Search
Close this search box.

You’ll always need IT protection

Because cyber criminals never stop.

That’s why we embed cybersecurity best practices into our Fully and Co-Managed IT Services plans.

After 23+ years in the cybersecurity and IT Services industry, I know how hard it can be, at times, to grasp the full scope of cyber threats detection and prevention. That’s why I wrote a chapter on security frameworks for the book, On Thin Ice. It’s basically the culmination of everything that I walk my clients through to keep them safe and sound.

“A sure sign of a mature or maturing organization is the adoption and use of a security framework. Raffi provides a succinct intro to a few such frameworks and explains the benefits of choosing one or more for your business. Along the way he shows the multitude of issues involved and summarizes them within the security pyramid which makes keeping a high-level view of what’s involved easily possible.”

Sevag Ajemian, Founder, Globanet Consulting

It’s vital that all business owners and executives understand cybersecurity services and frameworks so that they can invest their dollars wisely. This is where our “Pyramid of Security” comes into play.

Actualization

Zero Trust Networking

The concept of "zero trust" in networking emphasizes the importance of not automatically trusting any entity within or outside your network perimeter. Instead, establish and adhere to strict policies and approval criteria for accessing IT systems. This entails verifying users, devices, and networks before granting entry, and implementing posture-based policies for each device operating as a network segment. Additionally, only applications listed in an approved allow-list should be permitted to run on these devices.

Next-Gen / Cloud Firewall

Traditional routers lack the capability to log activities for future review and correlation against known and emerging threats. Therefore, deploying a next-generation firewall or unified threat management system is essential. These solutions offer advanced filtering and network segmentation, restricting communication between different devices and ensuring secure and swift cloud transformation through Secure Access Service Edge (SASE) integration. Centralizing firewall activities on a cloud infrastructure enables secure access to both cloud and private networks, crucial for monitoring network activity as remote work becomes more prevalent.

Threat Intelligence

The ultimate goal of threat intelligence is to uncover the who, how, and why behind attempted breaches on IT systems. By providing detailed insights into indicators of compromise (IOCs) extracted from log entries indicating malicious activities, it facilitates identifying actionable events and devising countermeasures. Staying updated on industry-specific threats is vital, leveraging both publicly available and subscription-based resources, or consulting with IT service partners to tap into their threat intelligence sources.

Maturation

End User Cybersecurity Awareness Training

Given that most breaches stem from phishing and human error, educating employees and contractors becomes paramount. Regular training sessions on the latest cybersecurity threats, along with guidelines for recognizing and reporting suspicious activities, are essential. Evaluating their knowledge through physical penetration tests and simulated phishing attacks provides opportunities for ongoing education and improvement without stigmatizing mistakes.

Policies / Procedures

Policies not only establish standards for system and data usage but also delineate guidelines for interactions among IT administrators, managers, and end users. Clearly articulating the rationale behind each policy is crucial, followed by the development of procedural frameworks outlining specific processes to be followed by the team.

Cyber Insurance

While cybersecurity insurance is valuable for all businesses, it's particularly indispensable for highly regulated industries such as financial services and healthcare. Such policies provide coverage against losses and expenses arising from cyber-related crimes and help mitigate regulatory fines. However, compliance with the insurer's requirements is necessary to ensure eligibility for benefits in case of a breach or cyberattack.

Awareness

Email Filtering

Email remains a prime target for cyber attacks, making comprehensive filtering imperative to combat spam, viruses, and phishing attempts. Encrypting sensitive data transmitted via email adds an extra layer of protection against data loss or leakage. Identifying impersonation emails and screening attachments and links for malware further enhances security, while logging message traffic aids in post-breach investigations and containment efforts.

Web Filtering

Implementing internet browsing filters in the workplace serves multiple purposes, including blocking potentially malicious websites hosting malware, reducing data exfiltration risks, and minimizing work distractions while ensuring regulatory compliance. Leveraging next-generation firewall capabilities facilitates effective web filtering, supplemented by additional applications for remote or traveling team members.

Asset Management

Maintaining a comprehensive inventory of hardware, applications, virtual servers, and data assets is essential for robust protection. Organized asset management prevents overlooked or unsupported assets from becoming vulnerabilities, while a proactive plan for updates and replacements minimizes the risk of exploitation or prolonged downtime.

Continuous Scanning

Continuous scanning of networks, devices, and data is fundamental to identifying vulnerabilities resulting from configuration errors, patch management lapses, or malicious activities. Prompt detection and remediation of these vulnerabilities are critical to preempt cyber threats, with continuous scanning also aiding in the discovery of unknown assets and compliance with certain regulatory requirements.

Foundation

Endpoint Protection

Protecting endpoints, including computers and mobile devices, requires more than traditional antivirus software. Employing digital forensics, endpoint policies, and whitelisting authorized applications enhances protection against threats. Mobile device management systems are essential for securing smartphones, ensuring compliance, and mitigating risks associated with personal devices.

Identity Protection

As identities increasingly serve as the gateway to accessing resources, safeguarding them is paramount. Strong, unique passwords managed through a password manager, coupled with multi-factor authentication and biometric verification whenever feasible, enhance identity protection against unauthorized access.

Business Continuity

Business continuity planning is indispensable for mitigating the impact of disasters, whether natural, accidental, or malicious. Plans should encompass remediation strategies for both local and remote disruptions, along with robust backup and recovery procedures. Regular testing of backups and automated recovery processes ensures readiness to restore data in case of emergencies.

Patching / Updating

Timely installation of critical patches and security updates is crucial for addressing vulnerabilities in operating systems, software, and firmware. Swift action within the first 7 days for actively exploited vulnerabilities and within 30 days for other patches minimizes exposure to cyber threats.

Minimize Administrative Rights

Restricting administrative rights to authorized personnel minimizes the attack surface on devices and prevents critical system damage. Limiting software installation and bolstering security through allow-listing software enhance protection against unauthorized access and malicious activities.

Please know that these 15 minimum security program solutions are not the be all, end all of your cybersecurity needs. These are merely the start.
If you’re interested in learning more about security frameworks, please contact me via the form below for a free copy of “What is a Security Framework?”

“Raffi Jamgotchian’s chapter 31, What is a Security Framework, in the book, On Thin Ice is a must read. He lucidly defines them, describing the most common ones. Raffi then goes on to demystify the “pyramid of security” in easy-to-understand steps, so you have a comprehension and comfort with the terminology and importance of security. In twenty minutes, I went from knowing very little to a working knowledge, which every business executive should have.”

Parag Saxena, CEO, Vedanta Capital Management

Interested in getting a copy of my chapter on security frameworks? Fill out the form below and I’ll send you a free copy. Or buy the entire book here.