As the storm season matures and the world heats up Risk Management has become more important to people and governments throughout the globe. First Responders, Security Experts, and Incident Response Teams must remain vigilant! Organizations are largely prepared to react to common threats because of the advancements in tools and tactics, techniques, and procedures (TTPs) that add great capability. Here are some of the topics of interest in the areas of Cyber Risk Management and Systems Integration. After reading through the latest news in Cybersecurity you want to continue to read through the Systems Integration section of the newsletter for interesting stories about how to harness Big Data, deploy drones, and communicate with Emergency Management Personnel!
JohnsTek, Incorporated wins State of South Carolina Information Security and Privacy Services Contract for Cybersecurity!
JohnsTek, Inc. has been awarded a contract by the State of South Carolina to provide Information Security Services in the form of Vulnerability Management, Security Risk Assessments, Penetration Testing and other Consulting Services. JohnsTek Inc., an industry leader in strategic consulting in Risk Management, Governance and Architecture has formed the JohnsTek Team, comprised of JohnsTek, Inc and IOMAXIS (aka INGRESSIVE). IOMAXIS brings to the team unparalleled level of technical expertise and competency in Penetration Testing and Vulnerability Assessments. Together, JohnsTek Inc. and IOMAXIS create a formidable team!
Cyber Risk Management
JohnsTek has long held that they are a company that provides “holistic” solutions via an “intel-based” approach to Cybersecurity. Looking beyond the borders of the client enterprise requires Risk Managers to examine threats that directly influence or indirectly affect the security of the client. This includes Third Party exposure of the enterprise. Ask HBO, Sony, and Netflix how important is this consideration of third party vendors or outside organizations. Third party comes in many forms: Outside applications, contractor support, vendor enterprise interface, or delivery of a purchased service.
Executives and Security personnel must pay attention to Third Party interfaces to the enterprise. For those vendors that have a direct connection to the network, or regularly pass digital media into the enterprise, it is extremely important to understand their Governance, Policy, and Procedures for safeguarding their enterprise. What security procedures do they have in place? How often do they verify the security of their network, their enterprise, their physical locations? How do they scrutinize media passed into their environment?
This is just the beginning of the external examination that must take place to develop a holistic approach to your enterprise!
For more information visit our Cyber Risk Management page, Click Here.
HBO, SONY and NETFLIX Hacked: Just last week HBO says it was hacked (Source: NPR July 31, 2017), losing some scripts for their popular series “Game of Thrones”. Spoiler alert! In 2014 Sony was hit with a leak of employee emails, creating rifts throughout Hollywood, and films were exposed prior to release. NETFLIX experienced a Ransomware attack earlier this year, losing protection of their series “Orange is the New Black”. What do these hacks have in common? They were the result of Third Party vendors whose own security vulnerabilities were exploited, and their networks breached. What can you do to safeguard your enterprise from Third Party Threats? Click here to Read More…
Ransomware: The good news this week for many enterprises is that the Petya / NotPetya Ransomware scare is not really ransomware. The bad news, Petya turned out to be a worm that seizes control of infected devices, spreads to other devices on the network, digitizes its files, and has no intention of releasing them back to the owner, ransom paid or not. Many analysts conclude that this is an indicator of a sinister State sponsored attack aimed at a targeted adversary. For more information click here
Following a man-made tragedy, major crime spree, or discovery of exploited weaknesses in our National Security we always ask the obvious question, “Could this have been prevented?” The answer is typically, “Yes, it could have”. But, how could it have? What we have done if we didn’t know…oh, that is it, isn’t it? We didn’t know. So now the question is, “why didn’t we know?”
In 20/20 hindsight we find that it was right there in front of us. The clues, the tells, the indicators that something sinister was brewing. If only we captured and interpreted the massive of amount of data that transcends the internet in plain public view… In today´s digitized world data volumes are measured in yottabytes (1,000,000,000,000,000,000,000,000 bytes). Just one minute of Internet data flow accounts for 640 terabytes on any given moment.
While it is a great thing that so much data is available, it also poses a large-scale problem for end users who must sort through the mounds of data, identify the most relevant, and provide decision makers in upper management with actionable information, which most times is time sensitive and perishable.
Just like an airplane pilot who can become task overloaded by trying to control the aircraft, talk to Air Traffic Control, deal with stress and long hours, today´s analysts can become overwhelmed by the vast amount of data arriving to their terminals in a non-structured or standardized manner. For that reason, many software developers have made great strides to launch applications that ease the workload and make the data integration, extraction, correlation, and analysis easier and expeditious.
Information is a powerful tool, but is only as good as the analysis that can be made, how fast that analysis is produced, the ease to consume and understand the analysis, and what actions are taken based on that analysis. For that reason, equipping your data analysts with cutting-edge, customizable solutions for data integration and analysis will empower your organization. Whether your organization is a public safety office, a financial institution, or relies on data to perform its mission, the benefits of analytical tools are priceless.
For more information visit our website, Click Here.
Drones in support of the Railway Industry? Drones continue to be employed in all areas of our daily lives; railways are not an exception. The low operational cost of drones make it an attractive alternative compared to manned aircraft and lesser capable ground sensors to conduct daily maintenance runs, inspections, surveillance and reconnaissance.
As part of normal business operations railway companies are required to conduct routine inspections of large distances of rail tracks. Drones are capable of accomplishing the task with ease, efficiency and great accuracy. These high tech airborne systems, coupled with a powerful analytic tool, such as the Video Indexing Recording System (VIRS) and other analytical tools, make it the best option to operators. Unmanned aircraft working autonomously or controlled by a pilot provide long range surveillance, endurance, and real-time/High Definition Video downlinks, making them a logical solution to what once was a long, tedious and expensive operation. Click here for more information.
We see in the nightly news how first responder organizations with sophisticated and comprehensive support systems are able to react immediately with aide to those urgent situations that come with virtually no warning.
After an event has begun with a tragic incident the response systems go into high gear, as operators and emergency responders begin to coordinate and share information. Because we can never know when and where the incidents occur we must be ready to react, we must be able to communicate, and we must collect and share data in real-time. Lives are at stake.
A comprehensive system-of-system allows multiple agencies to coordinate over emergency communications channels using any platform. Imagery, video, and voice data is collected and analyzed as the collection occurs. No time to wait! Authorities must be able to process information from several sources immediately to be able to make life-saving decisions. Click Here for more.