Tag Archives: Cybersecurity

Incident Response services now available!

Security Incident Response is like firefighting: it’s not something you need everyday, but when you need it, you want the best, and you want it fast.  We’re proud to announce our new cyber security incident response team, and we’d like to tell you what they do, and how best to utilize this new service. We call it SIRT – the Secure Ideas Response Team.

By helping to identify vulnerabilities and weaknesses within your network, we have worked with your organization to minimize the risk of a breach, and to limit the potential damage caused by such an occurrence. But cyber attacks are an inevitable reality of the world today.   We all have seen dramatic increases in cyber-attacks on American companies.  At Secure Ideas we want to prepare our customers for these business-disrupting events, and protect them from the incredibly high costs associated with a traditional breach recovery.

In the event of a security breach – like ransomware, a botnet, or other malware that brings down your business processes – you will need experts who have highly technical incident response training, and the equipment necessary to stabilize, recover, and restore your network environment. You need them fast.

SIRT is here to respond when a crippling attack happens.

Our focus is on stopping the emergency, stanching the flow of your data out of the network, and getting your critical systems back up, as fast as possible.

The costs associated with the restoration of a breach of business-critical systems can be in the millions. And that doesn’t include the costs resulting from customer liability claims, loss of intellectual property, or loss of revenue.

For Secure Ideas customers, there are two main ways you can engage this service: during an incident or on a retainer.

You could wait until you have an incident. When you do, you can give us a call, and SIRT will respond as quickly as they can.

But there are a few reasons why we recommend that you do not wait until you have an incident to take advantage of SIRT, and here’s the most important one:  It is much less expensive if you engage SIRT on a retainer.  We give SIRT customers a 24% discount on hourly rates if we have a retainer agreement in place. And, we bill for fewer hours, because we’ll already have a working knowledge of your network environment and we will have prepared for your emergency response.

Without an established relationship, we will have to begin the response with a rapid assessment, a questionnaire, and an exploratory evaluation of the network. Those take hours – hours that seem like days when you’re in the middle of an emergency.  For retainer customers, we conduct those exploratory questions and inventory in advance, at no cost. This means both that we will know what we are walking into when we receive your call, and that the overall costs of any response are lower:  when we respond to an incident, we charge by the hour – this preparation can save thousands.

SIRT Retainer customers get fast-track service. We promise our retainer customers a one-hour initial callback time, and priority scheduling. Which means we will be on site faster, working to minimize damage, and restore functionality.

We would love to discuss this with you, and send you the retainer agreement to review. Then we can get you in touch with our SIRT members, so that they can answer any questions you may have.  Feel free to reach out to us at info@secureideas.com.

Whose Code Are You Running?

One of my favorite ways to eat Oreo cookies is to twist the two halves apart, carefully set the filling aside, eat both chocolate halves, and then slowly enjoy the indulgent filling. Without milk, this is by far the best way to fully indulge in both parts of the cookie. But with a glass of… Continue Reading

Too Small to Hack: Small Business and Security

If you are paying attention to the news, security is a big topic.  At least that’s what CNN and the Wall Street Journal think.  And I would happen to agree. (I may be a bit biased!)  But even with things like Heartbleed and 0-day flaws in IE, we still commonly hear from small businesses that… Continue Reading

Breaking in to Security

Some of the roles within security are all about breaking in to systems, but what about just breaking into the field?  Jobs in security are popping up all over the place and recruiters are trying desperately to help fill them.  There are many people interested in security, but without previous experience, they often want to… Continue Reading

HealthCare.gov: Basic Security Failures and IT Bloopers

Secure Ideas has tested hundreds, if not thousands, of applications over the years we have been in business.  Based on this experience, along with our public classes and presentations around application security, Dave Kennedy of TrustedSec asked me to review the details of security flaws within HealthCare.gov.  As part of this review, Dave provided a… Continue Reading