Ensure Your Technology is Working for You, Not the Other Way Around

Keep your vision, operations, people, customers, and reputation safe with virtual Chief Information Officer (vCIO) / virtual Chief Information Security Officer (vCISO) support. 

As a responsible modern professional, you get it; that an independent qualified assessment of your cyber protection and information security is critical: Protecting operations. Avoiding financial loss, penalties, civil liability, reputation damage. You probably understand that your IT shop must be stress tested by an independent, objective professional that is going to let you know what is working well and what specifically needs to change or be enhanced, against today’s risk, and with respect to your operations and plans.

Even if you are a non-technical professional, you probably get that the cyber and information security threat landscape is constantly changing. Here are a few acid test questions for your IT shop that will give you a picture of how current you are (apologies in advance if this ends up being a tough discussion…) 

1. Do we use endpoint detection and response technology that scans not only for signatures / known malware but abnormal machine and user behaviors? How do you know it is fully deployed to all endpoints including servers and is operationally effective?
2. Do we have advanced threat protection enabled on our email that scans attachments and links before they can be opened, and will that advanced threat protection quarantine those emails away from my employees? What is protecting our employees from directly downloading hostile executable files from the internet?
3. Show me how our backups are secured on an archival basis so that one infected file volume will not be able to infect the archives? Have we tested our recovery process?
4. How are our employees performing on automated simulated phishing attempts and is the remedial/periodic cyber awareness education automated? How current are our employees with that training?
5. What are the results from our most recent vulnerability scan and how many critical vulnerabilities were identified?  How are we keeping our systems, applications, and users’ security patched? How are we monitoring the security stack apparatus such as firewalls (is that apparatus even current?) How are we monitoring traffic origins, and suspicious logins? What data loss prevention settings are in place?
6. How are we securing privileged user access to firmware and critical applications. Is Multifactor authentication enabled for all users? Are passwords and passphrases enabled with required resets at least every 90 days?

These are only an example of some high impact controls that ALL organizations should have in place to defend against current attacks.  
 
Now, your business environment, support processes, and informational needs are constantly evolving. You need to look at how your architecture and applications are supporting your current 3-year outlook.  

With substantial operational dependence on IT, this will require a continuous lens, if not at least periodic quarterly consulting and health checks to ensure your systems are serving your objectives and your people, clients / customers / patients are protected and secure.  

The process should start with an initial cyber & information security assessment. During this phase your vCISO / vCIO will inventory your systems and processes against applications, infrastructure, and examine your defenses and resiliency against cyberattack and data loss. It is my experience that the IT team (internal or external) is going to need some help ensuring the corrections are made properly to address the risk exposures. Then you are going to need some ongoing support for periodic re-evaluation and staying current, process improvements, and supporting growth.

The independent vCISO / vCIO support experience you should be seeking:

I am here to help Coastal NC organizations with informal advice on cyber and technology, alongside supporting UNCW’s Center for Cyber-Defense Education and the development of cybersecurity professionals. If you would like some directional assistance, please let me know by contacting me via Linked In.