Thank you for Subscribing to CIO Applications Weekly Brief
Thank you for Subscribing to CIO Applications Weekly Brief
Following is the conversation that CIO Applications had with Matt Kimpel, the Director of Cybersecurity and Engineering at Magna5, to better understand how the company's solutions fit cybersecurity frameworks and how each layer of Magna5's defense is focused on specific areas where threat actors may attack an organization.
What are the challenges that clients face now in the Cybersecurity space, and how is Magna5 effectively addressing these issues?
“With the cost of cyber-attacks reaching staggering numbers, companies find it harder to recover without cybersecurity insurance and defenses in place to obtain that coverage. What frustrates them is the lack of early-warning detection due to limited visibility and awareness of existing vulnerabilities that can expose risk. Also, IT staffs are bogged down by daily operational activities with no expertise in cybersecurity. That's why businesses struggle to secure all attack vectors such as on-premises equipment, public or private cloud, remote users, Office365 access, and mobile devices. Further, they also need to focus on compliance, which requires them to maintain their environments with solutions required to be compliant, such as HIPAA, PCI, NIST, SOC, etc.
We work within an organization's budget to create a multi-layered defensive approach. Often, we work with clients that may already have access to improve their security; it just hasn't been implemented. We help them make those best practice changes and fill gaps with our solution stack, which includes managed detection and response, vulnerability management, endpoint protection bundles, firewall, intrustion prevention system management, patch management, data backup, and disaster recovery, to name a few.”
How do you bring together a 24/7/365 fully managed Operations Center with enterprise-class platforms from leading vendors? Please elaborate.
“Our focus is to provide the right blend of people, processes, and technology to improve organizations' efficiencies and drive down costs. Our 24x7x365 Operations Center is staffed with highly trained and certified engineers who are up-to-speed on the latest technologies. Whether it's cybersecurity, networking, or systems, such as virtualization or server support, we have a healthy blend of engineers who can support an organization end-to-end.
We build processes and procedures for our solutions and leverage the same methodology for our customers, having the flexibility to modify given the clients requirements. Magna5 continually evaluates the marketplace for new and improved technology while partnering with best-of-breed technology providers to provide leading-edge solutions and meet emerging challenges. Customers come to Magna5 today because they don't want to deal with an army of vendors. They want one trusted managed services provider who can provide turnkey solutions from a single source.”
We provide a holistic approach to cybersecurity, practicing layers of defense across a cybersecurity framework, to ensure customers have the best advantage to detect, response and recover from advanced threats
“When it comes to cybersecurity solutions, one-size doesn't fit all. That's why we listen carefully to what our customers are facing and what they want to accomplish. We then tailor a cost-effective solution that will have the most impact in addressing their budget, issues, and best practices. This could be anything from proactively guarding against malicious activity on an organization's network, such as malware, ransomware, trojans, and other attacks. It could also be securing company perimeters by restricting access from a wide range of endpoints—internally and externally.
We can provide a piece of the puzzle or provide full network visibility with actionable threat intelligence, allowing for incident detection across all endpoints, on and off-network.”
Please cite a case study where you have enabled clients to overcome hurdles and attain desired outcomes.
“A Magna5 manufacturing client faced a massive Dridex attack, a form of malware used to steal data via HTML injections. Dridex appeared through a spam email with a Microsoft Word attachment. Once an employee opened it and clicked on the attachment, it executed a fileless malware allowing hackers access to the workstation and credentials. Magna5 was already providing security monitoring and disaster recovery services for the client.
Through proactive managed detection and response, Magna5 spotted the threat in minutes—alerting the client, blocking initial access, and started recovering the systems using a combination of data backup and recovery as well as incident response services. While the early warning kept threat actors from exfiltrating data from the environment, shortcomings in a proper layered defense approach allowed the attack to continue as far as it did. Magna5 implemented endpoint security protection, as well as best practices on existing systems to harden their endpoints. This prepared them to counter any potential future attack before it does damage.”
How did you keep track of the right ingredients that you wanted to build the relevant solutions portfolio?
“Cyber threats are becoming ever more sophisticated and targeted. We proactively research emerging cybersecurity threats and add solutions that will help organizations reduce risks and tackle security challenges head-on. A good example was the massive shift of companies working from home or remotely during the COVID-19pandemic. Threats focused on the endpoint exposed vulnerabilities in many organizations' security stacks.
Typically, the focus had been on implementing network-based security, and with the endpoints outside the walls, many companies only had anti-virus as a means of defense on their workstations. We were able to help companies pivot their cybersecurity initiatives to provide layered defenses for their remote workforces. Some of the most common questions asked were: ‘How are we deploying patches, monitoring workstations for security threats?’ and ‘Is our anti-virus enough to stop today’s modern threat actors?’We positioned several of our existing solutions into cybersecurity bundles to help organizations increase detection and provide better protection on these devices while reducing total cost.”
How has Magna5 delivered best-in-breed solutions for the Cyber Security Solution space and is poised to march ahead in the same fashion by responding to its clients' needs?
“The threat landscape is continuously evolving, and you have to make sure your cybersecurity team and partners are ready for the challenge while adapting to new methodologies. Building a strong foundation of best practices can go a long way to preventing, limiting, and identifying breaches in real-time. Partnering with experts, like Magna5, can give you untapped access to experience and resources for addressing every aspect of cybersecurity.
Our people play a significant role in our success; they continuously identify new technologies that keep us moving ahead. We recently launched a Dark Web monitoring service to help organizations understand what information may be lurking in nefarious places. Identifying those compromised passwords being shared online helps raise awareness on how to mitigate that information being used in an attack and provides a gateway to discuss password policies, password strength, and reuse. In 2021, we plan to continue our cybersecurity practice by investing and growing our staff, introducing new solutions, and improving existing solutions.”