Tag Archives: Security

Incident Response services now available!

Security Incident Response is like firefighting: it’s not something you need everyday, but when you need it, you want the best, and you want it fast.  We’re proud to announce our new cyber security incident response team, and we’d like to tell you what they do, and how best to utilize this new service. We call it SIRT – the Secure Ideas Response Team.

By helping to identify vulnerabilities and weaknesses within your network, we have worked with your organization to minimize the risk of a breach, and to limit the potential damage caused by such an occurrence. But cyber attacks are an inevitable reality of the world today.   We all have seen dramatic increases in cyber-attacks on American companies.  At Secure Ideas we want to prepare our customers for these business-disrupting events, and protect them from the incredibly high costs associated with a traditional breach recovery.

In the event of a security breach – like ransomware, a botnet, or other malware that brings down your business processes – you will need experts who have highly technical incident response training, and the equipment necessary to stabilize, recover, and restore your network environment. You need them fast.

SIRT is here to respond when a crippling attack happens.

Our focus is on stopping the emergency, stanching the flow of your data out of the network, and getting your critical systems back up, as fast as possible.

The costs associated with the restoration of a breach of business-critical systems can be in the millions. And that doesn’t include the costs resulting from customer liability claims, loss of intellectual property, or loss of revenue.

For Secure Ideas customers, there are two main ways you can engage this service: during an incident or on a retainer.

You could wait until you have an incident. When you do, you can give us a call, and SIRT will respond as quickly as they can.

But there are a few reasons why we recommend that you do not wait until you have an incident to take advantage of SIRT, and here’s the most important one:  It is much less expensive if you engage SIRT on a retainer.  We give SIRT customers a 24% discount on hourly rates if we have a retainer agreement in place. And, we bill for fewer hours, because we’ll already have a working knowledge of your network environment and we will have prepared for your emergency response.

Without an established relationship, we will have to begin the response with a rapid assessment, a questionnaire, and an exploratory evaluation of the network. Those take hours – hours that seem like days when you’re in the middle of an emergency.  For retainer customers, we conduct those exploratory questions and inventory in advance, at no cost. This means both that we will know what we are walking into when we receive your call, and that the overall costs of any response are lower:  when we respond to an incident, we charge by the hour – this preparation can save thousands.

SIRT Retainer customers get fast-track service. We promise our retainer customers a one-hour initial callback time, and priority scheduling. Which means we will be on site faster, working to minimize damage, and restore functionality.

We would love to discuss this with you, and send you the retainer agreement to review. Then we can get you in touch with our SIRT members, so that they can answer any questions you may have.  Feel free to reach out to us at info@secureideas.com.

Beware of Holiday Scams

 It is that time of year and we need to be ready for the fraudsters to be out in full effect.  The holidays are approaching and it is a time for joy for most.   Unfortunately, the Grinches are working just as hard as Santa to effect your holiday cheer.  Here are few things to keep… Continue Reading

CORS Global Policy

I recently noticed an uptake on Cross-Origin Resource Sharing (CORS) findings showing up in automated scanning tools, which would not have been a significant concern except for the fact that the tools were rating this as a relatively “high” severity and very few people I asked about it seemed to have any idea what it… Continue Reading

The ABC’s of ASV’s & PCI

Secure Ideas’ prides itself on providing the highest level of service to our customers. We are tirelessly searching for new tools, and methods to use in strengthening security for our clients.  With that in mind, it is with great pleasure that we announce the unveiling of PCIScout.  After undergoing a thorough vetting, and testing process,… Continue Reading

Logging Like a Lumber Jack

Turn on any news outlet or visit any news site and you will most likely see an announcement of yet another data breach.  On the DTR podcast we discuss breaches in the news during almost every episode.  There is a push to put more of an emphasis on identifying and reacting to a breach or… Continue Reading

Policy Gap Analysis: Filling the Gaps

 In today’s world, something never seems to be true unless it is written down, and even then it is a guideline.  In the business world there are policies that define how employees should present themselves as well as how company equipment can be used.  The policies are important because they provide a written definition of… Continue Reading

New Data Security Breach Laws in Florida

Since many organizations are collecting what many would consider personal, non-public, information, it is very important that they protect this information since it is considered sensitive.   Almost every state has specific laws around what happens if that information is breached.  Florida just passed a new law that outlines what is considered sensitive information and the… Continue Reading

What Do You Expect From A PenTest?

There are many reasons that a company has a penetration test performed.  Maybe it is due to regulatory compliance, like HIPAA, or they are just take security seriously.  No matter what the reason is, you want to get the most from a penetration test.  Any of you that have had a good penetration test done… Continue Reading