“Enterprises that implement a vulnerability management process will experience 90% fewer successful attacks…” 

~ Gartner, Predictions for  IT Security Directors

“We already have a firewall and intrusion detection systems

That’s a good start. However, despite all the attention that firewalls, anti-virus applications and Intrusion Detection System (IDS) receive, security vulnerabilities still plague organizations. By having these tools, organizations often believe that their networks and applications are safe from security incidents. Unfortunately, this is not the case.

The operational environments within businesses are becoming increasingly complex, and more reliant on the use of sofware and data every day. Often little attention is paid to business processes, policies, or any sort of consistent review of security posture. Many systems are not designed to protect network and data from improper configuration, out of date software, or unexpected user intervention from a disgruntled employee. Most sophisticated attacks can bypass intrusion detection systems and penetrate networks, and externally executed code may not be noticed at all. The best defense is fully knowing the existing security status, and understanding the actions required to cover any gaps or deficiencies in your security posture.

 “Our company isn’t a target for attacks”

Sure, you’re not Amazon, Apple, Facebook or Google. Recent history of largescale security incidents show not all attacks are targeted. Crypolocking viruses, Code Red, Wannacry, Bagel, etc. attacked systems at random, and operated using specific vulnerabilities. It is important to change thinking beyond “it probably won’t happen” to fully understanding the current situation, and fixing issues by evaluating the facts obtained.

The Technology and Risk Advisory group takes a wholistic approach to vulnerability management – including everything from organizational structure, data endpoints, operational policy, technology management, IT management policy, and existing security management to develop an actionable plan to make your company more secure, and better positioned to detect and act quickly when a security incident happens.

Technology and Risk Advisory Contacts:

Paul Schmidt

CPA, CA, CITP, Information Technology

Email: pschmidt@wm.ca

Phone: 604-691-6826

Killian Ruby
Partner, CPA, CA, I.A.C.T,
Audit and Accounting

Email: kruby@wm.ca

Phone: 604-691-6881

Vaclav Vincalek

Managing Director,
Technology & Advisory Services

Email: vvincalek@wm.ca

Phone: 778-945-2996

Recent Cyber Security Articles

Barbara Corcoran Lost Nearly $400000 and It Shows the Real Risk of Email Phishing Scams

Barbara Corcoran Lost Nearly $400,000 and It Shows the Real Risk of Email ... That means it's worth considering whether ...
Read More
/ Cyber Security News

Michigan Healthcare Group Hack Went Undetected for Six Months

A data breach that exposed patients' personal health information (PHI) for almost three months went undetected for half a year ...
Read More
/ Cyber Security News

The Rise of Data Privacy Regulations Offers New Opportunities for CPA Firms

At this time, approximately 41 U.S. states have laws mandating data breach notification, which is among the central focuses of ...
Read More
/ Cyber Security News

Exploitation, Phishing Top Worries for Mobile Users

The majority of companies suffered downtime or loss of data in a breach, but many also found that other devices ...
Read More
/ Cyber Security News

South Carolina’s firewall faces billions of breach attempts

South Carolina's firewall faces billions of breach attempts ... The state also employs measures of cybersecurity to ensure tabulated results ...
Read More
/ Cyber Security News

TQL cyber breach is latest example of the industry’s vulnerability to hacking

The breach was "an information/data phishing attempt," according to an announcement on the company's website. "Our IT security teams identified ...
Read More
/ Cyber Security News

Cyberattacks Target US DoD and Mexico’s Economy Ministry | Avast

Ransomware was part of 70% of total malware infections observed by the Verizon Data Breach Investigations Report. Malware hits 61% ...
Read More
/ Cyber Security News

Phishing attack affects participants in Brunswick Co. Schools benefits plan

BRUNSWICK COUNTY, N.C. (WECT) - A data breach has affected Brunswick County Schools employees who participated in one of its ...
Read More
/ Cyber Security News

One in four Americans won’t do business with data-breached companies

Security company Security.org surveyed over 1,000 people in the US including over 300 data breach victims to learn more about ...
Read More
/ Cyber Security News