How do you get unbeatable cybersecurity for your business, without killing your budget?
Cybercrime is escalating and cybersecurity protection is now an essential part of any business operation … but shortage of resources and expertise means cybersecurity implementation is far behind schedule and that means big risks ahead.
Table of Contents
Achieving excellence in cybersecurity doesn’t mean you have to hire and invest large amounts in resources, skills, and software tools. In fact, most businesses already have licensed security tools included in their license packages, but struggle with scarcity in resources, expertise, and therefore don't make the prioritization of cybersecurity over other more “pressing” business needs.
With Valenture as your partner in Managed Security Services you can achieve cybersecurity excellence in months for a fraction of the cost it would cost to hire new resources with the necessary cybersecurity technology expertise.
Network Topology
While it is proper to perform formal risk assessments before determining security strategy and techniques, the reality is that many small businesses won't spend the resources to do so, and following some sound general advice is far better than doing nothing.
DOWNLOAD THIS GUIDE
1. Managed NSOC 24/7/365
Uniting NOC and SOC - While the Security Operations Centre (SOC) focuses on threat detection, security and the integrity of data, the Network Operations Centre (NOC) focuses on ensuring ongoing network availability, and high performance of all linked services.
There is often crossover between a NOC and a SOC, especially when it comes to incident management, firewall monitoring, intrusion prevention and performance reporting.
You achieve the best security by integrating both processes in your security center.
"Our strongest recommendation is to use a SOC that offers 24x7 monitoring … There are too many hours a day and over weekends and holidays when threat actors are active and you are sleeping or away... So, using an active monitoring is a must-have in today's world to stay safe." - Markus from TrueSec |
The power of combining NOC and SOC.
Managed SOC (Security Operations Center)
SCOPE | Monitor, Detect and Respond to Threats |
DESCRIPTION | 24/7/365 Security Incident Response, Includes User Portal, Auto ticket generation, Customized runbooks . |
Managed NOC (Network Operations Center)
SCOPE | Provides visibility and alerting via network device monitoring. |
DESCRIPTION | A network operations center (NOC) is a centralized location from which network administrators and engineers monitor and manage network activity.
24/7/365 Network Incident Response, Includes critical FW updates, User Portal, Azure-based, Auto ticket generation, Customized runbooks . |
2. Backups – Immutable and "Air Gapped"
An immutable backup secures data by making it fixed and unchangeable. As a result, immutable backups protect data from accidental or intentional deletion or ransomware attacks. |
Datto Siris - Backup & Ransomware Scanning
SCOPE | Onsite application for backup verification including ransomware scanning |
DESCRIPTION | Onsite appliance that provides multiple levels of backup verification including ransomware scanning, mandatory 2FA access to the cloud-based administration portal, immutable Datto Cloud and backup snapshots that can’t be corrupted by ransomware. |
Datto SaaS Protection - Protect Microsoft 365 & Google Workspace Data
SCOPE | Backup and recovery solution for Microsoft 365 and Google Workspace Data with integrated advanced threat protection. |
DESCRIPTION | SaaS Protection+ is both SaaS Protection plus SaaS Defense, which scans Microsoft 365 and Google Workspace for cyber threats and backs up 3x daily. |
Air-Gapped Backups
SCOPE | Air-gapped backups |
DESCRIPTION | Air-gapped backups means disconnecting the backups from all access, especially the internet and local network, old-school is cool. Without an internet or other network connection, it's impossible for your backup device to be remotely hacked or corrupted. Also referred to as the virtual equivalent of Tape Drive and Removable HD . |
3. Cybersecurity-focused architecture design
Security at the center, an architecture designed for cybersecurity
Placing security at the edge alone is the old way of thinking. The new standard puts intelligent security at the center of the network to gain visibility and control over all traffic, not just north-south.
Harden Network - Securing Local Area Network
SCOPE | Network Segmentation |
DESCRIPTION | Network hardening is a security strategy at the top of every CISO’s list to secure the network infrastructure and avoid exfiltration of sensitive data, interruption of services, and which eventually can lead to cease of business operation. Network Segmentation creates internal security to protect assets. Reconfigure the existing equipment, such as computers, devices, servers, routers, and network switches, to make the firewall function as the core switch. Migrate from old-school IP/port-based security to user-id, app-id, zone-based security . |
Harden User Identity / Authentication (A/D)
SCOPE | A/D Tiering and MFA |
DESCRIPTION | Reconfigure existing A/D to increase security posture and make it nearly impossible for attackers to move throughout your environment.
The "Local Administrator Password Solution" (LAPS) provides management of local account passwords of domain joined computers. Passwords are stored in Active Directory (AD) and protected by ACL, so only eligible users can read it or request its reset. |
Secure Management Access (OOB)
SCOPE | Setup Out-of-Band management access for servers and network devices |
DESCRIPTION | Management access to your key infrastructure is isolated from your production network and protected by multiple layers of security. Isolation and independence from your production systems ensure management and console access are available even when your network is not.
While In-Band Management is the ability to administer a network via the LAN, Out-of-Band Management is a solution that provides a secure dedicated alternate access method into an IT network infrastructure to administer connected devices and IT assets without using the corporate LAN. |
Managed Dark Web - Monitoring of the Users
SCOPE | Managed Dark Web is a service which regularly searches places on the dark web where information is traded and sold, looking for your information. If your information is found, you get a notification. |
DESCRIPTION | Daily Dark web monitoring for all business email, VIP personal email addresses, key IP addresses, and supply chain compromises. |
Device Updates
SCOPE | Provides critical updates to for firewalls to maintain security posture |
DESCRIPTION | Critical software revision updates as needed, Annual software revision updates to stay current
|
Bullphish – Security and Email Phishing Training
SCOPE | Automated user security training for email phishing |
DESCRIPTION | Create campaigns to automatically send phishing emails to your users. Track who opens, clicks, and enters sensitive data. Assign security training courses to users. |
4. Managed Endpoint Detection and Response (EDR)
SCOPE | Integrated endpoint security |
DESCRIPTION | Integrated endpoint security solution that combines real-time continuous monitoring and collection of endpoint data with rules-based automated response and analysis capabilities. (NOTE: Must be a client owned device to install, it's agent-based). Recommend OEDR, managed service powered by SentinelOne Complete NOTE: Recommend for Key Devices like servers. Best practice is to run EDR on all company owned devices. |
5. SASE Cloud Security = SaaS Security Tools
SCOPE | Microsoft Defender for Office 365. |
DESCRIPTION | Helps protect against threats, such as phishing and business email compromise Microsoft Defender for Office 365 - comes in several different plans, be sure you have at least Plan 2 or better. If you have Microsoft E5, then you probably already have the license. What other SaaS cloud apps need protecting? |
6. Readiness Assessment
The Valenture Approach & Roadmap To Unbeatable Cybersecurity... without breaking the bank.
a) Readiness Assessment
Real-world exercises to verify competencies and accelerate improvement
Proven, Low cost, high yield investment strategy. Perfect practice makes perfect. Nothing replaces hard work.
b) Security Scans = Daily.
Security Scanning SW purchased and installed on a local VM, scheduled to run daily. Like Nessus or similar.
c) Network - Failover Tests = Tentatively plan for 2023 Q1.
We are most prepared for this one, let's do one with a high chance for success to standardize our tests. "Build once and reuse again and again".
d) 4 Systems - D/R = Tentatively plan for 2023 Q2
We will devise a "non-cyber" event, test the DR response
e) Cybersecurity - PEN test = Tentatively plan for 2023 Q3
Beat TrueSec's Red Team
HOW VALENTURE CAN HELP
Managed Security Services
Valenture deliver the expert resources you need to stay at the cutting-edge of cybersecurity technology and achieve the highest level of cyber security for your business.
ARTICLES WORTH READING
Hybrid Network Architecture: SASE & SD-WAN For Ultimate Network Security & Performance
Hybrid Network Architecture is for companies that are not 100% cloud based
Yes, the world is rapidly changing to cloud based services, but most companies are still running on-site services that are business critical and will remain on-site because they are custom, have dependencies, and just plain cheaper to run than a cloud based service.
Hybrid network is a combined network of SASE and SD-WAN and what most companies need.
Read more: Hybrid Network Architecture
The Perfect Remote Work Architecture For Hybrid Networks [Guide]
Creating A Fast, Secure & Stabile Network Access For Your Remote Workforce. It’s time to update the network architecture to support the increased use of cloud services and still ensure a fast, stable, and secure access to on-site services.
Read more: The Perfect Remote Work Architecture
Comments