Page 10 - Cyber Defense eMagazine - October 2017
P. 10

EU’s GDPR or at a state level, such as New York State’s NYCR 500, the pressures are
               growing.  Having an MSSP partner like Herjavec Group can help prove due care and
               due diligence for these and many other regulations.

               What About Executive Level Training?
               Robert explained that “this year, we have also introduced an executive training practice,
               led  by  our  VP  of  Incident  Response,  Matt  Anthony.  Our  training  initiatives  support
               employee  security  awareness  and  also  provide  insight  on  how  to  build  a  security
               framework  and  incident  response  plan.  These  training  sessions  typically  part  of
               leverage  our  IR  retainer  hours  or  are  orchestrated  as  a  separate  consulting
               engagement.”  As most breaches are a result of poor executive guidance, the regulatory
               pressures  and  the  availability  of  this  kind  of  “C”  level  training  program  could  not  be
               better timed.


               Do You Ever Guarantee No Breaches To Your Clients?
                “The adversary is always changing and if we don’t start from a strong foundation, we’re
               going  to  always  be  playing  catch-up.    We  explain  this  to  our  clients,  they  listen  and
               when they implement our suggestions, it makes it easier for us, in partnership to detect
               and  remediate  some  of  the  nastiest  and  most
               innovative  attacks.    WannaCry,  for  example,  can’t
               get past our system and we’ll keep working to stay
               ahead  of  these  kinds  of  innovative  threats.    This
               year,  binding  ransomware  to  a  worm  was  a  new
               idea,  next  year  something  else  will  be  done  that
               seems so innovative – we must be ready and that’s
               why  a  strong  foundation  and  our  ability  to  cross
               correlate  threats  across  different  markets  with
               constant  improvements  to  HG  Analytics  makes  us
               an innovative player in the MSSP space.,” he said,
               “You will get breached.  There’s nothing you can do
               to  prevent  it.    Smart money  is  on  how  quickly  you
               can contain it.”

               It's refreshing to hear from an expert in the industry
               who  is  also  so  honest  about  the  situation.    Many
               start-ups,  whom  I  meet  with  at  various  shows  –
               RSA, BlackHat, etc. always tell me ‘my new technology will stop all the latest breaches’
               When  I  ask  them  how  they  tell  me  ‘it’s  proprietary’  –  trust  me,  they  tell  me.    Yet
               breaches are exponential.  Just looking at PrivacyRights.org we see that there’s been
               more than one billion records breached (at the time of this writing it’s 1,073,490,127) in
               the  US  alone,  from  7,730  DATA  BREACHES  made  public  since  2005.    As  Robert
               Herjavec attested – they will keep happening, the question is – how fast will you react?

                    10   Cyber Defense eMagazine – October 2017 Edition
                         Copyright © Cyber Defense Magazine,  All rights reserved worldwide.
   5   6   7   8   9   10   11   12   13   14   15