Web apps have made it easy for just about anyone to start a service business. All 你 have to do is buy a subscription to the software and off 你 go. 还有最新的软件, 你将获得教程和技术支持, and 你 can even join an online forum where 你 can interact and learn from others in the same business. 听起来很棒,不是吗?
是的,它很好,但这不是它看起来的那样. This is the cyber-criminal ecosystem and the improvements that have allowed business technology to evolve so quickly are the same kind of developments that have allowed cybercriminals to continually up their game.
无论他们使用什么软件,目标都是一样的. Cybercriminals want to find and exploit unlocked doors and windows to 你r data. 这些天, 他们不只是想进入你的网络, 他们想在不被人发现的情况下四处走动, collecting and analyzing activity and information so they can get the biggest payoff. 这是如何发生的.
网络罪犯寻找更大的目标
Let’s say a remote worker clicks on a link in a phishing email. 这个链接会把他们带到一个被入侵的网站. 该网站将恶意软件下载到员工的笔记本电脑上. 这就为网络罪犯打开了一扇进出的大门. 事实上, the criminal who gained access to the computer might sell that access to another criminal who has a different set of software tools.
The next step is to exfiltrate information such as credentials to accounts like 你r executive’s email. They also may want to learn who 你r customers and vendors are so that they can figure out how they can best monetize their efforts.
Then one day they make their big hit and 你r whole company network is encrypted, 或者你给卖家的钱被挪用了, or 你 find out that a customer had a huge data breach it happened because of their connection to 你.
The way to defend against modern cyber threats like this is to have a cybersecurity strategy that includes different layers that work together to establish the legitimacy of all the traffic in 你r network. 受管理的检测和响应就是其中一层.
什么是管理检测和响应?
Managed Detection and Response (MDR) is a cybersecurity tool that has 24/7 eyes on all the computers and servers connected to 你r network. It looks for suspicious activity and responds immediately to possible threats and shuts them down before they have the chance to cause immediate damage or move deeper into 你r IT systems.
If 你 don’t have MDR, it could take hours, days or even months before an intruder is discovered. MDR works in minutes and that could mean the difference between business as usual, 或者商业失败.
耐多药是如何工作的
The MDR program includes a small piece of software that is installed on every Windows computer. 该程序寻找网络犯罪活动的迹象,如:
- Credential dumping – the harvesting of account login and password information.
- Persistence mechanisms – anchors that allow malware to stay on a computer.
- Malware downloads – software that will corrupt, expose or capture data.
- Lateral movement – movement to other computers and network connections.
An alert is triggered when the program detects and responds to an intrusion. The alert is categorized at a level of importance that ranges from informational to critical. The alert might be followed by a phone call from the Security Operations Center (SOC) to see if the suspected activity is actually legitimate. 如果情况危急, MDR will take the affected system offline to prevent further spread of malware or movement.
我们的MDR红队测试
这里是风向标, we vet every technology tool that we use and when we were choosing an MDR provider we did our own test to see if the promised response time was true.
We had our top cybersecurity engineer red team MDR solutions by trying out different cyber-criminal techniques to see if he could get in and move around like a cyber-criminal would. 工程师做了所有坏人会做的事, 他的活动在几分钟内就被封锁了.
The red team activity was detected, the system was quarantined from the network. The alert also triggered a phone call from the MDR Security Operations Center (SOC) and they didn’t stand down until we clued them in on the source of the activity.
网络犯罪的代价
如果你的澳门赌场网址大全策略中没有MDR, 你是在给网络罪犯提供机会. You need to go beyond the basics if 你’re going to avoid the drastic impacts of cyber-crime. 影响看起来像:
- $200,000 – the average cost of a data breach for companies of all sizes
- $42,000 – the average ransomware payment for a small to midsize business (SMB)
- 193天——在此期间确定数据泄露
- 39天,这段时间用来控制数据泄露
新奥尔良企业的澳门网赌大全网址澳门赌场网址大全服务
这里是风向标, we help New Orleans companies manage cyber risks by creating and implementing cybersecurity strategy that stands up to evolving threats. If 你’re not confident that 你r IT team is doing what they need to do to protect 你r company from cyber-crime, or if 你 just want an outside perspective on what a modern cybersecurity strategy looks like, 请澳门网赌大全网址进行澳门赌场网址大全评估.
