“Enterprises that implement a vulnerability management process will experience 90% fewer successful attacks…” 

~ Gartner, Predictions for  IT Security Directors

“We already have a firewall and intrusion detection systems

That’s a good start. However, despite all the attention that firewalls, anti-virus applications and Intrusion Detection System (IDS) receive, security vulnerabilities still plague organizations. By having these tools, organizations often believe that their networks and applications are safe from security incidents. Unfortunately, this is not the case.

The operational environments within businesses are becoming increasingly complex, and more reliant on the use of sofware and data every day. Often little attention is paid to business processes, policies, or any sort of consistent review of security posture. Many systems are not designed to protect network and data from improper configuration, out of date software, or unexpected user intervention from a disgruntled employee. Most sophisticated attacks can bypass intrusion detection systems and penetrate networks, and externally executed code may not be noticed at all. The best defense is fully knowing the existing security status, and understanding the actions required to cover any gaps or deficiencies in your security posture.

 “Our company isn’t a target for attacks”

Sure, you’re not Amazon, Apple, Facebook or Google. Recent history of largescale security incidents show not all attacks are targeted. Crypolocking viruses, Code Red, Wannacry, Bagel, etc. attacked systems at random, and operated using specific vulnerabilities. It is important to change thinking beyond “it probably won’t happen” to fully understanding the current situation, and fixing issues by evaluating the facts obtained.

The Technology and Risk Advisory group takes a wholistic approach to vulnerability management – including everything from organizational structure, data endpoints, operational policy, technology management, IT management policy, and existing security management to develop an actionable plan to make your company more secure, and better positioned to detect and act quickly when a security incident happens.

Technology and Risk Advisory Contacts:

Paul Schmidt

CPA, CA, CITP, Information Technology

Email: pschmidt@wm.ca

Phone: 604-691-6826

Killian Ruby
Partner, CPA, CA, I.A.C.T,
Audit and Accounting

Email: kruby@wm.ca

Phone: 604-691-6881

Vaclav Vincalek

Managing Director,
Technology & Advisory Services

Email: vvincalek@wm.ca

Phone: 778-945-2996

Recent Cyber Security Articles

Grandma Ordered To Delete Grandchildren’s Photos From Facebook Or Pay Fine

GDPR rules typically don't apply to “purely personal” or “household” processing of data, but in this case the judge ruled ...
Read More

Truecaller data of 47 million Indians breached, company denies

Security report suggest data of popular caller ID app Truecaller was leaked. That's not all, it says the data was ...
Read More
/ Cyber Security News

Naga Munchetty erupts at Matt Hancock over track and trace scheme ‘Sticks in our throat!’

GDPR nightmare.' ... “There are very strict confidentiality rules that are in place, both under GDPR and the medical system ...
Read More

Why zero trust security needs strong hardware foundations

These are the ability to detect and protect against threats; keeping user ... at boosting the ability of security tools ...
Read More
/ Cyber Security News

Antivirus Software Market 2020 Industry Insights by Growth, Emerging Trends and Forecast to 202

Over the years, cyber security threats have increased rapidly worldwide. ... In addition, usage of the internet and growth in ...
Read More
/ Cyber Security News

Yotpo releases report on user generated content

Compliance with GDPR rules is the biggest challenge facing brands when it comes to leveraging user-generated content. The Rise of ...
Read More

Solving the security challenges of remote working

The use of data loss prevention (DLP) technology can significantly mitigate this, giving businesses much more ... to quickly detect ...
Read More
/ Cyber Security News

Top 10 Vulnerabilities In Web Apps You Can Prevent With Testing

The OWASP Top 10 2017 is a list of the most significant web application security risks. How are you addressing ...
Read More

Analytics Round Table 2020: Diagnosing Data

Akixi's Colin Gill told us that some of the biggest challenges businesses face today are analysis paralysis and figuring out ...
Read More
/ Data Analytics