Cisco’s Annual Cyber Security Report was released today and as always it is filled with interesting insights about both sides of the cyber security battle.

Insights into Hackers and Attackers

1. Adversaries are taking malware to unprecedented levels of sophistication and impact.

Malware, especially self-propogating “worm” malware such as WannaCry and Petya played a pivotal role in some of the biggest attacks and infections of 2017.

2. Adversaries are becoming more adept at evasion— and weaponizing cloud services and other technology used for legitimate purposes.

One trend is the use of encryption by hackers to protect themselves from detection, especially C2 types of activities.

3. Adversaries are exploiting undefended gaps in security, many of which stem from the expanding Internet of Things (IoT) and use of cloud services.

Defenders are deploying IoT devices at a rapid pace but often pay scant attention to the security of these systems.

Insights into Security Defenders

1. Budgets are perceived to be relatively stable, growing and appropriate.

2. Breaches appear to be the biggest driver of future investments and improvements in technology and process.

3. The use of outsourcing is growing as a means of dealing with security threats, especially in the areas of monitoring and incident response.

Konsultek’s Take

Cisco’s report is well written, easy to read and full of valuable insights. Many of these insights such as the growing reliance on outsourcing correlate closely with our own findings. As a pioneer in outsourced security solutions we too have seen strong growth in both the variety and volume of services our clients outsource to us.

Managed services are a cost effective way to improve security efficacy as well as scale security solutions in a growing organization. If either of these are of interest to you and your organization please give us a call to set up an introductory meeting.


read more

Ultimately, Information Security relies upon the quality of the people you have dedicated to the task. Sure there is a technology component to information and network security but in the end you need to have top performing security professionals to make it all work.

Unless you have been living under a rock you already know that there is a massive security professional shortage. And if you have been in the market for one or more of these folks (who are about as scarce as Unicorns) you also know that in order to get one interested in even having a cup of coffee with you, you’re going to have to pony up some significant amounts of cash.

The Shortage is Even Worse in Chicago

Just when you thought it couldn’t get worse, it turns out it already has. As Cory Scott over at LinkedIn shows, Chicagoland is experiencing a net outflow of security professionals!

With our headquarters in Chicago we can attest to the rare and endangered nature of the security professional in our own back yard.

What’s an Organization to do?

Fortunately, we saw this shortage coming many years ago and positioned ourselves to be able to offer Information Security as a Service. This means that you do not need to worry about finding the right technologies and keeping them up to date.  More importantly though, given the super tight market for qualified security professionals, you do not need to locate, attract, train and retain these super expensive assets because we manage the whole function for you!

An example of our outsourced services is KNACMAN. This service, which is based upon Forescout’s CounterACT platform provides world-class NAC without the capital outlay and human capital requirements that can make it cost prohibitive.

To learn more about our outsourced security solutions and how they can help your organization cope with the challenges you are facing please pick up the phone and give us a call!


read more