Mon - Thurs 8 am - 5 pm CT
Fri 8 am - 4 pm CT
An accurate assessment of the current state of your network and software systems is always the first place to begin when considering Cybersecurity. We will work with your team to determine what needs reviewed in your situation and then craft a customized assessment to reach those goals. This assessment can include, but is not limited to, the following types of items –
Based on the results of the Cybersecurity Assessment, we can help you develop a step-by-step plan customized to your situation. This plan will help you get the ‘most bang for your buck’ by focusing on the initial steps with the biggest payback in your network. We can also help you create appropriate IT policies so that everyone knows what is expected.
You can find a whole section on our Cybersecurity Training. If you need something not listed or you require a custom class, please contact us.
No one wants a cyber incident, but they will happen for the majority of businesses. Let us work with you to evaluate just what your organization could withstand in an incident, and then help you craft and implement a plan to increase your resiliency in the event of an attack.
Because the chances are high that your organization will experience some form of cyber incident, it is only prudent to make plans for that possibility. Custom Internet Services can help you develop those plans. Depending on your situation, we’ll focus on two primary areas —
You’ve done your best to secure your network while planning and preparing in the event of a breach. Yet despite your best work, it happens – your network has been compromised in a cyber incident. Now what?
There’s no doubt this can be a scary time. And how you respond can be important in determining the legal ramifications. Call us at 620-221-3614 for assistance to recover from that incident.
Take stock of the current state of computers, operating systems, network devices (switches, routers, controllers, radios, control systems, etc) WAN links, and other components. This would be a good time to contract with us for a Cybersecurity Assessment so that your network can be evaluated from an impartial perspective.
Begin with a well-respected plan like The Critical Security Controls for Effective Cyber Defense maintained by the Center for Internet Security or a different plan appropriate for your industry. Evaluate where you want to go against this plan and what is appropriate in your context. This is also a good time to review your IT policies. No one enjoys crafting policy, but good written statements are the starting point for handling the various legal issues involved in Cybersecurity.
Start with the “First Five Quick Wins” from this plan and implement more of your plan in a staged roll-out.
Continuous network monitoring is a must to know the state of your network. How can you know if your defenses have been breached if you’re not continuously monitoring these defenses? For starters, I would suggest monitoring device logs, net-flow information, antivirus defenses, and availability of the most important business processes.
Good training doesn’t cost – it actually pays off big for your organization. Custom Internet Services has developed four targeted seminars to help your business develop a culture of cybersecurity. Each of these classes can be presented in person or as a webinar.
Just how much downtime could your company endure and yet survive? Do you have critical services that customers depend on that need to be always on? Do you need a backup network immediately available? How quickly do you need to be able to recover your data?
These are some of the questions you need to ask yourself when you start to think about Incident Recovery. Most businesses would not survive a few days before they went bankrupt.
We all know we should have data backups, but far too many organizations don’t have a dependable backup plan and solution. Any data recovery solution needs to plan for recovery of both local and cloud-stored data.
All the data stored on various computers needs to be evaluated for backup requirements. Once a backup plan is created, the next important step is to test recovery based on that backup plan. It is far too common for backups to be regularly created, only to discover upon attempted recovery that some key file is missing. Plan, and then test your plan
Cloud providers come under attack, go broke, or otherwise have system failures. It is also possible for your cloud data to be unavailable because of a legal action from some government, even if that legal action isn’t directed against you. Plus, internet access can fail which will limit the accessibility of your cloud stored data. We recommend that you plan for a backup of all cloud stored data.
You also need to consider your plans in case your network is unusable. Do you need to rent an alternative network as a backup? Could much of your processing move to a cloud provider like Microsoft Azure? Or do you have enough leeway that you could wait for a vendor to provide new equipment? These questions need to be settled before an emergency.
Perhaps one of the trickier questions to consider is what your legal liabilities are in the event of a data breach. Do you have customers in the European Union or one of the states with stricter breach notification laws? Do you handle Personally Identifiable Information (PII)? If so, how would you handle a loss of customer PII? Do you have contracts with customers that would be affected in a network breach? What are the legal requirements in your jurisdiction? And do you want to get law enforcement involved in any breach? These questions are important to consider before an emergency arises and should be determined in coordination with your legal team.
The risk of a cybersecurity event is just a normal part of business today. Because of that risk, it would be wise to consider cybersecurity insurance. A number of companies provide policies in this realm. We prefer a policy that includes resources to help the business recover from a cyber event as well as provides coverage for any customer or client losses. We know that this whole process can seem pretty overwhelming. Feel free to contact us so we can help your business create a plan to withstand cybersecurity incidents.