Blog

Attacking Cyber Threats: Block First, Ask Questions Later 

 

 

At RedZone, we like to attack cyber threatin a proactive manner. In other words, we block first; then ask questions later. This allows our automated threat blocking, hunting, response and recovery measures to take form, eliminating as much noise as possible from your organization. 

What ‘Block First, Ask Questions Later’ Does For You 

 Designing a system that does the blocking first allows us to eliminate the proliferation of false positives in your network on the spot. Using a stack of technologies like: 

  • SonicWall 
  • Microsoft MFA/CA 
  • Conditional Access 
  • OpenDNS 

 This gives us more visibility into what is going on in different quadrants and drastically decreases the chance that someone has to be woken up in the middle of the night to take action to mitigate a threat. Once a threat has been blocked, there’s still more work to be done. This is where the RedZone VISO service program kicks into high gear, focusing on taking a continuous proactive review and improvement process using Microsoft ATP and SonicWALL Cloud App Security.  

 Our VISO program is the continuous health process that your company needs to mitigate the risks at hand. The VISO program process is identified after feedback has been accumulated that allows our internal team to support your organization in making the proper improvements to your recovery loop. 

 Keeping Your Team In The Loop 24/7 

 Our success in threat blocking, hunting, and response & recovery is driven by our focus on keeping humans in the loop 24/7. RedZone’s Co-Managed IT Security (Co-MITS) partnership is propelled by a series of notices and alerts via Alert Logic and Event Tracker that gives you real-time information on how threats are being automatically being hunted and discovered within your environment. This gives our team firm grasp on what risks are present in your organization and how we can work hand-in-hand with your team to manage those risks on a proactive basis in the future. 

To talk to one of the world’s most trusted resources in building your Co-Managed Security program use this link here. 

Successfully Integrate Intentional Learning In Your Busy Day With Beth Boucher

Intentional Learning

Following her roles in the service industry and time spent furthering her higher education, Beth Boucher was invigorated with a thirst for implementing intentional learning in her daily life. Her curiosity for personal growth has led her to mentor at the lowest levels of the organization where she learns just as much from those she mentors as she teaches.

Our guest Beth Boucher is the SVP & Global CIO of Sirius Group, part of the NY CIO Governing Body Leadership Team, and recent Global category winner at the 2020 New York ORBIE Awards.

Beth’s experience with higher education, while working to fund her degree, taught her desire, respect and perseverance. She learned that no matter what the task at hand is that you must always strive to be excellent at it and to be constantly in a state of intentional learning.

Beth tells incredible stories revolving around her attitude and experiences related to mentorship that are absolutely captivating. Her extremely diverse background and fascinating experiences have allowed her to cultivate a lifelong learning track and reach her full potential. She truly enjoys the challenges of leading transformations which require both business and technology change management.

Throughout her career, Beth has gravitated towards opportunities focused on resolving business problems by restoring and rebuilding global teams while leveraging strategic partners and suppliers effectively. It is for these reasons that she has become an instrumental leader for digital transformations at various Fortune 500 organizations and a source of motivation for entrepreneurs and CIOs around the world.

Listen as Beth and I discuss the key points to thriving after the rewarding experience of higher education and how you can start thinking about human talent differently to help your career and company become more productive and successful in the future.

Continue reading

What Are The Benefits of Co-Managed IT Security?

When you need an expert, your internal IT and Security teams might be up to the task in the short term. The long term is a different story. Removing this boulder of security burden from your internal IT and Security teams is vital to getting them out of support ticket hell and back into playing to their strengths. 

 This is where having a Co-Managed IT Security (Co-MITS) services company like RedZone Technologiestakes on some responsibility and becomes an extension of your organization. If you’re not familiar with Co-MITS, here are the many benefits of these dynamic and flexible companies: 

  1. Co-MITS protect your IT & Security teams from getting overwhelmed. 
  • Co-MITS focus on solving key technical problems that are pressure points for your organization. This gives your IT and security teams gain the confidence they need to overcome their fears, thereby giving you relief from overwhelming situations. 
  1. Co-MITS save you money by adding value to your organization. 
  • Co-MITS aren’t here to replace your staff. We’re here to make them better. This propels your internal teams to become more valuable assets to your organization while we work hand-in-hand with them to assertively solve security problems while spending less money. 
  1. Co-MITS can help your internal teams effectively make the jump to the cloud. 
  • Transitioning to the cloud is no longer a recommendation; it’s a requirement. If your team isn’t skilled at migrating to the cloud, Co-MITS will work with them to level-up their skills that help your organization effectively make the jump to the cloud.  
  1. Co-MITS proactively track your most essential IT & Security events. 
  • Think of Co-MITS as the masters of process management. They are tremendously skilled at keeping track of events, alerts, projects and determining the course of action that help your organization tackle the day’s top challenges including auditing, risk governance, compliance and more.  

 For more information and to talk to one of the world’s most trusted resources in building your Co-Managed Security program use this link here. 

 

The Tangible Value of a RedZone Red, Yellow, Green Report

 

Are You Getting a Red,Yellow,Green Report from Your MSP and MSSP?

The RedZone comprehensive monthly audits process provides an easy to digest, color-coded structure. Like a stoplight at an intersection directs traffic, these reports display Red, Yellow, Green coding based on the priority of a specific report statement. This gives your team a proactive edge by providing you with valuable information at a quick glance.
Let’s go over the details of how we configure these reports so that you can see the tangible value of this report first-hand.

Red, Yellow, Green Reports
Every year we lose in the US 300k plus people due to infections in hospitals. Mistakes are made and lives are lost.  We use WIP (work in progress) status each month to manage mistakes and assign accountability to necessary tasks and assignments both of the RedZone team and your team as well.

These Red, Yellow, Green reports are a critical tool that gives companies like yours the ability to cut through the chaos and find clarity.

WHAT DO THE COLORS MEAN?

Green Status = No WIPs
Yellow Status = Outstanding WIPs present
Red Status = Several health checks + support tickets open; it’s being tracked

These reports help put everything into perspective for your organization. It gives your team the information it needs to identify priorities rather than figuratively throw darts at a dart board hoping to get a bullseye with security.  Now you have prioritization and a way to measure areas of success and weakness within your security program.

After checking each system, the RedZone team will follow up with you with a status update for each WIP. This proactive process is not only important for visibility and accountability purposes, it also gives you valuable information at a glance that you can use to continue tactically innovating your defensive security posture each month.

Would you like a proactive approach to IT Security in your organization?
Set up a meeting to discuss our Red, Yellow and Green Report Methodology today.
Use this link

Ross Young, Creator of the OWASP “Tasmanian Devil” Threat and Safeguard Matrix [TaSM]

If malware slipped through your network’s firewall, what processes would your organization follow to identify it, detect it, respond to it, recover from it, and protect against similar attacks in the future? If you don’t have a thorough plan in place to put in motion for this eventuality then it’s best to pay close attention to my interview with the creator of the Open Web Application Security Project (OWASP) Threat and Safeguard Matrix [TaSM], Ross Young.

Ross Young has had a successful career in the private and public workforce on the offensive and defensive security side. He is the current Chief Information Security Officer (CISO) at Caterpillar Financial who, prior to this, was also a Divisional CISO at Capital One, spent more than 10 years in the CIA, while holding high-level security roles at The Federal Reserve and NSA.

Ross also pioneered the OWASP Threat and Safeguard Matrix, nicknamed TaSM (like a Tasmanian Devil), to help CIOs and CISOs understand what the biggest threats and risks to their company that they need to focus on. TaSM acts as a simple matrix that identifies the NIST functions of identifyprotectdetectrespond and recover, helping companies create a contingency plan to bounce back after a cyber-attack.

Continue reading