PatchAdvisor Welcomes you to Our Blog!
2017 Will be a Focus Year for Security & Risk Assessment
In 2017, we start the year with much controversy in the security industry, particularly questions surrounding international hacking of our federal systems in the US, as well as private, large scale intrusions into medical records, bank accounts, and many other personal identifiable information breaches. This is clearly a year where security and risk assessment will be in focus for all industries across the globe. At PatchAdvisor (PA), founded in 2003, we stand ready to support the equation for security measures and testing across the board.
Here are some of the landscape facts for a quick view:
This past year’s IBM study found the average consolidated total cost of a data breach grew from $3.8 million to $4 million.
TechRepublic reports that “data loss” topped the list of IT professionals’ cyber attack concerns, with 27% of tech leaders reporting this as their greatest worry. It was followed by service outage (19%), reputation loss (16%), and customer or partner loss (9%).
ComputerWorld UK cites that enterprises are embracing the internet of things — with 71% gathering data from IoT. 451 Research reported in this article that many corporations now turn to public clouds for storage needs, however this data is also showing an IoT skills gap in data analytics and security.
McAfee Labs reports in their annual threat predictions that “hardware and firmware threats are an increasing target for sophisticated attackers.” The 2016 wrapup reiterates, “Hardware vulnerabilities can undermine the operation and security of the entire software stack. Exploiting a hardware vulnerability can compromise an entire system and does not require an exploit of the software stack.”
PatchAdvisor will guide you in this blog with key insights, best practice counsel, how-to tips, and a view of the landscape in large-scale network security, offering new points of view and reminders that will make your systems safer. PA’s reach continues to expand in the Washington federal corridor and worldwide with growth corporations and multi-nationals redefining what “safe and secure” really means. We invite you to visit this blog, to learn from our team of thought leaders and experts, and to engage us in discussion about the most critical topic of our times–network security.
Our team has made more than 80 presentations since our inception, and we look to continue to impart security know-how as it evolves.
For 2017, we highly recommend the four following steps be taken by all types of businesses, and government agencies:
- Be proactive and order a system-wide vulnerability assessment and key levels of penetration testing. Vulnerabilities to be checked include: primary internal and external networks, hosts, applications and wireless networks.
- Review your network design, knowing your scalability and needs for growth this year. Examine your identity management, your security architecture, firewalls, and requirements for external and internal users within network parameters.
- Schedule source code review of internally-developed software. We understand that testing and measurement of levels of security is essential to deployment.
- Realize that automated analysis, while useful, is only the first step to a bottom-line efficient and robust, customized plan for security detection to avoid exploitation.
If the worst has already happened, PatchAdvisor can assist in the analysis and re-design of your security infrastructure. We are not tied to particular vendors and are product agnostic. We are professionals that devise the best plans for your specific needs.
Engage PA in 2017 to protect your organization’s assets. Optimize security without sacrificing operational efficiencies.
PatchAdvisor engagements run the gamut in size and scope of work. Here are two examples:
Example A: Assessment of a dual-DMZ Internet-based electronic commerce application network, and its servers and firewalls.
Example B: A complete assessment of a worldwide multi-billion dollar corporation with over 60,000 live IP addresses. This latter organization had a mixed TCP/IP, IPX, and SNA network including administrative networks, design systems, manufacturing floor networks, field office networks and manufacturing networks in cities around the world.
All questions are important and our team leads welcome them in this forum. Please send specific consulting interest or PA business questions directly to: Trey Wadsworth, PatchAdvisor’s Vice President of Business Development, trey[at]patchadvisor[dot]com.
Jeff Larocca, CEO