Managed services equip companies to deal with changing cybersecurity landscape

Each year seems to bring a broader and more complex array of cyber threats to businesses, and many companies are struggling to keep up with the rapid pace of change. According to a recent survey from security software firm KnowBe4, more than half of IT managers – 51 percent – find security harder to maintain now than a year ago. Preventing cyberthreats and responding quickly to security issues are some of the biggest challenges for companies, which is why many are turning to managed services providers for a more secure infrastructure, as well as functions like malware removal and application support.

“Cybercriminals are constantly devising cunning new ways to trick users into clicking their phishing links or opening infected attachments,” KnowBe4 CEO Stu Sjouwerman stated, adding that companies need to respond with thorough cybersecurity procedures, policies and training.

Another recent study from Solutionary and the NTT Group found that 54 percent of new malware goes undetected by antivirus software. As a result, companies need to make sure they are protected at the application level by using secure software and applying updates, ITBusinessEdge contributor Sue Poremba wrote in a recent column. Leveraging managed services for application support can help ensure software is kept updated and secured against threats, while external expertise can also be valuable in implementing state-of-the-art perimeter solutions and secure data center infrastructure.

Additionally, a managed services provider that offers malware removal can be a valuable partner in responding to and limiting the damage of an incident like an SQL injection attack, which the Solutionary study noted can easily cost a business $200,000 or more. Such protection might be unaffordable for a small business to implement in-house, but, by outsourcing certain IT management functions, companies can access state-of-the-art security solutions and industry-leading expertise. With the right portfolio of tools protecting it, a small business can avoid these ever-expanding threats.

Disaster recovery services, cybersecurity critical to protecting electric grid from attacks

Over the past few years, the utilities industry has made a concentrated effort to make key infrastructure "smarter." The integration of data-capturing devices and automated, software-based management systems has the potential to create smart electric grids that can more effectively use and distribute power, reducing energy costs and environmental impact in the process.

However, turning power grids into connected devices has potentially harrowing implications – a concentrated cyberattack could cause lengthy and widespread outages, not only withholding electricity from businesses and residences, but disrupting communications, healthcare systems and the economy. According to many cybersecurity researchers, the likelihood of a potential problem occurring is less of an "if" and more of a "when." 

Ramping up disaster recovery services and cybersecurity protocols is key to shielding the smart electric grid from a devastating attack. While the federal government tries to increase the efficacy and stringency of its own security measures, it's important that utility companies – from national generators to local distributors – build up their own prevention and backup systems, according to a recent white paper by the three co-chairs of the Bipartisan Policy Center's Electric Grid Cybersecurity Initiative. This effort will require a hybrid system that responds to both physical and cybersecurity threats. 

"Managing cybersecurity risks on the electric grid raises challenges unlike those in more traditional business IT networks and systems," the report stated. "[I]t will be necessary to resolve differences that remain between the frameworks that govern cyber attack response and traditional disaster response."

Disaster recovery efforts need to include backup digital systems that rival physical ones. Electric grids require faultless failover technology that can depend on a secondary backup network if the primary one is taken offline for any reason. As the Baker Institute pointed out in a recent Forbes article, the measure of a disaster recovery system's effectiveness is based on whether the grid can be restarted following a major breach, disruption or cyberattack. Without a system that can effectively monitor, prevent and immediately respond to such threats, the smart electric grid could be putting many key infrastructure systems in danger.

Target breach fallout highlights importance of comprehensive malware removal

Without proactive malware removal, organizations are putting themselves at serious risk. Recent developments in the Target data breach saga highlight the direct costs that can result from a lax approach to eliminating malware. As more details emerge about the hack, which resulted in the compromise of 40 million credit card numbers and 70 million pieces of personal information, it’s become evident that the embattled retailer likely could have prevented the attack if it had a stronger, more comprehensive approach to malware removal.

The latest development, per Bloomberg Businessweek, is the discovery that Target was actually warned about the vulnerability that led to the breach through a malware detection tool. The $1.6 million technology monitored Target servers and computers around the clock, looking for anything amiss. The alert system worked the way it was supposed to, according to FireEye, the malware detection tool’s producer, and the Bangalore-based security specialists in charge of scanning the retailer’s network. They notified Target’s Minneapolis-based security team according to procedure, who ended up not doing anything about it.

Of course, hindsight is 20/20, but it’s worth pointing out that malware detection is only half of the battle. Malware removal requires organizations to be proactive. Whether Target’s security team didn’t recognize the severity of the vulnerability and the need for swift action is undetermined, but it’s important to remember that cyberthreats don’t wait. In an interview with NPR, Businessweek’s Michael Riley said that Target’s reactionary or indecisive approach was unable to keep the hacking attempt at bay.

“Whatever was going on inside Target’s security team, they didn’t recognize this as a serious breach,” Riley told NPR. “There was no serious investigation that went on. They didn’t go to the server itself to figure out what the malware was doing.”

Insulating organizations against attacks and identifying malware are difficult tasks that require constant vigilance. A company unsure of whether it can provide this level of attention should strongly consider adopting a third-party malware removal service that can neutralize threats in a preventative fashion.

You've got mail, and it's a virus: Why organizations need cloud storage services for email

Security researchers recently discovered a cache of personal records for sale on the Internet’s black market, including 1.25 billion email addresses, according to the Independent. Finding one email address for every seven people in the world in the care of hackers is alarming. Email continues to be the central repository for the digital transmission and storage of confidential information and remains one of cybercriminals’ prime targets. Cloud storage services are a must for organizations struggling to take control of email security and management.

Keeping on top of email storage and archival is challenging for organizations of any size. Smaller organizations lack the IT resources of their larger peers, making it difficult to process email and ensure that all files are stored safely. Bigger companies have dedicated IT departments, but they also have massive email systems generated by bigger user bases and more diverse device profiles. The expertise and resources required to maintain in-house email storage are usually too costly. Either way, upholding the integrity of protection and system management at all times is beyond the purview of virtually every organization.

Adhering to traditional models of email storage simply won’t suffice in the face of today’s threat landscape. Moving email to cloud storage services, on the other hand, allows organizations to outsource the hardware and storage support to a trusted third party provider, wrote Nashville Business Journal contributor Richard Pinson.

“Hosting your own email requires constant upgrading, patching, backing up and monitoring,” Pinson wrote. “Once email transitions to the cloud, the service provider is responsible for all storage maintenance tasks and provides the most-recent version of their product.”

Cloud storage services are scalable, meaning that an organization won’t pay for what they don’t use. Over the long term, this is a much more cost-effective option than having to update legacy in-house environments every few years to respond to new security and productivity challenges. It only takes one malicious email ending up in a user’s inbox to let hackers in. In this landscape, organizations need the help of a dedicated cloud provider to keep their confidential information safe.

ISG Announces Executive Responsibility Changes

The Twin Valley family of companies announced leadership changes among their C-Level executives, effective for 2014. John Gunn, President and Co-Founder of ISG Technology, will transition from his current role as President and COO to Chief Strategy Officer of ISG Technology. Gunn will focus on supporting and defining the strategy of ISG Technology.  Gunn currently serves and will remain on the board of directors for all three companies.  Ben Foster, current CEO of all Twin Valley companies, will assume the general management of ISG Technology previously handled by Gunn. Foster will remain President and  CEO for the Twin Valley companies.

“When Twin Valley acquired ISG Technology in 2011 the roadmap and evolution of our company was clear to both John and me,” said Foster. “John has served and will continue to serve as a critical business leader and advisor to the Twin Valley family of companies.  This is a carefully planned transition that will enhance our clients’ ability to attain their organizational goals.”

Additionally, Scott Cissna has joined the Twin Valley companies as CFO, effective January 6, 2014.  Cissna brings more than 20 years of finance experience from the telecommunications, cloud services, and wireless industries.  With his broad base of experience ranging from performing sophisticated analysis to building scalable teams, Cissna is an analytical leader and decision maker hired to help navigate the complex, growing, and rapidly changing landscape where the companies operate.

The Twin Valley family of companies is a privately owned business with diversified investments and holdings in the telecommunications and IT space. The company is diversified through three separate operating entities; Twin Valley Telephone, Twin Valley Communications, and ISG Technology.

Twin Valley Telephone and Twin Valley Communications is the largest privately owned independent telecommunications company in the state of Kansas, providing voice and advanced services in rural areas for more than 65 years.  Over state-of-the-art FTTP infrastructure, Twin Valley’s portfolio includes voice, broadband, television, cloud services, hosted voice, wireless, and security.  Through strategic acquisitions and organic growth, the company has experienced a tenfold growth in the past decade.

ISG Technology is a full spectrum Data Center and IT Infrastructure partner uniquely positioned to provide complete solutions from client premises all the way to the cloud. With more than 30 years of experience, ISG has the unique ability to provide IT equipment (IT Infrastructure), cloud services through a regional Network of Data Centers (Data Center Services), the required connectivity (Bandwidth) to connect it all together, and the ongoing support to help manage client’s IT environments (ITaaS). ISG places a premium on enduring client relationships and reference-ability – attributes only achievable through deep understanding of client business objectives, authoritative vision of what’s possible, and the relentless commitment to deliver successful solutions.