Maximize your protection, eliminate business risks.
Optimize and modernize with cloud transformation.
Empower your people to work securely from anywhere.
Let us handle IT so you can focus on growing your business.
Get multichannel 24/7/365 expert end-user support.
Stay ahead of attacks with 24/7 protection and monitoring.
Maximize uptime with with industry-leading DRaaS.
Improve efficiency, productivity and outcomes with cloud.
Ensure all mobile devices, everywhere, are secure.
Gain a competitive edge with strategic IT solutions.
This battle-tested checklist enables your team to swiftly initiate a ransomware response.
IT for businesses of all sizes, in any industry.
Empower institution growth with custom IT solutions.
Ensure your firm is always in compliance.
Improve patient care and staff morale.
Deal with pressing legal matters, not IT.
Keep up with the evolving digital landscape.
Focus on your mission by outsourcing IT.
Accelerate PE client deals and secure data.
Leverage your technology as a strategic asset.
Execute initiatives and develop IT strategies.
Get the latest industry insights and trends.
Join us at events in person and online.
Hear from clients and learn more about strategic IT.
See how Dataprise can make IT your greatest asset.
Get informative technical resources from IT experts.
Stay on stop of emerging cybersecurity threats.
Discover the key areas of DR your organization needs to address to ensure downtime is minimized.
Gain a strategic asset by bringing harmony to IT.
Ensure 24/7 support and security with dedicated teams.
Drive business forward by partnering with Dataprise.
Meet our one-of-a-kind leadership team.
Discover the recognition Dataprise has earned.
Help us help businesses with strategic IT.
Embracing different perspectives and backgrounds.
Find a Dataprise location near you.
Dataprise is committed to empowering more women to consider a career in technology.
Posts
By: Dataprise
Table of content
The above sentiment was the theme of conversation at Dataprise’s Information Security Symposium this past Thursday, June 16th, at their Corporate Office and Technology Center in Rockville, MD. Over 50 business leaders joined this intimate event eager to discover more about the latest best practices and proactive risk management approaches related to Information Security. Below are a few highlights from the event:
Charles Ames, the State of Maryland’s Chief Information Security Officer, kicked off the evening with a keynote speech focusing on how much security is enough and what happens when businesses get attacked. He spoke with the audience about the importance of understanding who your users are, what devices they are using, and understanding administrative rights on your network. He also shared the eye-opening fact found in Verizon’s 2016 Breach Incident Report that 97% of breaches used legitimate third-party access to attack. Ames ended his keynote by sharing what his team is working on within their Security Program to establish a Cyber Secure Maryland, including policy, baselining, centralizing security controls, threat identification and continuous diagnosis and mitigation.
Following the insight from Charles Ames, a panel discussion moderated by Tim Foley, Senior Manager of Information Security & Strategic Consulting at Dataprise, then began featuring Ames and the following panelists:
The discussion featured key topics such as the biggest security trends, threats and the shift in how organizations are viewing security. But one of the most discussed points surrounded the weakest link in every business’ security: employees.
“The weakest link in any organization is our people. They are our most valuable asset and are also our most vulnerable asset,” stated Ferrara. The discussion continued on, focusing on training for employees, aligning policies with a business’ culture, and the importance of executive buy-in.
The panel also emphasized that importance of having a security program and ensuring it aligns with the business goals and objectives. “Tools have outputs, programs have outcomes and when we’re putting together an information security program, the business needs and the needs of the organization are going to drive what we would like the outcome to be,” stated Foley.
The discussion also led into how a business can protect themselves from and prevent attacks. “Complacency is the enemy of vigilance, which is the key factor of any security operations center,” stated Schreiber in reference to the downside of using tools such as machine-learning, “and we want to keep that intact no matter the tool that’s used.”
The third segment of the symposium was a series of workshops discussing Dataprise’s Cybersecurity Intelligence Lifecycle (CSIL).
“If you don’t know where you are, how will you know where you are going or when you will get there,” presenter Sean Ferrara shared with the crowd regarding the Assess phase and dived into the necessity of identifying critical business assets and associated risks. Ferrara shared a variety of assessment solutions such as security gap assessments and PCI baseline analysis that can aide organizations with this goal.
Tim Foley jumped into the Protect phase by engaging the audience with layered defenses aka “Defense in Depth,” which include elements such as patching, training, offsite backups, security awareness training, and anti-virus. He discussed the importance of protecting critical assets with network security solutions and delved into the differing priorities of a CIO versus a CISO.
Joe Schreiber and Dataprise SOC Lead Lee Thomas Hagen led the way in discussing the importance of the Detect phase within the CSIL wheel. Solutions such as Unified Security Management (USM) and periodic security log review help business’ identify threats and vulnerabilities and allow for enhanced transparency to drive better business decisions.
“You’re going to be hacked. Have a plan,” was the quote from the FBI Cyber Division Director that Tim Foley shared to end the presentations with the Respond phase. He covered critical items such as business impact of breaches, the need to respond, remediate, and recover, and solutions to aid organizations with their planning, such as disaster recovery planning, managed remote backups, and incident response programs.
The discussion and questions kept reeling after the final presentation with a cocktail hour and networking session.
Overall, the event was a success for Dataprise and left audience members with a new point-of-view on security. “I enjoyed the contrast of perspectives from folks with different experience,” stated a Director of IT who attended the event. “Mr. Ames offered a great executive viewpoint, Mr. Schreiber had a bit more technical detail and perspective, and Mr. Foley and Mr. Ferrara could blend the business and the technical together.”
To view resources from the event, visit www.dataprise.com/resource-center/security-symposium-resources
INSIGHTS
Subscribe to our blog to learn about the latest IT trends and technology best practices.