<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=352585001801011&amp;ev=PageView&amp;noscript=1">
Matt Kozloski

By: Matt Kozloski on November 2nd, 2017

Print/Save as PDF

Overwhelmed or Annoyed by Cybersecurity? Cybersecurity-as-a-Service May Be for You

Cybersecurity | Managed Services

Given the current cyber threat landscape, we think it’s a good time to talk about what to actually do about cybersecurity. After all, though you likely hear about a new data breach or critical vulnerability every other week, awareness without action isn’t much use! Before we dive in, however, let’s talk about some thought patterns we often see that prevent companies from taking effective action on cybersecurity.


We're proud to offer an lightweight way to understand the potential cost of a program. Get your custom cybersecurity program budget range here.

Estimate My Cybersecurity Budget Range


“Why should I have to pay a new tax to keep doing business the way I always have?”

Many businesses we talk to have been around for a long time, and their core business model has not changed. When they hear that they’re now supposed to take on a new cost-center in cybersecurity, it can feel like a Mafioso showing up at their door and saying, “Nice business data you’ve got there. Be a shame if something happened to it.” Now there’s another party they’re supposed to pay just to continue doing business as they always have.

We understand the frustration, but it stems from a faulty assumption. Yours is an Internet-connected business, and it is impossible to overstate how much it has benefitted from the rapid growth and evolution of the Internet in the last 20 years. Your business has changed, because the Internet has changed. Imagine you run a local retail store, and thousands of new people suddenly move to your town. Business booms, but suddenly, so does the risk of break-ins and theft. What do you do? You accept that new growth means new costs, and you install modern locks and an alarm system.

Like our hypothetical town, the Internet has brought an immense new market to your business. As the Internet has grown, so have the number of data-breaches: in 2016, data breaches increased by 40%, and the trend is likely to continue. A modern cybersecurity posture is a new cost of doing business.

“We’ve always done things this way, and our system has never been breached.”

Of course, many businesses have never experienced a significant data breach. (Or, at least, they don’t know they’ve experienced a breach – many breaches go undetected for years.) Like a gambler on a winning streak, it’s all too easy to downplay risks when we’ve never been burned – it’s human nature. An individual may have been texting while driving for years without incident, but this does not change the fact that each time they do, they are substantially and quantifiably increasing their risk of causing a fatal accident.

Cybersecurity is no different. Having a poor cybersecurity posture exposes your business to a level of risk that any business owner would find unacceptable upon reflection. Burying your head in the sand won’t change this. Every business needs to determine their actual and acceptable levels of risk, and then implement effective cybersecurity strategies to bring the two in line. Anything else is just a game of Russian-roulette.

“Effective Cybersecurity is Either Too Expensive or Too Complicated.”

We get it. You can’t afford to hire dedicated cybersecurity staff. You’ve done lots of research, but you can’t figure out specifically which cybersecurity systems to buy. You’ve even looked at Cybersecurity-as-a-Service options. They promise comprehensive, turnkey solutions, but when you read the fine-print, there are omissions: one doesn’t handle mobile device security, another can’t help you with DNS protection. How are you supposed to choose? And when you buy software to shore up the system’s shortcomings, who will install and integrate everything?

We don’t think it has to be this way, so we set out to create a truly comprehensive Cybersecurity-as-a-Service offering we call Defend Forward. Here’s how we did that.

Cybersecurity-as-a-Service done right is the essence of defense in depth

Defense in depth is a security approach developed by the NSA that uses multiple independent and redundant systems to defend against any particular attack. The strategy acknowledges that any individual security measure will at some point be vulnerable. However, by using multiple layers of different and independent security controls, the risk of breach can be dramatically reduced: it is much less likely that every layer will be vulnerable at the same time. It’s extremely effective, but a lot for individual companies to handle on their own. That’s why Cybersecurity-as-a-Service really lends itself to this approach.

As an analogy, you might place locks on your doors and windows, as well as install a security system to immediately notify the police in case of a break-in. Your important documents and bank passwords might be kept in a hidden safe. And you might have your bank set up to alert you immediately whenever your credit card is used. It then becomes fairly unlikely that someone will break your locks, avoid tripping your security system, find and crack your safe, and then use your credit without your bank noticing.

Defend Forward implements this strategy through a full suite of security software, combined with monitoring by cybersecurity professionals.

Firewalls

No Cybersecurity-as-a-Service offering would be in any way effective without next-generation firewalls. These systems don’t simply deny or allow access based on a static list of IP addresses. They are living, breathing parts of your network, analyzing all traffic in real-time. Next-generation firewalls are truly powerful, but they must be configured and maintained. We think a key part of Cybersecurity-as-a-Service is fully managed firewalls: our staff do regular management and maintenance, watching for and troubleshooting hardware failure, packet loss, or performance problems to keep your network fast and safe.

Employee Cybersecurity Training

Your employees are your greatest asset, but when it comes to security they can also be your weakest link. Security breaches are all too often the result of an employee unwittingly giving out sensitive information or downloading malicious software. To be truly comprehensive, a Cybersecurity-as-a-Service offering must include managed employee awareness training. Our program includes an annual online course with ongoing monthly learning modules. This keeps your whole team up to date on common threats and protection strategies.

DNS Protection

Domain Name System (DNS) is like the address book of the Internet. When you type “www.google.com” into your browser, your browser looks that address up in a DNS record to figure out what server to point your computer to. Hackers can exploit this by pointing a particular URL to a malicious website. If an employee at your company visits such a compromised site, it can introduce malware into your network. Specialty software constantly monitors DNS records so that when you try to go to “www.google.com,” that’s where you go. This is a commonly overlooked component that we feel is essential to a Cybersecurity-as-a-Service offering.

Centrally-Managed Anti-virus Software and Advanced Malware Protection for Endpoints

Centrally-managed, enterprise-grade antivirus software is now accessible by smaller companies engaging in Cybersecurity-as-a-Service and keeps your system safe from known malware. However, what about new malware that’s as yet unknown? That’s where our Advanced Malware Protection (AMP) for Endpoints comes in. It monitors the network’s endpoints for malicious behavior activity to thwart attacks that would penetrate standard anti-virus software.

Let’s Pause for a Minute

Think about these layers of protection. Malicious software looking to attack your network would somehow have to get past your next-gen firewall, one of your well-trained employees would have to make a mistake, your DNS-protection would have to be bypassed, and then the attack would have to go undetected by antivirus software, and its activity would have to avoid triggering your endpoint AMP. This is what we mean by defense in depth.

There are additional layers we haven’t covered, such as the Mobile Device Management (to keep your employees’ mobile devices secure when they’re out in the world) and Managed Multi-factor Authentication (to gain access to your network, an attacker needs not only a user’s password but also needs access to a “second factor” such as that user’s cellphone: configuring and managing such a system for your network access is part of Defend Forward).

Even more important, however, is that this is Cybersecurity-as-a-Service. We haven’t simply slapped our logo on a bunch of software. We offer Defend Forward as an integrated and fully-managed cybersecurity solution. This includes:

Virtual Chief Information Security Officer (vCISO)

Your Virtual Chief Information Security Officer is a cybersecurity expert who will be there to guide you through the process of designing and implementing your cybersecurity strategy, as well as be there to help you with incident response should you experience an emergency. Our vCISO meets with clients quarterly to discuss the effectiveness of your Cybersecurity-as-a-Service program, as well as answer questions regarding security strategy, risk assessment, or compliance.

Regular Internal and External Vulnerability Assessments

Cybersecurity-as-a-Service creates an opportunity for a combination of automated tools and manual validation to check your network for vulnerabilities. We conduct manual checks biannually for internal vulnerabilities, and annually for external vulnerabilities. Your network changes over time, and these checks ensure that Defend Forward is configured to keep it safe. Of course, your vCISO is available to help interpret and act on the detailed reports from these assessments.

Security Operation Center Monitoring

What company can afford its own round-the-clock cybersecurity monitoring center? With Cybersecurity-as-a-Service, yours probably can. Our Security Operations Center is staffed with experts that provide 24/7/365 monitoring of your network. This full-time, human oversight ensures that even if something does make it past your firewalls, it will be noticed and thwarted.

Defend Forward

With Defend Forward, we set out to create the most comprehensive Cybersecurity-as-a-Service offering available by anyone, anywhere in the world. (If you think you have us beat, please let us know!). With multiple layers of protection, regular vulnerability assessments, full-time monitoring, and a talented Virtual Chief Information Security Officer to oversee everything, it’s as close to foolproof as we know how to get and that makes us and our clients feel really good.

The best part? Defend Forward is competitively priced. Seriously. If you think Cybersecurity-as-a-Service might be for you, get started with a no-cost cybersecurity study.

New Call-to-action

About Matt Kozloski

Matt is an IT industry veteran and well-versed in professional services. He is the former leader of the CT VMUG. VCDX # 194, CISSP # 526947.