In this interview, Jason Ingalls, CEO and founder of Ingalls Information Security shares some insights about the organization’s security solutions, their unique value proposition, and their roadmap for the future.
How would you describe the modern cybersecurity landscape and how is Ingalls Information Security positioned to combat the current challenges in the industry?
One of the benefits of being around since 2010 and doing what we’ve done is our view into data security breaches and how they’ve evolved. This level of visibility is one that most businesses will never have, and it gives us insight into preventing and responding to attacks. It allows us to perform profound analysis of an organization’s information security profile. What we’ve discovered is that the four traditional pillars of information security controls: Firewalls, Anti-virus, Patch Management, and Data Backup and Recovery, simply aren’t able to stop the majority of threats today.
Businesses must decide on a new strategy to manage cybersecurity risk. At Ingalls, we define two successful strategies that we see companies adopt and thrive as a result. We’ve termed these strategies Responsive and Proactive. A Responsive Strategy involves designing and implementing the necessary controls to withstand a cyber attack, whereas a Proactive Strategy is designed to minimize the likelihood that a cyber attack will occur, as well as minimize the impact if one does. There are similarities in each, specifically around the need for a cybersecurity insurance policy. There are also major differences, including having many more cybersecurity controls in place for businesses that elect a proactive strategy.
Determine which strategy to follow is pretty straightforward and can be determined by asking the following question: If your business was idled for 1-2 weeks or if you had to explain to stakeholder (investors, clients, regulators, etc.) that your business was hacked, would it survive? If so, great; you should have a Responsive strategy. Otherwise, a Proactive strategy is necessary for your business’s survival.
We look forward to turning organizations that have been breach victims into prosperous and secure MDR clients, preventing security incidents where we can, while minimizing impact when they do occur
Both Responsive and Proactive strategies have their own share of pros and cons that significantly depend on the magnitude of the risks involved, business dynamics, and several other factors. A Responsive strategy might constitute a bare minimum requirement for an organization that could be deployed due to a regulatory necessity. It should have a cyber insurance policy component as well as an incidence response retainer to cover the organization financially and provide them breach response for the initial emergency. Even though most organizations today are inclined toward a Responsive strategy, the Proactive way of managing risk has been gaining momentum dramatically in the field. In addition to standard cyber insurance and incidence response retainer, the Proactive approach includes engaging an MDR provider that can come in and deploy the necessary controls to identify risk and manage it appropriately based on the exceptional visibility an MDR has on the organization’s environment. This provides the client with an upper hand over future attacks, allowing effective response to those attacks in a timely manner, and minimizes the impact of the intrusions that must be endured otherwise.
Could you please discuss a case scenario where Ingalls Information Security helped a company in combating a security breach?
About a year ago, we had a large multi-national firm become our client after they experienced a minor breach that we were retained to respond to. As part of that response, we deployed our toolkit to their system to investigate, and the client chose to become an MDR client after we resolved the incident. As part of the services we provide them, our email phishing helpdesk allows their employees to send suspicious emails into our SOC for analysis and intelligence gathering on attacks. We were able to successfully identify phishing attacks that led to compromised credentials and reset those accounts promptly before the attacker could use them to compromise more accounts. Within hours, our analysts were able to quickly investigate all the accounts that were being targeted and effectively defeat the attackers. The client appreciated the rapid response of Ingalls at the scene, and we’ve been receiving a ton of client referrals from this client since.
Can you share details of the firm’s journey so far? Also, how does the ‘vision 2019’ for Ingalls look?
As we go forward, we will be growing significantly within our MDR business line, as we continue to engage with a lot of new partners in 2019. Since MDR is a relatively nascent space, it has been an exciting journey to witness firsthand the growth of the MDR industry and we are very thankful for our stature within the space. Our perspective of the industry has provided us with a mountain of insights that enables us to identify and understand some of the most cost-effective risk management solutions for businesses in the modern cybersecurity realm. We look forward to turning organizations that have been breach victims into prosperous and secure MDR clients, preventing security incidents where we can, while minimizing impact when they do occur.