Data breaches are becoming increasingly common, and you can’t go a week without hearing about another. Statistics show that cybercriminals steal or compromise 68 records every second. If your organization isn’t already a victim of a data breach, chances are you will eventually be, especially if you don’t have proper security measures in place.  A cyber-attack can happen to anyone. When it happens, companies find the initial attack occurred weeks before it was realized. In 2022, identifying a data breach took an average of 207 days. This fact stresses the importance of having a thorough security plan and architecting your systems to prevent and detect breaches.

Last year, we were with a customer on a security assessment. We became concerned that the business may already have been compromised during the sales process. The customer signed up for an evaluation but wanted to wait to start it for several weeks.  

We were concerned and discussed some of the tell-tale warning signs we uncovered within the sales process. Listed below are just a few:

1. Reliance on Software Only solutions such as Webroot, Trend, and CrowdStrike
2. Reliance on a single firewall at each location a no-patch methodology or monitoring in place
3. Out of Compliance Windows Servers
4. Reliance on VPN for Connectivity remotely
5. Use of RDS for Remote connectivity with no security and controls
6. No Password policy for reset or shared passwords
7. No modern email anti-spam, anti-malware
8. No Procedures in IT and a reliance on a department of 2 people for all Security and IT
9. Dated IT Architecture in network and data center design

We strongly urged the customer to allow our DG365 endpoint protection to be installed before we even performed the full security assessment. The customer was very hesitant, and senior management wanted to avoid allowing us to install it because they genuinely thought the IT department was securing the business.

We felt strongly and offered a 60-day trial with a money-back guarantee if they did not want to go with any ICG Security products. 

They agreed, and thank goodness they did. 

Within hours of deploying the endpoint protection, the ICG Security Operations Center Team began to detect anomalies and threats throughout the workstations and several servers. In addition to our DG365 Endpoint Protection, we left the customer's anti-malware software on the system, which never detected anything. DG365 Endpoint protection, combined with our toolset of custom algorithms and active SOC monitoring, detected all the compromised endpoints, and we were able to thwart the attack and ensure that the customer was safe.

The story's moral is don't trust the name brand software, only vendors or vendor solutions that truly do not have your business' security interest at heart. ICG's Security Team is focused, and we deliver using the best tool, but above all, it's our service and responsiveness to our customers lead the way!

Cyber Security planning and implementation can be stressful for the business owners and IT staff. No matter the size of your business having a Cybersecurity support organization to assist plan, and implement a strategy that protects the business. If you're concerned your business is under threat, or you want to make sure you are protected before it happens, Innovative Consulting Group is here to help. 

Signs that could indicate a breach:

How to Avoid Data Breaches?

To avoid a data breach on a company level, we at ICG suggest identifying all of your organization's IT assets, creating an Incident Response Team / Plan (IRT/IRP), adding an Intrusion Detection System, and running frequent penetration tests. 

A cyber attack is a stressful event, no matter the size of your business. If you’re concerned your business is under threat, or you want to ensure you are protected before it happens, Innovative Consulting Group is here to help. Contact us today!