Mar 02, 2021
Why Are Backups Not the Same as Disaster Recovery?
At this point, you have probably implemented some of the basic security requirements like MFA and secure passwords. But cybercrime is advancing far quicker than most companies are adopting new security technologies.
In talking with many of our customers and helping them through cyber insurance renewals and in some unfortunate situations dealing with cyber insurance claims – the next iteration of security requirements is going to include advanced security software.
The lowest hanging fruit in this category is event logging and incident management. Every time you click on an application, save a file, install new software, an event is created in the log. This happens millions of times a day if you factor in all of your machines, users, etc. Similarly to this, when the bad guys have infiltrated your network, the things they are doing generate an entry in the log. In order to catch them, before the damage is very costly, or potentially irreversible, we need software in place to parse the logs, identify suspicious behavior, and notify us so that we can investigate.
A good way to think about this software is to think of your home security. If someone were to break in your house, would you want to know about it? If you were out on a date on Friday night, and about to head home, wouldn’t you want to know someone was hiding in your closet? If they had come and gone, wouldn’t you like to know how they got in, what they touched, if they took any pictures, or what they took?
The software described above will do these things, but for your network and files. It will tell us when the bad guys got in, how they got in, what they did while they were in, if they exfiltrated any data (THIS IS MAJORLY IMPORTANT). More and more cyber insurance companies are requiring this software, and it could be the difference in a successful or denied claim.
If you have questions this software or need help navigating what steps you should be taking- reach out to us.