Blog

 

onSecurity Podcast

onShore Security presents onSecurity. Host Stel Valavanis, CEO of onShore Security, will explore a variety of topics in the cybersecurity field. These 30-minute episodes feature guests who provide unique perspectives on the chosen topic of discussion; topics include automation in cybersecurity, governance and compliance, endpoint security, and many more cybersecurity-focused discussions.

onShore Security Launches New Vulnerability Management Offering

onShore Security relaunches vulnerability management services, massively expanding the previously offered service. Vulnerability management is necessary for organizations today and required by all cybersecurity compliance frameworks. This newly launched service goes way beyond standard Common Vulnerabilities and Exposure (CVE) scanning, ingesting policies, configurations, and full cloud assets with an automated continuous scan, all incorporated into our Elastic cluster for correlation. Unlike its competitors, onShore Security’s service includes a monthly analyst briefing. The briefing helps organizations make sense of the findings and provides insights that other providers overlook. On top of that, these features are fully integrated with our Elasticsearch-powered Panoptic SIEM®….

Game-Changing FDIC regulations will make us safer

Game-Changing FDIC regulations will make us safer – Stel Valavanis In today’s dangerous world of omnipresent cyber risk, it’s difficult to believe that a banking organization could experience a cyber security incident with no requirement to disclose it. But that has been the case, until now. The FDIC is enforcing new guidelines beginning this spring  for how information is shared about cyber incidents. The new regulation called The Final Rule states that banking organizations need to notify their primary federal regulator of any significant computer-security incidents as soon as possible and no later than 36 hours after the banking organization…

Governance for SMB – MSP 1337 Podcast

onShore Security Governance and Risk Specialist Sarah O’Kelley was a recent guest on the MSP 1337 Podcast, hosted by Chris Johnson. Almost every time I do a security maturity assessment I find that companies are the least mature in Governance. The areas that seem to need the most attention are Policy and Compliance which is to be expected since that is the area we least like to focus on. In this episode, Sarah O’Kelley from onShore Security and I discuss the differences between governance and leadership and how cybersecurity plays into the leadership and health of an organization.

Detection is Your Super Power! – Webinar

Register for Detection is Your Super Power!  Thursday, January 27th, 2022 10:30AM – 11:30AM Central Protecting a network against a hacker used to mean that you had to be on your game 100%, but the hacker only needed to be right once to get in. With detection, however, the tables are turned, and they’re on your territory. Detection becomes your advantage, as they have to avoid making any mistakes and all you have to do is watch and wait. Join us to hear more about how Panoptic Cyberdefense gives you the super power to see all and stop bad actors…

Greater Security Enforcement is Leading to New SEC Fines

Greater Security Enforcement is Leading to New SEC Fines – What You Need to Know Now… – Stel Valavanis, CEO of onShore Security   Notable Ransomware Attacks are Prompting Increased Accountability Announcements this past summer have made it clear that the US Government, and particularly the executive branch, is taking ransomware seriously. This move is unsurprising, as attacks such as SolarWinds and the Colonial Pipeline attack demonstrated the risk that hackers pose to our national security and infrastructure. Supply chain attacks proved that high profile targets mean high levels of risk and greater amounts of collateral damage upon attack. Executive…

Hoodies Vs. Suits – MSP 1337 Podcast

onShore Security CEO Stel Valavanis was a recent guest on the MSP 1337 Podcast, hosted by Chris Johnson.  “A few weeks back, I attended Blue Team Con in Chicago. Based on one of the sessions that discussed the culture challenges and shortages of qualified candidates, I asked the founders of Blue Team Con to join me to discuss the challenges of finding talent and what to look for. Why are hacker (hoodies) conferences always filled by young people? Why are other events that focus more on the blue team security defense side attended by those in business attire (suits) and…

The Ransomware Economy is in the Spotlight and Hackers are Feeling the Heat

The Ransomware Economy is in the Spotlight and Hackers are Feeling the Heat – Stel Valavanis, CEO of onShore Security Ransomware is hot. In 2020, it grew by 336%, with more than 370 million dollars in cryptocurrency paid to hackers and the “vendors” that support them. Ransomware is driving the cybercrime economy and helping it to grow, but it might also be its biggest problem. From Solitary Attackers to Enterprise Operations Ransomware has historically had the benefit of a reputation as a cottage industry, with the image of an attacker still being that of a lone black hat in a…

Threat Intelligence Pioneer Joins Cybersecurity Leader onShore Security

Threat Intelligence Pioneer Joins Cybersecurity Leader onShore Security Craig Brozefsky returns to onShore Security PRESS RELEASE  UPDATED: JUL 29, 2021 11:28 CDT CHICAGO, July 29, 2021 (Newswire.com) – onShore Security, one of the nation’s top Managed Detection and Response (MDR) providers today proudly announced the addition of threat intelligence powerhouse Craig Brozefsky to its growing roster of top talent leading the way in today’s increasingly complex and high-stakes cybersecurity landscape. Brozefsky joins onShore Security’s team as Senior Engineer and brings experience from his previous work on THREATBrain, a malware behavioral analysis engine. This industry-leading work led Brozefsky to a position as Director of Engineering at ThreatGRID…

onShore Security Expands Innovative Use of Elastic Stack in Developing Next-Generation Cybersecurity Offerings

PRESS RELEASE  UPDATED: JUN 9, 2021 CHICAGO, June 9, 2021 (Newswire.com) – In an industry-leading advancement, onShore Security, one of the nation’s top Managed Detection and Response (MDR) providers, is leveraging its long-standing partnership with Elastic, creators of Elasticsearch and its related suite of solutions in the Elastic Stack, to create a next-level cybersecurity service. The move positions onShore Security’s customers across Banking and Financial Services, Construction, Education, and Healthcare ahead of the competition in terms of threat detection and protection. “With the new Elastic functionality, we have greatly enhanced our ability to perform threat modeling across client telemetry while maintaining full client data segmentation…

Cybersecurity Solutions Still Alienate the SMB

MSP1337 Podcast – Cybersecurity Solutions Still Alienate the SMB onShore Security CEO Stel Valavanis was a recent guest on the MSP1337 Podcast, hosted by Chris Johnson. To watch the interview, or listen to the audio podcast, please use the embedded players below. In this week’s episode, I sit down with Stel Valavanis of onShore Security to discuss Cybersecurity tools and solutions from the perspective of a Managed Service Provider. Stel brings a lot of insight as his company has been an MSP who focused on the SMB and now is a Managed Security Service Provider, focused on the Mid-market and…

Open Source, High Security Collaboration

“As COVID-19 continues to change the way we work, and where we work, businesses are reconsidering decisions made in a crisis mitigation mindset, and planning for the future we now live (and work) in.” Open Source, High Security Collaboration As COVID-19 continues to change the way we work, and where we work, businesses are reconsidering decisions made in a crisis mitigation mindset, and planning for the future we now live (and work) in. At the outset of the pandemic, teams were sent home and often directed to do what they needed to do to stay operational as fully (and quickly)…

Offering a 401(k) Could Leave Your Organization More Vulnerable to Cybercrime

“Any business large enough to offer retirement benefits can be considered a target with financial information worth stealing, especially as attackers know that employers and plan sponsors are usually not required to have sophisticated cybersecurity measures in place, and are new vectors of vulnerability.”

Offering a 401(k) Could Leave Your Organization More Vulnerable to Cybercrime
-Stel Valavanis

It’s no surprise to those in the financial services industry that they are required and expected to have a certain layer of cybersecurity. The information they work with on a daily basis can easily be used for cybercrime, should it fall into the wrong hands, and so financial institutions protect their data against hackers and cybercrime. What may be a surprise, however, is the threshold for what could rightfully be considered a financial institution. Any business large enough to offer retirement benefits can be considered a target with financial information worth stealing, especially as attackers know that employers and plan sponsors are usually not required to have sophisticated cybersecurity measures in place, and are new vectors of vulnerability. Organizations that have not planned for high-level cybersecurity attacks, not seeing themselves as potential victims, are frequent targets of experienced hacking groups. Organizations that are involved with 401(k), either as employer or plan sponsor, should consider that the data they retain may require the kind of security measures that self-identified financial institutions consider part of their daily operations.

Chicago’s Tech Future

As October is Cybersecurity Awareness month, it seems more relevant than ever to highlight the role that cybersecurity can play in a company’s ability to retain the startup spirit, expand into new opportunities, and continue their digital transformation. This is why we say “Security gives us freedom”. Staying “cyber smart” goes beyond following a list of simple tips, however. As we say at onShore, security is a process, not a product. It is a challenge that must be answered every day. Our chances are better, our energies better spent, our initiatives are more likely to succeed when we work together….

To Pay or Not To Pay Ransomware, That Is the Question…

As long as there exists the false perception that ransomware can be waved away quickly by paying criminals’ demands, there will be organizations that see it as their best practice. In order to defeat it as a threat, the entire cybersecurity world, and the business world at large, must stand together and declare their complete unwillingness to negotiate with criminals.”

To Pay or Not To Pay Ransomware, That Is the Question…
By Stel Valavanis, CEO onShore Security

Ransomware attack

I’m beginning to think we should ban ransom payments to criminals or at least disallow insurance to cover them. I know that sounds extreme, but hear me out. It’s very worth exploring at this time, as the scope of the problem is exponentially growing in the wake of COVID-19. According to a new report by Emisoft, ransomware demand costs could reach new highs this year exceeding $1.4B in the U.S. in 2020.

Opportunities for Change: How Boomers are Re-inventing Business During COVID-19

“Boomers are in a different life stage that can offer them exciting new opportunities like pursuing lifelong dreams of entrepreneurship.”

The world of business changes at a blistering pace, and even under the best of circumstances, it can be difficult to keep up. In 2020, with COVID-19, remote working becoming the norm, and all the vulnerability that goes along with unexpected change, it is more important than ever to make smart choices, turning potential threats into opportunities.

Stelios Valavanis, founder and CEO of onShore Security, sat down recently with Hanh Brown of the Boomer Living podcast to talk about entrepreneurship, digital transformation, and cybersecurity in this new business landscape. Listen to the full interview with the player below.