Managed IT Services Blog

As organizations have moved more and more critical applications, workloads and services to the cloud, I am often asked by clients to help them review their overall cloud strategy and architecture from a best practices and security point of view.

As we're several years into this cloud migration for most organizations, a lot of things have changed regarding how they leverage the cloud, the type of applications and services they need to be able to provide and how they control and monitor access to resources. No two organizations are exactly the same, but more often than not, the underlying fundamentals are consistent across organizations.

According to the Verizon 2017 Data Breach Investigations Report, 51 percent of breaches included some form of malware. While malware in all of its forms is a pervasive threat, what most businesses should be focusing on is that there are numerous cyber threats that they need to guard against.

Last week, the former CEO of Equifax testified in front of the house energy and commerce committee regarding the massive data breach that his company fell victim to earlier this year. This breach caused the exposure of approximately 143 million U.S. consumers personal and financial information.

In his testimony, Richard Smith explained that the breach was caused by the failure of a single individual to properly communicate and act on a patch to a critical vulnerability.

“Both the human deployment of the patch and the scanning deployment did not work,” Smith told Congress. “The protocol was followed.”

Today, organizations are faced with the unique challenge of protecting critical assets and data from a more diverse and broad set of threats than ever before. Advanced malware and ransomware targeting the endpoint continues to evolve and morph at an incredibly fast rate.