It is always heartening to see a respected organization such as Gartner espousing the same security philosophies as we have here at Konsultek. In a recent blog post, Gartner’s Oliver Rochford points out that the most robust security solutions combine both prevention AND detect and respond approaches.

If you’ve been following this blog for any length of time you’ll know that this is exactly how we approach all of our information and network security engagements.

An Ounce of Prevention – Still Worth a Pound of Cure

Despite what some might say, prevention is far from being a dying or dead approach. A properly executed prevention strategy that utilizes advanced firewall and access control technologies can help mitigate the impact of old school hacking. When outsiders who don’t have proper credentials attempt to access your network with a variety of tools and tricks they are simply shut out.

But what if they pierce the protective veil of your prevention strategies? Password theft, cracking weak passwords and social engineering are just 3 ways ne’er do wells can compromise the best developed prevention strategies. And when that happens you better hope that your security provider has also included that latest in detect and respond technologies or your system and your information will be instantly at risk.

Detect and Respond

As the name implies, detect and respond approaches can sense when things in your network are not quite right and take action to contain the unusual activity before significant damage can occur. For example, when the credentials of your summer intern suddenly are used to access the network and attempt to explore portions that he or she has no business even thinking about let alone accessing.

The Konsultek Approach

At Konsultek we approach every client’s security engagement as an opportunity to develop a best fit approach. You’ll never find us espousing one-size-fits-all, cookie cutter approaches to information security. When you call, we’ll listen and when our engineering team develops your security solution you can bet it will be based upon delivering the most security value for the money. So give us a call today. We look forward to hearing from you.

read more

Ultimately, Information Security relies upon the quality of the people you have dedicated to the task. Sure there is a technology component to information and network security but in the end you need to have top performing security professionals to make it all work.

Unless you have been living under a rock you already know that there is a massive security professional shortage. And if you have been in the market for one or more of these folks (who are about as scarce as Unicorns) you also know that in order to get one interested in even having a cup of coffee with you, you’re going to have to pony up some significant amounts of cash.

The Shortage is Even Worse in Chicago

Just when you thought it couldn’t get worse, it turns out it already has. As Cory Scott over at LinkedIn shows, Chicagoland is experiencing a net outflow of security professionals!

With our headquarters in Chicago we can attest to the rare and endangered nature of the security professional in our own back yard.

What’s an Organization to do?

Fortunately, we saw this shortage coming many years ago and positioned ourselves to be able to offer Information Security as a Service. This means that you do not need to worry about finding the right technologies and keeping them up to date.  More importantly though, given the super tight market for qualified security professionals, you do not need to locate, attract, train and retain these super expensive assets because we manage the whole function for you!

An example of our outsourced services is KNACMAN. This service, which is based upon Forescout’s CounterACT platform provides world-class NAC without the capital outlay and human capital requirements that can make it cost prohibitive.

To learn more about our outsourced security solutions and how they can help your organization cope with the challenges you are facing please pick up the phone and give us a call!

 

read more

Using Next-Gen NAC for CDM
Continuous Diagnostics and Mitigation requires that you have visibility into the risks and vulnerabilities on your network, along with the ability to mitigate these risks. 

ForeScout’s CounterACT next-generation Network Access Control product gives you

  • Visibility
  • Compliance
  • Enforcement

All without any agents or changes to your network.

Cubs Tickets Drawing!

.        The first 30 people to register and attend will be
automatically entered into a drawing for
4 Cubs tickets!

Thursday, June 25
2:30 – 5:30 pm
TopGolf Chicago
699 W. Thorndale Ave.
Wood Dale, IL 60191
What is TopGolf? 

TopGolf is like bowling or darts, but for golf!
When it’s your turn, you hit a golf ball containing a personalized microchip into one of 11 targets ranging from 20 to 240 yards away. The closer to the center or “bull’s-eye” you get and the farther out you hit your microchipped balls, the more points you receive. 

Not a golfer?
Don’t worry! There are targets for both non-golfers and expert golfers. Or just hang out and enjoy the good food and fresh air.

read more

According to the LATimes “regulators are warning bankers that hackers have succeeded in changing the controls on automated teller machines to allow thieves to make nearly unlimited withdrawals.” This circumventing of the normal limits, allows the thieves to remove far more cash than people even have in their accounts.

Weekends & Holidays – Good Times for Hackers

To have access to the most cash in ATMs, these crimes are often scheduled on holidays or weekends, when the banks load more money into the machines. Also to the hackers’ benefit, monitoring of banking systems is often lower during these same time periods. “The cash-out phase of the attack involves criminals organizing simultaneous withdrawals of large amounts of cash from multiple ATMs over a short time period, usually four hours to two days,” the warning said.

Who Is Most Vulnerable?

According to the Federal Financial Institutions Examination Council who issued the warning, small and medium-sized banks are most vulnerable. The regulators also stated they expect banks to upgrade their security systems quickly because potential losses are so high. One recent attack of this nature acquired 40 million dollars using only 12 debit card accounts.

We Can Help!

For 20 years, Konsultek has prevented network attacks and improved network performance for financial institutions both large and small. Our managed solutions take the burden of network security up-keep off your organization and onto ours. Not only is this simple and easy, it is cost effective!
Ready for a dialogue? The conversation is free and the value is enormous. Please give us a call! Or sign up below to join our VIP list so you can receive the latest information on events and webinars!

 Register Now!

We respect your email privacy

read more

If there is one thing you can count on when you are dealing with cyber-security it’s that cyber-attacks won’t stop and hackers will work around the clock to bypass security systems.  In fact, we’ve recently written about the epic Target hacking which led to the personal information of over 70 million customers being compromised. This event has raised questions about how secure corporate IT systems are and what we can be done to prevent such large scale data breaches in the future.

More Retailers Hacked

It’s almost impossible to keep up with the latest viruses and cyber attacks these days using older style firewall and security systems. According to Reuters, the Target hacking may be one of many attacks. A report called Indicators of Network Defenders, “brings to light some of the first information gleaned from the government’s highly secretive probes into the Target breach and other retail hacks, including details useful for detecting malicious programs that elude anti-virus software”. They found that Neiman Marcus faced a similar attack and “at least three other well-known national retailers have been attacked”.  The report also stated that “an underground market for malicious software to attack point-of-sale, or POS, terminals has flourished in recent years”, including BlackPOS, Dexter and vSkimmer.

It’s hard to know the exact details of the Target breech but it appears it was a KAPTOXA (Kar-Toe-Sha) attack. But based on the longevity of the attack there is a strong indication that persistent code (files dropped to disk) was present. Below is the snippet that gave me the indication of persistence: “According to iSight, which has seen the government report but would not release it, the attackers also used a variety of other malicious tools to penetrate networks, maintain a persistent foothold on them and extract stolen data. iSight does not identify Target or name any other victims of the KAPTOXA tool, but indicates the investigation into KAPTOXA began on December 18, three days after Target says it discovered malware on its point-of-sale systems.

KAPTOXA monitors memory address spaces used by specific programs, such as payment application programs like pos.exe and PosW32.exe that process the data embossed in the magnetic strip of credit and debit cards data. The tool grabs the data from memory because some companies transmit card data via a secured channel inside their corporate network, which would prevent the attackers from sniffing the data in transit.”

One thing for sure is that a technology like the one Bit9 offers would have prevented this from happening.

We Can Help!

For over 15 years, Konsultek has prevented network attacks and improved network performance for c both corporations both large and small. Our custom solution approach uses the most cutting edge technologies from Bit9, FireEye and ForeScout to meet the exact needs of your organization and your network regardless of industry. Ready for a dialogue? The conversation is free and the value is enormous. Please give us a call!

 Register Now!

We respect your email privacy


 

read more

ForeScout Technologies has been a leader in the network access control space for a long time and is now being honored by SC Magazine by naming them as the their industry innovator of the year for NAC.

ForeScout Honored with Industry Innovator of the Year

According to SCMagazine, “The big new thing from ForeScout this year is API and its new program/ecosystem. The company has written 66 integrations now and expects many other third-party vendors to join”.  These integrations create synergies that deliver enhanced security solutions beyond what either Forescout or the integrated third-party can provide on their own.  A good example is their integration with FireEye. When there is “an APT-infected host, it tells CounterACT and CounterACT remediates or removes the host from the network”.

Essentially, all of these easy to implement integrations allow customers to apply their own integrations for their own use case.  This is super important because rather than a customer having to pay for expensive customizations or settling for a less than ideal out of the box solution they can develop an exact fit use case easily and inexpensively themselves.

Forescout’s flagship product, CounterACT, has truly been an innovator when it comes to securing a BYOD environment and this was also cited by SC Magazine as a reason for them winning the award as well.

Need ForeScout Training?

Konsultek is a Certified ForeScout Training center and we offer CounterACT training multiple times each year. These dynamic and informative training sessions attract participants from all over the globe.  Please visit our training page to see which dates fit best into your schedule.

 Register Now!

We respect your email privacy

 

read more