Don’t Forget to Set the Alarm on Your Network
Joel Caskey
Cybersecurity Manager & Partner
NET Xperts LLC
Greetings, Cybersecurity Superheroes!
In the last episode of our Cybersecurity House Securing adventure, we talked about locking the doors and windows. The first step to keeping the bad guys out – lock the door! The stronger the lock (password and MFA), the less likely an attacker is to get in. But let’s talk about detection for a minute…
How many of you have an alarm system for your home or business? How many of you set the alarm when you’re home to monitor your outside doors and windows? For businesses, how many of you have emergency exit doors that are always alarmed? Well, did you know that the same protection exists for your network as well?
Attacks are happening regularly, and small businesses are prime targets. Everyone is familiar with the scary red Ransomware screen, or the “Your computer has been hacked, call us at Microsoft at this random number” screen. But did you know that it’s possible for a bad actor to gain access to your network silently and just sit there and recon for a while before they attack? Or worse, they can attack and compromise your data without you even knowing it! Generally, an attacker can sit on your network for 45-90 days silently just to mess around and see what’s out there before they strike and make themselves known.
Now, I know what you’re thinking – “Joel, I’ve got that covered… I check my security logs every day and I analyze my firewall logs to make sure that nothing is going to nefarious places!”. Oh wait, you’re not doing that? You don’t have time in your day to do your normal workload plus review security logs? You don’t have the in-house expertise to decipher the massive security logs on every single computer in your organization? Well – Great news! I have a solution for you.
Security Information and Event Management (or SIEM, for short) programs exist to take the time-consuming collection and analysis out of this equation. SIEM takes all those massive event logs, traffic logs, security logs, and E-mail logs, and boils them all down into a correlating “security event”. That event then has meaningful data that we can look at to analyze to see what’s happening on your network. It can detect something as simple as someone inadvertently going to a bad site, or it could detect a ransomware event in progress. It will see items like privilege escalation, clearing of backups, and other tell-tale signs of a breach that may be taking place on your network. Essentially, SIEM is the alarm system on your network.
Early detection is CRITICAL in a security incident. The sooner you find out that it’s happening, the sooner you can remediate it and minimize the damage. Think of it like a fire – the earlier you detect it and put it out, the less damage it causes. The same comparison is true about a security event – it’s like a fire on your network, although fires don’t typically steal data from you to distribute and sell on the internet, but that’s a different story.
Our NET X SIEM program is perfect for small businesses that don’t have an in-house dedicated cybersecurity staff. We can supplement your existing IT Staff and give them an extra set of eyes, or we can fully manage the process for you and provide remediation. And by the way – did I mention we are running a promo right now for SIEM installation for Cybersecurity Awareness Month? Reach out to us – we can help. Let us be the alarm system on your network!
You wouldn’t run your business without a security system. Just like having an alarm system on your business will bring your insurance premiums down, having a SIEM system on your network will reduce your Cyber Liability policy. Insurance carriers are asking for it, and it’s going to become a more and more common requirement as the years go on. We make it affordable for your small business to have a 24/7 Security Operations Center watching over everything to see those tell-tale signs of something bad that may be occurring.
The average cost of a breach for a small business can range from $120,000 all the way up to $1.24 Million. Yes, that’s for a small business. How can you afford not to protect yourself and your customers?
Reach out to our experienced team at (412) 244-NETX (6389) and let’s have a conversation about this today.
Until next time, Cybersecurity Superheroes – Be safe out there!