Trinsio Threat Assessment Case Study: Sherman County, Kansas

/in

Defense-in-Depth Mindset Leads Sherman County to Threat Assessment

Sherman County, Kansas, faced a critical need to modernize and secure its IT infrastructure across multiple facilities, including the courthouse, sheriff’s office, health department, and 911 dispatch services. To tackle this, the county’s Director of IT, Eric Albright, led an initiative to implement a unified, defense-in-depth cybersecurity strategy that would provide comprehensive protection for their network.

Eric had been keeping a close eye on the U.S. Cybersecurity and Infrastructure Security Agency (CISA) guidelines, particularly the Cross-Sector Cybersecurity Performance Goals (CPGs), which emphasize the necessity of third-party evaluations to strengthen security posture. Despite having internal systems like IDS and IPS in place, Eric understood that even the most robust systems need external validation.

Eric’s Perspective

“One of my top concerns was that we didn’t have full visibility into our network traffic,” Eric explained. “Even though we had great systems in place, you just don’t know what you don’t know. Trinsio’s analysis gave us the information we needed to address gaps we didn’t even know we had.”

Eric sought out third-party assistance to help identify vulnerabilities that may have gone unnoticed and to ensure the county’s network was fully secure. His search led him to Trinsio, a trusted provider of no-cost threat assessments for local governments, healthcare institutions, and schools.

Enhancing Security with an External Perspective

Trinsio’s approach appealed to Eric because it didn’t require access to sensitive internal data or administrative privileges. Following a brief consultation, Eric provided Trinsio’s team with non-sensitive public firewall log files. From there, the cybersecurity team at Trinsio conducted a deep analysis of incoming AND outgoing traffic using more than 50 cyber intelligence feeds from around the globe.

The results were staggering: millions of traffic requests from known malicious IP addresses had bypassed Sherman County’s next-generation firewalls. Despite the county’s adherence to industry best practices, these threats continued to evade detection.

The Solution

Trinsio recommended cost-effective solutions that integrated seamlessly with Sherman County’s existing infrastructure, allowing Eric to deploy additional layers of security without disrupting day-to-day operations or requiring new hardware. These new measures enabled the county to block malicious traffic before it reached the firewall and prevent harmful outgoing traffic.

“It’s really comforting to have things in place now that block malicious traffic before it even reaches our firewalls,” said Eric. “We’ve enhanced our security with simple, budget-friendly measures that offer an additional layer of protection.”

Results

  • Millions of malicious traffic requests identified and blocked
  • Enhanced visibility into network traffic
  • Seamless integration with existing systems without additional hardware
  • Implementation of advanced cybersecurity measures beyond the firewall
  • Cost-effective solutions tailored to the county’s budget

Challenges

  • Legacy hardware and disparate systems across county facilities
  • Lack of visibility into network traffic
  • Ensuring compliance with CISA’s Cross-Sector Cybersecurity Performance Goals (CPGs)

Unpacking HHS‘s Guidance on Network Threat Assessments: Why It’s a Game-Changer

/in

Cybersecurity isn’t just a buzzword; it’s a vital part of safeguarding our healthcare systems. The recent guidance from the Department of Health and Human Services (HHS) on network threat assessments is more than just another policy—it’s a game-changer for healthcare organizations. But why should you care? Let’s dive into why this is crucial and how it impacts your IT strategy.

Why is it Necessary?

The healthcare sector is under siege, and the statistics are alarming. In 2023, healthcare cyberattacks impacted over 100 million individuals, disrupting hospital operations and compromising patient safety. Reports highlight that ransomware attacks are escalating, with significant impacts on medical procedures and emergency care. This isn’t just about financial damage; it’s a life-threatening issue, as these attacks increasingly target critical healthcare systems (AHA).

Our Triple Threat Assessment has detected and blocked an average of 9,506,224 bad actors in a 24 hour period per case with existing cybersecurity infrastructure already in place.

To combat these escalating threats, a Network Threat Assessment (NTA) is vital. It’s not just about identifying vulnerabilities; it’s about proactively strengthening your defenses to prevent catastrophic breaches. An NTA ensures you stay ahead of evolving threats, maintain regulatory compliance, and safeguard patient care, bolstering your operational security in an increasingly perilous landscape.

What is a Network Threat Assessment?

A network threat assessment (NTA) is like a health check-up for your IT infrastructure. It systematically evaluates your network to pinpoint vulnerabilities, assess potential risks, and suggest improvements. Think of it as a security audit where experts simulate real-world attacks to test your defenses—without actually compromising your network. This proactive measure helps you stay ahead of potential threats before they become problems.

How to Find a Trusted Provider for a Threat Assessment

With HHS’s latest cybersecurity performance goals setting the pace for healthcare, it’s time to level up your security game. Embracing proactive measures is no longer an option—it’s essential. Our free Triple Threat Assessment is designed to meet these high standards, offering expert insights that not only enhance your network security but also ensure compliance with HHS guidelines.

When choosing a provider, look for these key features:

  • Extensive Threat Database: Ensure the provider utilizes a comprehensive database of over 50 known threats to effectively identify potential risks.
  • Non-Invasive Techniques: Opt for a provider that uses non-invasive methods, which means they don’t need direct access to your network, avoiding any operational disruptions.
  • Detailed Vulnerability and Exploitation Testing: Choose a provider that performs thorough vulnerability assessments and detailed exploitation testing to understand the impact of potential risks.
  • Expert Analysis and Compliance: Look for a provider that delivers a detailed findings session, offering actionable insights and ensuring compliance with standards such as CISA CPG and HIPAA Security Rule.
  • Dedicated Expert Technologists: Ensure the provider offers access to a team of dedicated experts who can provide in-depth analysis and ongoing support.

How Does Trinsio Help Healthcare Orgs ?

Healthcare Expertise: Our assessments are designed to meet the specific needs highlighted by HHS.

Proven Results: Discover our impact through case studies.

Actionable Insights: Receive clear, practical recommendations to enhance your network’s security from Trinsio.

Don’t wait for a breach. Contact Trinsio to take advantage of our free threat assessment and follow HHS’s advice.

Trinsio Threat Assessment Case Study: Jefferson County, Idaho

/in

Third-Party Validation Threat Assessment Leads To Enhanced Cybersecurity Protections for Idaho’s Jefferson County Government

 

Less than 100 miles west of Yellowstone National Park, Jefferson County, Idaho, offers scenic views and unparalleled wildlife sightseeing at either the Camas National Wildlife Refuge or Mud Lake Wildlife Management Area. The county seat, Rigby, is famous as the home of Philo Farnsworth, inventor of the first television system including both a TV receiver and camera. The region was originally founded in the mid 1800s by Pioneers trekking the Old West.

Jefferson County IT Director, Garn Herrick, had recently completed a new next-generation firewall deployment combined with additional security features from his firewall vendor.

However, Garn knew even the best-practices reactive measures on offer from next-generation firewalls no longer can be assumed to be considered comprehensive protection due to the size and scope of today’s cybersecurity attacks and the fact that organizations like Jefferson County now endure almost half of all attacks – far more than any other private or public sector organization.

Garn was aware of the International City/County Management Association (ICMA) published report for State and Local governments entitled “A Look at Local Government Cybersecurity in 2020”, that directed small governments to better protect sensitive personally identifiable information being stored on their networks.

He also knew about the alarming growth of cybersecurity attacks targeting small county and municipal government networks that drove the Cybersecurity Infrastructure Security Agency (CISA) to publish its Cybersecurity Performance Goals (CPGs) recommending a variety of third-party validations available to public and private sector organizations at no cost.

The next task on Garn’s cybersecurity action plan was to align with recent guidance from CISA on third-party validations as a method of identifying any potential gaps in cybersecurity protections through penetration tests, risk assessments, and vulnerability scans.

Like many IT professionals, Garn understood that directives from both CISA and ICMA are critical to follow, but also that the size and budget constraints of organizations like Jefferson County greatly impact their ability to prevent attacks.

As Garn began his search for third-party validations he encountered Trinsio, a technology solutions provider who offers low and no-cost options designed to empower IT departments with tools to protect their networks and data.

A threat assessment from Trinsio identified that a large percentage of the inbound and outbound traffic to and from Jefferson County’s firewall was actually malicious in nature. This data aligned with the majority of similar threat assessments performed by Trinsio for smaller county or municipal governments, further re-enforcing the threats reported on by CISA, ICMA, and other similar groups. It was evident by this data that the consensus across the cybersecurity community is correct, that simply deploying a next-generation firewall is no longer enough protection.

While still a critical part of network security, a firewall’s reactive approach to dealing with threats when paired with a proactive Active Defense with Real-time Threat Intelligence solution offers a new level of cybersecurity protection for any network.

“Even with the peace of mind that came from my next-gen firewall deployment, I knew that my county’s network may not be fully protected (especially from outbound traffic that typically isn’t dealt with at the firewall level). Trinsio’s free threat assessment really opened my eyes to the large number of both incoming and outgoing threats our network was getting exposed too. I told Trinsio about my budget limitations, but they were able to quickly design and deploy an affordable, proactive solution that sits in front of my firewall blocking millions of threats before they hit my network while also blocking potentially malicious outbound traffic at the same time.”

Garn Herrick

IT Director – Jefferson County

Trinsio’s Solution

Trinsio’s threat-blocking technology, powered by Threater’s Active Defense with Real-time Threat Intelligence, proactively protects against threats from every path in your network. Leveraging more than 50 world-class cyber intelligence feeds, Trinsio can inspect, block, and log every known threat trying to access your network.

Since Threater sits in front of the firewall, Jefferson County did not need to rip-and-replace any existing network gear making the process quick, easy, and cost-effective. Millions of bad actors now are being actively blocked on a daily basis before traffic ever reaches Jefferson County’s firewall providing Garn and county officials with an enhanced level of confidence in their security stack.

Results

  • Millions of identified threats detected
  • Significant reduction in time spent monitoring network traffic
  • Implementation of blocklist containing millions of known bad actors
  • Cost-effective solution that fit the county’s budget constraints and needs
  • Active defense built on real-time threat intelligence

Challenges

  • Searching for guidance on CISA-recommended third-party validation testing services
  • Recent deployment of new next-gen firewall
  • Small, rural county with limited budget.
  • Ideal target for cyber-attackers

Network Threat Assessments in Healthcare: A Proactive Shield Against Surging Cyber Risks

/in

Do you ever wonder what your security stack may be missing? Even when following best-practices configurations with offerings from the best vendors, it’s often surprising to see the incoming and outgoing traffic your firewall allows to get through.

A network threat assessment (NTA) is a powerful tool that can empower your organization to proactively identify and mitigate potential cybersecurity risks. In this blog post, we’ll delve into the significance of NTAs for organizations of all sizes and industries, highlighting the unique benefits they offer, especially to the healthcare sector.

A recent news post by IT Pro discussed some surprising data around how cyber attacks on healthcare organizations are surging to rates roughly four times the global average for other industries.

Other news outlets like Healthcare Drive have echoed this sentiment reporting on new healthcare stats in a Ponemon Healthcare Cybersecurity Report including:

88 %

HEALTHCARE ENTITIES THAT EXPERIENCED A CYBERATTACK LAST YEAR

4.9 M

AVERAGE COST OF A HEALTHCARE CYBERATTACK

43 %

PERCENT OF CYBERATTACKS THAT IMPACTED PATIENT CARE

The Significance of Network Threat Assessments

NTAs are far more than just a routine security check. They offer a comprehensive evaluation of your network infrastructure, uncovering vulnerabilities that could be exploited by malicious actors. By simulating real-world attack scenarios, NTAs provide invaluable insights into your network’s strengths and weaknesses, enabling you to fortify your defenses before a breach occurs.

 

Key Benefits for Organizations

  1. Enhanced Security Posture: NTAs pinpoint vulnerabilities in your network, allowing you to patch them proactively and reduce your attack surface.
  2. Improved Compliance: In regulated industries, demonstrating a proactive approach to cybersecurity is essential. NTAs help you meet compliance requirements and industry standards, showcasing your commitment to data security.
  3. Prioritized Security Investments: By identifying the most critical risks, NTAs enable you to make informed decisions about where to allocate your security budget, ensuring maximum ROI.
  4. Business Continuity: A robust security posture reduces the risk of downtime caused by cyberattacks, ensuring your operations remain uninterrupted.
  5. Reputation Management: A data breach can severely damage your organization’s reputation. NTAs help you prevent such incidents, maintaining the trust of your customers and stakeholders.

 

Specific Benefits for the Healthcare Industry

The healthcare industry is a prime target for cybercriminals due to the sensitive nature of patient data. NTAs offer unique advantages to healthcare organizations:

  1. Protecting Patient Health Information (PHI): PHI is a goldmine for attackers. NTAs help identify and mitigate risks to PHI, ensuring compliance with HIPAA regulations and safeguarding patient privacy.
  2. Safeguarding Critical Infrastructure: Hospitals and healthcare facilities rely on interconnected systems to deliver care. NTAs help protect these systems from cyberattacks that could disrupt patient care.
  3. Mitigating Ransomware Threats: Healthcare organizations are increasingly targeted by ransomware attacks. NTAs can help prevent these attacks, avoiding costly disruptions and ensuring patient safety.
  4. Building Trust with Patients: Demonstrating a commitment to cybersecurity through NTAs can bolster patient trust, a critical factor in the healthcare sector.
  5. HIPAA Security Rule: The Administrative Safeguards section of HIPAA’s Security Rule requires your organization to perform assessments.

 

The NTA Process: Non-Invasive and Comprehensive

Modern NTAs employ non-invasive techniques, meaning they won’t disrupt your network operations or compromise your data. Experienced security professionals utilize specialized tools to scan your network, identify vulnerabilities, and assess potential risks.

The process typically includes:

  • Planning and Scoping: Defining the assessment’s scope and objectives.
  • Information Gathering: Collecting data about your network infrastructure.
  • Vulnerability Scanning: Identifying potential weaknesses using automated tools.
  • Penetration Testing: Simulating real-world attacks to test your defenses.
  • Risk Assessment: Evaluating the likelihood and impact of identified risks.
  • Reporting and Recommendations: Providing a detailed report with actionable insights and recommendations.

 

How Trinsio Can Help

Network threat assessments are a proactive and essential step in safeguarding your organization from the ever-present threat of cyberattacks. By identifying vulnerabilities and mitigating risks, you can protect sensitive data, ensure business continuity, and maintain the trust of your customers.

If your organization has not yet conducted a network threat assessment, it is time to consider taking this critical step towards a more secure future.

Trinsio’s experienced cybersecurity professionals through the use of non-invasive methodologies will allow you to gain valuable insights into your network’s security posture without compromising its integrity and empower you to take additional steps to ensure better network security.