Cyber Security
CGNET has been providing security services for decades. We offer services for potential vulnerabilities in your defense as well as finding malware implanted in your system (Advanced Persistent Threats).
Our services focus on five areas:
Vulnerability Assessment
What’s Involved
CGNET uses a tool that scans a list of all external IP addresses, provided by the customer. The tool looks for common weaknesses associated with the devices at those IP addresses and saves its results in a log. Examples of weaknesses include executable files that have not been updated and passwords that have not been changed from their default settings. It also scans web applications for vulnerabilities to exploits such as SQL injections and cross-site scripting.
• A list of vulnerabilities, sorted by priority, along with an explanation of the potential security risk of each vulnerability
• A management summary of the scan results with recommended remedial actions
Network Security Assessment
What this means is that you can’t assume that a well-behaved network is free of threats. You have to go looking for them and proactively confirm that they’re not there. Fortunately, CGNET’s Network Security Assessment tool can do this for you.
What’s Involved
CGNET works with you to install a monitoring device on the edge of your network. The device examines outbound network traffic, looking for instances of communication with known bad sites. These sites are compiled from monitoring roughly one third of all internet traffic, and the list is continually updated. Monitoring collects information such as what file or program is attempting to communicate, whether it was successful, what endpoint was reached, and whether the communicating file or program was associated with a threat signature.
What Do I Get?
Once the assessment is completed, CGNET produces a report for the customer that includes:
- Details of files analyzed, threats found, assets with downloadable files, and command-and-control sites that files attempted to access
- Endpoints monitored, including those that appear to have been compromised
- Detailed information on active and potential threats uncovered
- Comparison of threats found compared with threats identified by antivirus programs
- A command-and-control blocking score
- A management summary of the assessment results with recommended actions
What’s the Benefit?
The first benefit of a network security assessment is knowledge: now you know if there are threats present.
The second benefit is that you have a prioritized list of actions to take to clean up any threats. Many security products will give you reams of output to analyze—and that’s the problem. With so much information on possible issues, including false positives, it’s overwhelming to sift through the data to find the information that’s truly actionable. With CGNET’s network security assessment, you get right to the heart of the matter: what’s wrong, where is it broken, what should I fix first?
What Does It Cost?
The cost for a network security assessment depends on the number of IP addresses to be scanned. For most organizations, the cost is typically in the $5K-$10K range. You can run the assessment periodically, or you can subscribe to continuous threat monitoring, making sure your network gets clean and stays that way.
Information Security Training
- How important security is to the organization
- How important users are to security
- Caution installing programs
- Cooperating with patching efforts
- Physical security: theft, clean screen, proper paper
- Caution opening attachments
- Caution clicking on links in email
- Caution clicking pop-ups
- Special caution with company data or financial assets
- Creating strong passwords, keeping them private and changing them
- Password managers
- Caution with wi-fi connections on the road
- Protecting your credentials, e.g. multi-factor authentication
- Not using strange flash drives
- Reporting any phishing, lost devices, or any other security issues
In addition, we run phishing tests on all users you select and give you the names of people who clicked and the percentage of users who clicked. We also provide follow-up materials and quizzes to keep users’ knowledge fresh.
What’s the Benefit?
The main benefit is that user awareness can be expected to reduce the risk of information breaches. One study reported that “changing employee behavioral responses to cyber threats such as social media, phishing and other popular attack vectors can reduce an organization’s risk by as much as 70%.” In addition, organizations with effective security training have more confidence in their organization’s security efforts. Finally, many regulations require end-user information security training in order to achieve compliance.
What Does It Cost?
The cost for an effective information security training program depends on the size of the organization and the training modules selected. An average cost among our clients is between $3,000 and $5,000.
Strategic Information Security Planning
- What information assets exist, where are they located, and how are they currently protected?
- What is the kind (financial, reputational) and amount of risk for each asset?
- How does the organization’s current security posture compare, risk by risk, with industry standards and best practices?
- What should be done to close the gap between current and best performance, given the organization’s particular needs and resources, including technology, policies and procedures?
- How should new and improved security controls be implemented over time?
Information Security Policy Development
- A general management commitment to information security
- Clear responsibility for implementing, maintaining and updating security
- Appropriate device use, from password strength to using wireless networks on the road
- Access policies (who has access to what systems or applications, with what level of permissions, for how long)
- Physical access (how are wiring closets and server rooms secured, who has access, how is access documented)
- Administrative access (how is access granted, for how long, with what level of permissions)
- Business continuity and disaster recovery
- Use of mobile devices
- What practices are followed now and what incentives are provided to follow the policy?
- Are there any audit findings that indicate improvement is required in development and application of different policies and procedures?
- What is the desired scope of the plan—what is to be included? Excluded?
- What systems and applications are within scope?
- How do users learn about the policies and the techniques needed to follow them?