“Enterprises that implement a vulnerability management process will experience 90% fewer successful attacks…” 

~ Gartner, Predictions for  IT Security Directors

“We already have a firewall and intrusion detection systems

That’s a good start. However, despite all the attention that firewalls, anti-virus applications and Intrusion Detection System (IDS) receive, security vulnerabilities still plague organizations. By having these tools, organizations often believe that their networks and applications are safe from security incidents. Unfortunately, this is not the case.

The operational environments within businesses are becoming increasingly complex, and more reliant on the use of sofware and data every day. Often little attention is paid to business processes, policies, or any sort of consistent review of security posture. Many systems are not designed to protect network and data from improper configuration, out of date software, or unexpected user intervention from a disgruntled employee. Most sophisticated attacks can bypass intrusion detection systems and penetrate networks, and externally executed code may not be noticed at all. The best defense is fully knowing the existing security status, and understanding the actions required to cover any gaps or deficiencies in your security posture.

 “Our company isn’t a target for attacks”

Sure, you’re not Amazon, Apple, Facebook or Google. Recent history of largescale security incidents show not all attacks are targeted. Crypolocking viruses, Code Red, Wannacry, Bagel, etc. attacked systems at random, and operated using specific vulnerabilities. It is important to change thinking beyond “it probably won’t happen” to fully understanding the current situation, and fixing issues by evaluating the facts obtained.

The Technology and Risk Advisory group takes a wholistic approach to vulnerability management – including everything from organizational structure, data endpoints, operational policy, technology management, IT management policy, and existing security management to develop an actionable plan to make your company more secure, and better positioned to detect and act quickly when a security incident happens.

Technology and Risk Advisory Contacts:

Paul Schmidt

CPA, CA, CITP, Information Technology

Email: pschmidt@wm.ca

Phone: 604-691-6826

Killian Ruby
Partner, CPA, CA, I.A.C.T,
Audit and Accounting

Email: kruby@wm.ca

Phone: 604-691-6881

Vaclav Vincalek

Managing Director,
Technology & Advisory Services

Email: vvincalek@wm.ca

Phone: 778-945-2996

Recent Cyber Security Articles

What is the Latest Consumer Data Protection Act that Everyone is Talking About?

In previous CSPi blogs, we have described many specific data privacy ... All of this makes them unusable in the ...
Read More
/ Cyber Security News

US points finger at Chinese government over Marriott data breach

US cybersecurity experts suspect that the hackers who gained access to the personal data of half a billion Marriott hotels ...
Read More
/ Cyber Security News

Hadoop and Big Data Analytics Market 2026 Investment Analysis To Obtain The Exact …

The business research report on “Hadoop and Big Data Analytics Market” Research Report 2018- 2026 covers summery, market outlook, trends, ...
Read More
/ Data Analytics

Forcepoint: 2019 sees IoT attack surge

"The cybersecurity industry and attackers expended effort in a never-ending cycle of breach, react, and circumvent -- a true cat-and-mouse ...
Read More
/ Cyber Security News

Michigan Chamber Of Commerce Applauds Senate Action On Data Breach Notification Legislation

"This legislation imposes reasonable mandates that will require businesses to notify consumers that could be affected by a data breach." ...
Read More
/ Cyber Security News

Why the 1-size-fits-all approach doesn’t work for hospital cybersecurity: Q&A with Proficio CISO …

Dickon Smart-Gill, CIO and chief information security officer at managed ... Once the breach is under control, the next step ...
Read More
/ Cyber Security News

Digi International Nominates New Candidate for Board of Directors

Since May 2016, Hatem Naguib has served as SVP and GM of the security business unit for Barracuda, Inc., a ...
Read More
/ Cyber Security News

Despite Breaches, Many Organizations Struggle to Quantify Cyber-Risks to Business

Many organizations are still struggling to adopt a more risk-focused approach to cybersecurity, although the need for it has been ...
Read More
/ Cyber Security News

11 Top Breach and Attack Simulation (BAS) Vendors

It has won multiple awards, including a 2018 Cybersecurity ... which offers some limited breach and attack simulation capabilities ...
Read More
/ Cyber Security News