Have you ever wondered if the bad guys are really trying to compromise your corporate network or those of your customers? With all the potential targets out there, surely it’s the other guys who have to worry, right? A customer told me the other day that budgets are tight this year and he has so many priorities, that he feels like he has to take his chances with cyber security right now. He has a firewall after all.
These thoughts are certainly not unique, but hopefully you would agree that the frequency of news articles posted about companies that have been hacked is accelerating at an alarming pace. One example of a common threat today is ransomware. It turns out that most people’s identities have already been stolen and resold on the dark web so many times that it is becoming a commodity. Yahoo alone has over one billion users who have been compromised over three years in multiple attacks.1 Attackers are now looking for other ways to exploit companies and they use ransomware as a solution. It turns out that it’s quite easy to take data that only your customer might care about and turn it into a revenue stream by using automation to target customers and then encrypting their data and holding it for ransom.
Keep in mind that you can pay the ransom and get the keys to decrypt your data, but on average, at least 10 percent of your encrypted system is unrecoverable, so paying doesn’t guarantee smooth sailing past the problem. Worse yet, the bad guys still have their malware on your computers after the incident and might attack you again. According to a Microsoft Advanced Analytics whitepaper, the bad guy has been in your network for at least 140 days and knows where to hide.2
Proven tools to protect against hacking are hard to find.
So what is a customer supposed to do to protect themselves from the automation that is on the Net that attacks them day in and day out? After all, a Clark School study at the University of Maryland said that hackers attack an internet-attached device every 39 seconds. The answer must include a combination of people, process and technology. Customers need more than just tools to scan the network for vulnerabilities and monitor the logs of critical systems. They also need a qualified security staff who knows what they are looking at if the technology returns a sign of intrusion.
Unfortunately, good security experts are very hard to find. Forbes estimate that there are over 250 thousand unfilled security positions in the U.S. at the moment.3 In addition, a customer needs a well-documented process that includes how they will handle an intrusion, and policies on how to stop the attack and then recover in the aftermath. Finally, customers need a solid technology solution that can find the bad guys before they have time to map the corporate network and identify soft spots to attack. For a company that might make widgets, this is probably a tall order.
Can’t afford to invest in a security operations center? Get Recon™.
As a solutions specialist, Tech Data is committed to helping you develop solutions that meet the needs of your customers, including cyber security. Can’t afford to investing in building a security operations center and hiring qualified security analysts to “watch the wire” for your customers? Technology Solutions has created a managed security service called ReconTM that allows you to either resell the service under the Technology Solutions ReconTM name or have the option to white-label it under your own brand.
The benefits of using Recon include higher margins when coupling the managed security service margin with margin from selling security products such as Check Point or TippingPoint firewalls, Cisco ASA with FirePOWER or an F5 Big-IP appliance.
With the combination of highly skilled security people, well-defined security operations processes, and cutting-edge technology that provides log monitoring, vulnerability assessment, host/network intrusion detection and external threat feed intelligence, ReconTM can serve the role of eye-in-the-sky for your customers and find threats before they become incidents.
1 “An Important Message to Yahoo Users on Security.” Yahoo. September 2016
2 “Microsoft Advanced Threat Analytics.” Microsoft. 2016
3 “One Million Cybersecurity Job Openings in 2016.” Forbes. January 2016