Cybersecurity Awareness Month

October is Cybersecurity Awareness Month – an event which was started in the USA nearly 20 years ago and spread globally. It is a good time for people at all levels to step back and ask the question: are we doing the right things to be digitally secure?

titan_blog_cybersecurity_awareness_month

Titan’s Four-Point Focus for cybersecurity can help resellers and MSPs deliver their customers’ cybersecurity needs.

Keith Maskell, Head of Cybersecurity

Cybersecurity is essentially an attempt, within the limitation of a budget resource, to prevent a certain category of events (“non-secure” ones, of both known and unknown types) from occurring within a highly complex system which includes rapidly changing devices, people, and unpredictable inputs from the internet. It sounds impossible! So, given the rise of all types of malicious actors globally, and the advances in attack methods, the question is – what can your customers practically do, to survive digitally?  Perhaps the answer begins with defining what not to do. High on that list are the following:

  • Assuming that the existing cyber defences and device configurations are good enough
  • Trusting that “admin” privileged credentials will not get stolen or misused
  • “Hoping for the best”, without monitoring, that systems are not breached and data is not compromised
  • Placing too much trust in security products, without paying enough attention to processes and controls

Elimination of these dangerous management postures then starts to reveal focus areas that can deliver the largest security value for the least investment. For example:

  • Thorough testing of cybersecurity defences, from the point of view of an attacker, and understanding the business context of any weaknesses, followed by remedial actions and retesting
  • Assuming that privileged access credentials could be stolen or misused, and taking measures to defend quickly against that and to control privileged access sessions
  • Monitoring for breaches and being able to answer the question, at any time: “how would we know if we had been breached?”
  • Expanding management attention to a complete cybersecurity approach that is balanced between cybersecurity products, on the one hand, and processes and controls on the other hand.

Of course, every organisation has its own priorities and capabilities. Titan Data Solutions can offer a NIST-based Cybersecurity Maturity Assessment which will provide an overall analysis in a form that is easy to communicate to non-technical stakeholders. However, Titan Data Solutions has built on its wide experience of user issues in its Four-Point Focus approach for Cybersecurity:

  • Penetration Testing – Properly test the existing cybersecurity defences with Penetration Testing, understand the business context of weaknesses, implement remedial actions and then retest
  • Privileged Access Management (PAM) – Add new protection against theft and misuse of privileged access credentials, and to control all privileged access sessions
  • 24/7 Managed SOC – switch to an outsourced security operations centre that not only monitors your network for threats and vulnerabilities, but also takes power to act and provides incident response
  • Information Security Management System (ISMS) – Develop an ISMS that covers processes and controls as well as systems, using ISO/IEC 27001 methodology

Titan makes these professional services and products available for resale by Resellers and MSPs. They are part of Titan’s wide range of cybersecurity services and solutions, provided by highly accredited and certified vendors. Titan organises all pre-sales support and scoping for the reseller, making it even easier to enable you to sell the latest cybersecurity solutions.

The Four-Point Focus – Zooming In

Do your customers have questions from their stakeholders about their cybersecurity defences and the risk of ransomware?  A positive step is to organise a penetration test:

  • Understand how a hacker could attack the network and applications
  • Understand the business context of weaknesses found – what could it mean?
  • Develop a plan to fix the gaps
  • Get a low-cost retest built in from the start
  • Get the best value from a limited budget by optimising the tests against the risks 

What would be the risks if your customer’s “admin” credentials were stolen or misused?  A positive step is to implement Fudo Privileged Access Management (“PAM”), from Titan Data Solutions:

  • Understand how a hacker could attack the network and applications
  • Understand the business context of weaknesses found – what could it mean?
  • Develop a plan to fix the gaps
  • Get a low-cost retest built in from the start
  • Get the best value from a limited budget by optimising the tests against the risks 

Does your customer need to get to a completely new level in its cybersecurity?  A positive step is to implement 24/7 Managed SOC (security operations centre):

  • Detect breaches and react straightaway, as if the customer had its own 24/7/365 SOC on site
  • Use industry standard platforms, not proprietary ones, for maximum future flexibility in who provides the services
  • Options for the Managed SOC to carry out pre-agreed actions on the customer’s network in response to threats
  • Full package of linked cybersecurity services, including asset discovery, vulnerability assessment, penetration testing and more
  • Tailored solutions to maximise security and minimise costs

What are the risks if your customer does not fully include processes and controls in their cybersecurity management, together with systems?  A positive step is to build an Information Security Management System using ISO/IEC 27001.

  • ISO 27001 is the international standard for Information Security Management
  • ISO 27001 helps your customers to create their own ISMS, to cover processes and controls as well as systems
  • ISO 27001 is not only for large companies!

While ISO 27001 certification is a valuable achievement, the standard can also be used without the need for certification

Titan can organise ISO 27001 consultancy and managed services, including for certification and maintenance of certification

Titan can also organise a NIST-based Cyber Maturity Assessment to help IT management communicate cyber risks to stakeholders for awareness and budgeting purposes

To find out more about Titan’s cybersecurity services

Scroll to Top