They’re, oh gosh, I really don’t want to do this. Look at all these things we have to do. Okay. Let’s all set. It’s all set. Where are we on a comfort level. Ugh, you’re right. I’m so comfortable and nothing stopped, but by the way, our budget for other departments has now increased because we’re getting business coming in because of these things laid out.

We don’t have to worry about paying ransom of $2.5 million because hey, things are there and it doesn’t necessarily guarantee that you won’t have an attack. It doesn’t guarantee that you won’t have an incident or possibly even a breach, but it really does lessen it. It lowers that level of risk to a very comfortable level.

Susan Gosselin: Yeah. I was just reading recently where the average ransomware request right now in the United States is averaging about the $200,000 range. So you get dinged that enough times, it’s gonna, it’s gonna take a bite out of your budget.

So anyway, I think that we have run through most of the major things that we needed to talk about when it comes to Shields Up and the overall heightened level of threat that we are under. Nick, is there anything that you would like to say to our viewers at this point to wrap this discussion up?

Nick McCourt: I think that it’s very important to always be vigilant. Not only for your business, but also just in your personal life. The attacks can come anywhere and go in any direction.

Susan Gosselin: Definitely. Definitely. So stay safe out there. Talk to your MSP, talk to your CIO, make sure you got yourself covered.

And as always, if you need a little extra advice, we’re always happy to offer you with a free consultation on cybersecurity, so give us a ring. That’s it for The Helpdesk this week. That’s it for me, Susan. That’s it from Nick. Stay tuned for us next week, see you soon.

Keep reading

AI (ChatGPT) and the Cybersecurity Implications for Your Business

AI (ChatGPT) and the Cybersecurity Implications for Your Business

With AI set to revolutionize how we work in the coming years, two of our Virtual Chief Information Security Officers, Darrin Maggy and Nick McCourt, and our CIO, Tony Miller decided to weigh in on the subject. The drumbeat to adopt AI in your workplace is loud right...

“Knowledge, You Can Teach”

“Knowledge, You Can Teach”

Scott sits down (in person!) with George Hall. George is the President of LINQ, a managed mobility services provider, and There Goes My Hero, a nonprofit dedicated to those impacted by blood cancer, both headquartered in Baltimore. George talks about his very eventful...

Multifactor Authentication Breakdown

Multifactor Authentication Breakdown

Nick and Susan's monthly episode is joined by Lexie Nelson, a vCISO at Integris. Today's topic is multifactor authentication. We're going through a full breakdown into MFA: how much it really protects you and your organization, the things to look out for when...