onShore Security presents onSecurity. Host Stel Valavanis, CEO of onShore Security, will explore a variety of topics in the cybersecurity field. These 30-minute episodes feature guests who provide unique perspectives on the chosen topic of discussion; topics include automation in cybersecurity, governance and compliance, endpoint security, and many more cybersecurity-focused discussions.
onShore Security Launches New Vulnerability Management Offering
onShore Security relaunches vulnerability management services, massively expanding the previously offered service. Vulnerability management is necessary for organizations today and required by all cybersecurity compliance frameworks. This newly launched service goes way beyond standard Common Vulnerabilities and Exposure (CVE) scanning, ingesting policies, configurations, and full cloud assets with an automated continuous scan, all incorporated into our Elastic cluster for correlation. Unlike its competitors, onShore Security’s service includes a monthly analyst briefing. The briefing helps organizations make sense of the findings and provides insights that other providers overlook. On top of that, these features are fully integrated with our Elasticsearch-powered Panoptic SIEM®.
Steve Kent, CTO of onShore Security, said, “By correlating found vulnerabilities with system and network activity, we can prioritize critical patches within specific environments, and help reduce our client’s risk exposure – both in the immediate and long term.”
“This is a complete revamp of our CVMaaS offering,” Stel Valavanis, CEO of onShore Security adds. “Because vulnerability management, beyond just regular scanning, has risen to the level of a required GRC [Governance, Risk, Compliance] process for enterprise, we’ve added continuous scanning and full analytics via our Elastic Stack big data platform. Add to this much deeper inspection of AD, GPOs, Azure configurations, etc., and you get a whole other level of offering that begs for a new name.”
To find out more about this new service, go to www.onshore.com/continuous-vulnerability-management/.
Game-Changing FDIC regulations will make us safer
Game-Changing FDIC regulations will make us safer
– Stel Valavanis
In today’s dangerous world of omnipresent cyber risk, it’s difficult to believe that a banking organization could experience a cyber security incident with no requirement to disclose it. But that has been the case, until now.
The FDIC is enforcing new guidelines beginning this spring for how information is shared about cyber incidents. The new regulation called The Final Rule states that banking organizations need to notify their primary federal regulator of any significant computer-security incidents as soon as possible and no later than 36 hours after the banking organization has determined that a cyber incident has occurred.
These notifications are will now be required when incidents have the following attributes:
- An incident has materially affected, or is likely to materially affect, the viability of a banking organization’s operations
- The banking organization cannot deliver its usual banking products and services to customers
- The incident has the ability to affect the stability of the financial sector
Additionally, the FDIC notes that when it has been determined that a computer security incident has materially affected, or is likely to affect, an organization’s customer base for four or more hours, customers must also be notified. This rule is set to go into effect on April 1, 2022, allowing banks to comply by May 1, 2022. Clearly this is not an easy task even for organizations with more mature cybersecurity, but it is necessary and here’s why.
Proper detection needs to be available in order to comply with these regulations. The notice of a cyber incident cannot be made if the breach is never detected in the first place. Organizations need to deploy necessary cybersecurity to be vigilant of these threats. Even with cybersecurity present, if a breach is made, accurate information needs to be reported to those who can fix it. This information can be used to better protect areas that have shown vulnerability. Data needs to be properly collected, analyzed, and modeled in order to fully understand what a possible attacker may want. Data allows analysts to do forensics and be better prepared for future incidents that may occur.
The faster that these incidents are reported, the less damage an organization, as well as those affiliated with that organization, will suffer. A swift and informed response indicates to customers and shareholders that they are in good hands. Taking control of a cyber incident as fast as possible is crucial. The FDIC implementing this policy is a great step in both highlighting and preventing cybercrime. The more visible these threats are, the more serious organizations will take them.
Through the implementation of this new rule, increased visibility in the financial space will occur. The knowledge of what data might have been breached and how that affects individuals can lead to more informed decisions by both the consumer and the banks themselves. An emphasis on knowledge sharing can allow organizations to run more effectively. Additionally, this visibility provides information to vendors of these banking organizations. Banks have a variety of vendors that they need to disclose this information to. The faster a bank handles these issues, the faster associated vendors can minimize damage to themselves.
While this new rule appeals directly to customers and vendors, banks themselves may be hesitant about the 36 hour rule. For one, these organizations have reputations to uphold, and a cyber incident occurring could affect how the general public sees them. They have shareholders and large clients that they need to keep happy and a cyber incident could lead to a loss of trust. Additionally, complying to such stringent policies could be a burden on the IT department of these institutions. If an organization’s cybersecurity team is not well structured it could be an overwhelming task. Insurance rates could also dissuade banking organizations from disclosing their incidents. They have incentive to want to keep insurance companies unaware of the possible attacks they have faced.
This regulation is coming a bit late, frankly the fact that without this regulation a banking organization could have had a cyber incident without disclosing is appalling. I truly believe this regulation will have an impact, these organizations will step up their policies and procedures, hold data longer, and in a more usable way, and perform tabletop exercises to make sure their incident reports are done well. These organizations will provide an even playing field for customers, vendors, and shareholders for they have to make these decisions. Let’s hope we see more smart regulation like this in future.
Photo Attribution: Coolcaesar at English Wikipedia
Digital Warfare in Ukraine and Abroad
onShore Security CEO Stel Valavanis joined WTTW’s Chicago Tonight on the evening of March 2nd, 2022 to discuss reported cyberattacks in Ukraine, domestic cybersecurity, and the future implications and growing concern of cyberwarfare.
Governance for SMB – MSP 1337 Podcast
onShore Security Governance and Risk Specialist Sarah O’Kelley was a recent guest on the MSP 1337 Podcast, hosted by Chris Johnson.
Almost every time I do a security maturity assessment I find that companies are the least mature in Governance. The areas that seem to need the most attention are Policy and Compliance which is to be expected since that is the area we least like to focus on. In this episode, Sarah O’Kelley from onShore Security and I discuss the differences between governance and leadership and how cybersecurity plays into the leadership and health of an organization.
- « Previous Page
- Next Page »