How to Meet Cybersecurity Insurance Requirements

/in , ,

As cyber threats grow increasingly sophisticated, qualifying for cybersecurity insurance has become more demanding. Insurers now require companies to implement stringent security measures to reduce the likelihood of breaches and ensure they’re adequately protected. However, deciphering these requirements can be challenging, especially if you’re unsure where to begin.

A smart first step is to seek an unbiased third-party cybersecurity assessment. This type of evaluation offers an expert overview of your current defenses, helping you pinpoint areas that need strengthening and ensuring you’re on track to meet insurer expectations.

1. Why is Multi-Factor Authentication (MFA) Required for Cybersecurity Insurance?

As cyber threats evolve, passwords alone are no longer enough. Insurers now mandate Multi-Factor Authentication (MFA) as a key requirement to protect sensitive systems. This extra layer of security helps verify user identities, reducing the risk of unauthorized access. Implementing MFA across all critical systems—especially for privileged accounts—is crucial for meeting insurance requirements and strengthening your overall security.

2. What is Endpoint Detection and Response (EDR) and Why Do Insurance Companies Require It?

Cybersecurity insurers expect organizations to have advanced defenses in place, especially at the endpoint level. Endpoint Detection and Response (EDR) tools like CrowdStrike and SentinelOne monitor devices in real-time, detecting and responding to potential threats before they cause damage. EDR is now a common insurance requirement because it minimizes the chances of a successful cyberattack, particularly in remote or distributed work environments.

3. How Often Do You Need Security Assessments and Penetration Testing?

To qualify for insurance, companies must conduct regular security assessments and penetration testing. These proactive measures identify vulnerabilities in your systems before cybercriminals can exploit them. Many insurers require assessments at least annually, with more frequent tests recommended for high-risk industries. By maintaining an up-to-date vulnerability management strategy, you’ll not only comply with insurance requirements but also fortify your defenses.

4. Why Cybersecurity Insurance Requires Employee Training Programs

Employee cybersecurity training is another non-negotiable requirement for insurers. Human error, such as falling for phishing scams or weak password practices, is a major vulnerability in any organization. Insurance companies look for robust training programs that educate employees on recognizing threats like phishing and social engineering. By empowering your team with the knowledge to spot and avoid common cyber risks, you can significantly reduce your threat exposure and satisfy insurance mandates.

5. Do You Need a Data Backup and Disaster Recovery Plan for Cyber Insurance?

Data backups and disaster recovery plans are vital for organizations facing ransomware or other catastrophic events. Insurers require these solutions to ensure businesses can recover quickly from a data breach or ransomware attack, minimizing downtime and data loss. Providers like Rubrik offer cloud-based backup solutions that meet stringent insurance standards, giving organizations peace of mind knowing they’re prepared for worst-case scenarios.

6. What is a SIEM and Why is It Required

A Security Information and Event Management (SIEM) system helps organizations detect and respond to security incidents in real time. Insurers often require SIEM solutions like Wazuh, as they provide continuous monitoring and alert businesses to any suspicious activities within their networks. SIEM not only helps you meet insurance requirements but also strengthens your ability to respond quickly to emerging threats.

7. Firewalls Still Required

Firewalls remain a critical component of any organization’s cybersecurity infrastructure, and insurers continue to list them as a requirement. However, it’s no longer enough to have a basic firewall; insurers want to see advanced firewalls that protect both the perimeter and internal segments of your network. Ensuring your firewall is configured correctly and updated regularly can satisfy this core insurance requirement.

8. Why Identity and Access Management (IAM) is Important

Managing who can access your sensitive data is crucial for reducing insider threats. Identity and Access Management (IAM) solutions like Okta help organizations control user access to critical systems and data, ensuring that only authorized personnel can reach sensitive information. Insurers require strong IAM practices as part of their cybersecurity insurance qualifications to minimize unauthorized access and potential data breaches.

9. How Often Should You Patch Systems

Cyber insurers expect companies to stay vigilant about patching known vulnerabilities. Patch management involves regularly updating all systems, software, and applications to ensure they are protected from newly discovered threats. Failing to patch systems promptly can leave your organization exposed and may even void your cybersecurity insurance policy in the event of a breach.

10. What Should Be Included in a Cybersecurity Incident Response Plan for Insurance?

An incident response plan is a requirement for nearly all cybersecurity insurance policies. This plan outlines how your organization will respond to and recover from a security breach. To meet insurance standards, your incident response plan must be detailed, regularly updated, and tested frequently. It should include steps for identifying, containing, and mitigating cyberattacks, as well as guidelines for notifying affected parties and reporting to relevant authorities.

11. Do Cyber Insurance Policies Require Data Encryption?

Yes, most cyber insurance policies now require encryption for sensitive data, both in transit and at rest. Encrypting data ensures that even if attackers gain access, they won’t be able to read or misuse the information. This essential layer of protection is a must for insurers, as it significantly reduces the impact of a data breach.

12. How to Manage Third-Party Risk for Cybersecurity Insurance Compliance

Your organization is only as secure as your weakest third-party vendor. Cyber insurance policies now require businesses to implement third-party risk management programs that assess and mitigate risks posed by vendors, partners, or service providers. This step ensures that external parties don’t introduce vulnerabilities into your network. Many insurers will demand proof that you have evaluated your third-party vendors’ security measures as part of their coverage requirements.

How to Ensure Your Business Meets Cybersecurity Insurance Requirements

Navigating the increasingly complex world of cybersecurity insurance can feel overwhelming, but by addressing these key requirements, your business can not only secure coverage but also significantly enhance its cybersecurity defenses.

If your organization is struggling to check all the boxes for insurance qualification, our cybersecurity experts are here to guide you through the process. From implementing MFA and EDR to developing incident response plans and training employees, we have the expertise to help you meet—and exceed—insurance requirements.

Ready to improve your security and qualify for cyber insurance? Book a quick call with us today to learn how we can help your organization achieve compliance and protect your business from cyber threats.

Triple Threat Assessment Case Study: Sherman County, Kansas

/in , ,

Defense-in-Depth Mindset Leads Sherman County to Threat Assessment

Sherman County, Kansas, faced a critical need to modernize and secure its IT infrastructure across multiple facilities, including the courthouse, sheriff’s office, health department, and 911 dispatch services. To tackle this, the county’s Director of IT, Eric Albright, led an initiative to implement a unified, defense-in-depth cybersecurity strategy that would provide comprehensive protection for their network.

Eric had been keeping a close eye on the U.S. Cybersecurity and Infrastructure Security Agency (CISA) guidelines, particularly the Cross-Sector Cybersecurity Performance Goals (CPGs), which emphasize the necessity of third-party evaluations to strengthen security posture. Despite having internal systems like IDS and IPS in place, Eric understood that even the most robust systems need external validation.

Eric’s Perspective

“One of my top concerns was that we didn’t have full visibility into our network traffic,” Eric explained. “Even though we had great systems in place, you just don’t know what you don’t know. Trinsio’s analysis gave us the information we needed to address gaps we didn’t even know we had.”

Eric sought out third-party assistance to help identify vulnerabilities that may have gone unnoticed and to ensure the county’s network was fully secure. His search led him to Trinsio, a trusted provider of no-cost threat assessments for local governments, healthcare institutions, and schools.

Enhancing Security with an External Perspective

Trinsio’s approach appealed to Eric because it didn’t require access to sensitive internal data or administrative privileges. Following a brief consultation, Eric provided Trinsio’s team with non-sensitive public firewall log files. From there, the cybersecurity team at Trinsio conducted a deep analysis of incoming AND outgoing traffic using more than 50 cyber intelligence feeds from around the globe.

The results were staggering: millions of traffic requests from known malicious IP addresses had bypassed Sherman County’s next-generation firewalls. Despite the county’s adherence to industry best practices, these threats continued to evade detection.

The Solution

Trinsio recommended cost-effective solutions that integrated seamlessly with Sherman County’s existing infrastructure, allowing Eric to deploy additional layers of security without disrupting day-to-day operations or requiring new hardware. These new measures enabled the county to block malicious traffic before it reached the firewall and prevent harmful outgoing traffic.

“It’s really comforting to have things in place now that block malicious traffic before it even reaches our firewalls,” said Eric. “We’ve enhanced our security with simple, budget-friendly measures that offer an additional layer of protection.”

Results

  • Millions of malicious traffic requests identified and blocked
  • Enhanced visibility into network traffic
  • Seamless integration with existing systems without additional hardware
  • Implementation of advanced cybersecurity measures beyond the firewall
  • Cost-effective solutions tailored to the county’s budget

Challenges

  • Legacy hardware and disparate systems across county facilities
  • Lack of visibility into network traffic
  • Ensuring compliance with CISA’s Cross-Sector Cybersecurity Performance Goals (CPGs)

A Proactive Cyber Security Strategy For HIPAA Security Rule Administrative Safeguards

/in , ,

Is Your Organization Protected from the Next Large-Scale Coordinated Cyberattack?

Beginning in 2020, the Federal Bureau of Investigation (FBI) reported a dramatic and sustained increase in the number of complaints to its Internet Crime Complaint Center (IC3) indicating cybersecurity attacks almost doubled between 2019 and 2020 with a total increase of 300% spanning the previous decade.

During that same time of alarming growth in cybersecurity attacks, in 2020 alone more than $4.2 billion was reported to the FBI in total lost revenue resulting from cybersecurity attacks inside the United States of America. The latest data from 2022 now reports $10.3 billion lost.

Beginning in June of 2023, the number of ransomware attacks more than doubled compared to June of 2022.

This spike in cybersecurity breaches was attributed to one of the largest coordinated cyberattacks in recent history. Russia-linked ransomware syndicate, CLOP, exploited a vulnerability in MOVEit, a widely used file transfer software, to distribute ransomware leading to widespread system disruptions and data loss spanning hundreds of organizations.

As of August 2023, more than 500 organizations and 36 million individuals have been impacted including healthcare facilities, Federal Government agencies, state and local governments, small and large businesses, and school districts of all sizes.

Health IT Security recently reported that MOVEit-related breaches compromised the electronic protected health information (ePHI) of millions of Americans.

To help combat the recent explosion in cybersecurity attacks, in July of 2022 the National Institute of Standards and Technology (NIST) released a Special Publication (NIST SP 800-66r2 ipd) titled, “Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule: A Cybersecurity Resource Guide.”

The publication serves as the latest set of guidelines to aid organizations in complying with the HIPAA Security Rule (a published set of requirements and standards for protecting ePHI from the U.S. Department of Health and Human Services).

The HIPAA Security Rule requires covered entities to maintain reasonable and appropriate administrative, technical, and physical safeguards for protecting ePHI. Specifically, covered entities must:

  1. Ensure the confidentiality, integrity, and availability of all ePHI they create, receive, maintain or transmit
  2. Identify and protect against reasonably anticipated threats to the security or integrity of the information
  3. Protect against reasonably anticipated, impermissible uses or disclosures
  4. Ensure compliance by their workforce

This cybersecurity report from Trinsio documents an emerging trend in cyberattack prevention that combines new proactive technologies to complement your existing reactive measures offered by next-generation firewall vendors.

A Proactive-Plus-Reactive Strategy Supports HIPAA Security Rule Compliance Within NIST’s Cybersecurity Framework

Let’s examine popular solutions that combine both reactive and proactive strategies leading to better overall network cybersecurity protection.

 

Reactive Solutions Inside Your Network

 

Endpoint Detection and Response (EDR)

EDR involves an endpoint security solution that continuously monitors your end-user devices. EDR can detect and often respond to threats including ransomware and malware. Analyst firm, Gartner, defines EDR as a solution that, “records and stores endpoint-system-level behaviors, uses various data analytics techniques to detect suspicious system behavior, provides contextual information, blocks malicious activity, and provides remediation suggestions to restore affected systems.”

 

Extended Detection and Response (XDR)

XDR is an evolution of EDR. XDR extends beyond endpoint detection offering advanced detection, analytics, and responses across your endpoints, networks, servers, cloud workloads, and other systems. XDR provides a more unified view that includes threat detection, alerts, detailed analysis, and quickly deployed responses to threats.

 

Security Information and Event Management (SIEM)

SIEM is an approach to security management combining security information management (SIM) and security event management (SEM) functions into one security management system. SIEM systems are designed to collect data from multiple sources, identify abnormalities, then take appropriate action. When an alert is triggered, the SIEM system typically logs information on the alert and instructs other security controls to stop the triggered activity’s progress.

 

Managed Detection and Response (MDR)

MDR services combine technology and human expertise to perform threat detection, monitoring, and response. A benefit of MDR is it helps quickly identify a threat then reduce the impact of that threat using less human interaction and therefore has a greater impact within organizations with smaller IT departments.

 

Proactive Solutions Outside Your Network

Proactive solutions sit in front of your firewall to provide an additional layer of security on top of existing firewalls, MDR, EDR, XDR, and SIEM solutions. Proactive solutions are becoming popular because they add a significant amount of additional security without requiring you to modify or rip-and-replace anything you already have purchased and deployed to protect your network.

 

Threat-Blocking-as-a-Service (TBaaS)

Most proactive solutions are Active Defense with real-time Threat Intelligence platforms that fall into the Threat-Blocking-as-a-Service category. A TBaaS deployment is quick and painless as you simply place a small preconfigured appliance in front of your firewall then subscribe to the TBaaS service which automatically does the vast majority of the work for you (all within your predetermined budget and protection level).

A TBaaS solution is similar to a blacklisting solution. However, TBaaS services are typically managed by the vendor to automatically and continually update your solution with multiple source lists (up to 50) noting millions of malicious IP addresses curated by the broader cyberintelligence community.

The main advantage of a TBaaS solution is it will comprehensively block a much greater volume of threats from bad actors since it doesn’t rely on a single-sourced blacklist from a firewall vendor.

Your TBaaS deployment can be configured to block outbound traffic in addition to inbound traffic if desired giving you another line of defense if any malicious code manages to slip into your network. For example, if an already existing piece of malware attempts to pull its payload from an external server on the internet, that outgoing request can automatically be blocked by the TBaaS service. A

t Trinsio, we often find upwards of 80% of the total inbound traffic hitting an organization’s firewall is malicious in nature. A recent Trinsio network threat assessment for a rural county government exposed more than 10 million external and internal threats from 108 different countries around the planet – all during a 24-hour period. A TBaaS solution not only provides an additional layer of security, but also improves your firewall’s efficiency by dramatically reducing the amount of traffic your firewall needs to inspect.

Trinsio Analysis: The Cost of A Proactive-Plus-Reactive Strategy

Trinsio finds that adding a proactive TBaaS component to your existing reactive next-generation firewall hardware and software subscriptions on average increases your network security spend by approximately 20 percent.

A Comprehensive Guide to Network Threat Assessments

/in , ,

Safeguarding sensitive information and ensuring uninterrupted business operations have become paramount concerns for organizations across all industries. 

As cyber threats continue to grow in sophistication and frequency, the need for proactive security measures — in addition to existing reactive security measures already in place — has never been more critical. 

One such measure that has gained prominence in recent years is a network threat assessment (NTA). Let’s dive into the intricacies of NTAs, exploring their importance, the process involved, and the benefits they offer to organizations seeking to fortify their cyber defenses.

 

What is a Network Threat Assessment?

At its core, a network threat assessment is a systematic evaluation of an organization’s network infrastructure to identify vulnerabilities, assess potential risks, and recommend mitigation strategies. It involves a thorough examination of hardware, software, configurations, policies, and procedures to uncover weaknesses that could be exploited by malicious actors.

NTAs are often conducted by experienced cybersecurity professionals or specialized firms with expertise in penetration testing and vulnerability assessment. These experts employ a variety of tools and techniques to simulate real-world attack scenarios, probing the network for entry points and assessing its resilience against various threats.

 

Non-Invasive Approach: No Risk to Your Network

One of the key advantages of modern network threat assessments is their non-invasive nature. Unlike traditional penetration testing, which often involves actively exploiting vulnerabilities, modern NTAs prioritize the safety and integrity of the client’s network.

Through the use of sophisticated scanning tools and careful testing methodologies, cybersecurity professionals can thoroughly assess a network’s security posture without causing any disruption or risk to its operations. This approach allows organizations to gain valuable insights into their vulnerabilities without compromising the confidentiality, integrity, or availability of their data and systems.

Without requiring access to — or visibility into your network or assets — Trinsio’s complimentary network threat assessment will identify and classify potential threats empowering you to take action.

 

What Organizations Can Expect from a Network Threat Assessment

The benefits of conducting a network threat assessment extend beyond simply identifying vulnerabilities. Organizations can expect to gain a deeper understanding of their overall security posture, enabling them to make informed decisions about resource allocation and risk mitigation strategies.

Some of the key benefits include:

  • Enhanced Security: By identifying and addressing vulnerabilities, organizations can significantly reduce their risk of cyber attacks and data breaches.
  • Improved Compliance: NTAs help organizations meet regulatory requirements and industry standards, demonstrating a commitment to security best practices.
  • Prioritized Security Investments: By understanding the most critical risks, organizations can prioritize security investments, ensuring that resources are used most effectively.
  • Increased Confidence: A comprehensive NTA provides stakeholders with confidence in the organization’s security posture, reassuring customers, partners, and investors.

 

The Importance of Network Threat Assessments

Sadly, today no organization is immune to cyber threats. From small businesses, to local governments, to multinational corporations, every entity that relies on digital technology is a potential target. 

Network threat assessments play a pivotal role in identifying and addressing vulnerabilities before they can be exploited by attackers.

By proactively identifying weaknesses in the network infrastructure, organizations can take steps to mitigate risks and prevent costly data breaches, service disruptions, and reputation damage. NTAs also enable organizations to prioritize security investments, focusing resources on areas that pose the greatest risk.

 

The Network Threat Assessment Process

While the specific steps involved in a network threat assessment may vary depending on the organization’s size, complexity, and industry, the general process typically follows a structured approach:

  1. Planning and Scoping: The first step involves defining the scope of the assessment, identifying critical assets, and establishing objectives. This helps ensure that the assessment is tailored to the organization’s specific needs and priorities.
  2. Information Gathering: This phase entails collecting relevant information about the organization’s network infrastructure, security policies, and firewall logs.
  3. Vulnerability Scanning: Automated tools are used to scan the network for known vulnerabilities in operating systems, applications, and network devices. This step helps identify low-hanging fruit that could be easily exploited by attackers.
  4. Penetration Testing: Experienced testers attempt to exploit identified vulnerabilities to assess the effectiveness of existing security controls and determine the potential impact of a successful attack.
  5. Risk Assessment: The findings from vulnerability scanning and penetration testing are analyzed to assess the likelihood and potential impact of each identified risk. This step helps prioritize remediation efforts.
  6. Reporting and Recommendations: A detailed report is prepared, outlining the identified vulnerabilities, associated risks, and recommended mitigation strategies. The report may also include a prioritized action plan to address the most critical issues.

 

Get Your Free Trinsio Triple Threat Assessment Today

If your organization has not yet conducted a network threat assessment, it is time to consider taking this critical step towards a more secure future. 

With the guidance of Trinsio’s experienced cybersecurity professionals and the use of non-invasive methodologies, you can gain valuable insights into your network’s security posture without compromising its integrity.

Contact us to get started today.

Transitioning from POTS Lines to Modern Telecom Solutions: A Guide for Government Entities

/in , , ,

Remember the days of dialing up friends on clunky POTS lines? It’s time to say goodbye to the old and embrace the new in telecom solutions.

Remember the days of dialing up friends on clunky POTS lines? It’s time to say goodbye to the old and embrace the new in telecom solutions. POTS lines include traditional copper-based analog phone service organizations use for voice, elevator phones fax machines, security, fire, and alarm sensor lines to name a few.

For government entities like schools, cities, and counties, transitioning from outdated POTS (Plain Old Telephone Service) lines isn’t just about keeping up with the times—it’s about saving costs, ensuring compliance, and preparing for the future of communications.

POTS Lines are Going Away
Analog phone carriers in the U.S. are no longer required to maintain their networks, guarantee reliability, or keep costs low. This is a result of the recent 19-72 ruling from the Federal Communications Commission (FCC) titled “FCC Grants Relief From Outdated, Burdensome Phone Industry Regulations.”

Copper-based carriers are now free to raise costs at will, reduce reliability SLAs, or even discontinue analog service altogether anytime at their discretion.

Why Upgrade from POTS Lines Now?

Let’s face it: relying on traditional POTS lines is like sticking with your flip phone while everyone else is on smartphones. Costs have skyrocketed, and the reliability of these aging systems is becoming less dependable.

That’s why transitioning to modern, internet-based solutions like VoIP and cloud-based services is not just a trend—it’s a smart move for your budget and your operational efficiency.

Navigating Compliance and Safety

In today’s regulatory landscape, compliance isn’t optional—it’s crucial. Whether it’s fire alarms, security systems, or emergency call boxes, ensuring your systems meet UL, NFPA 72, and ASME A17.1B standards is paramount.

Avoiding penalties and downtime due to outdated technology is a clear incentive to make the switch sooner rather than later.

Transitioning to Modern Telecom Solutions: How to Do It Right

  1. Assess Your Current Setup: Take inventory of your existing POTS lines and understand their usage and locations. Knowledge is power when planning your transition.
  2. Explore Modern Alternatives: Consider solutions that offer reliability and cost-effectiveness in transitioning away from POTS lines. For instance, opting for privately peered solutions ensures unparalleled security and performance.
  3. Plan and Execute: Start planning your transition now to minimize disruptions. Providers like Trinsio offer tailored solutions that keep your operations running smoothly.
  4. Partner with Trinsio: Trinsio is the pioneer in privately peered POTS replacement solutions. Unlike traditional providers, Trinsio’s approach guarantees superior reliability and security for your critical telecom needs.

Why Trust Trinsio for Your Government’s POTS Replacement Needs?

Trinsio leverages over 30 years of experience in network design, cloud technologies, and secure data center operations. Our team is dedicated to delivering reliable POTS replacement solutions tailored to meet the unique needs of government entities.

All of Trinsio’s POTS replacement solutions include an industry-exclusive privately peered connection between the hardware inside your buildings and the POTS replacement service provider.

 This allows Trinsio to provide your organization with increased speed, security, control, and reliability compared to any other POTS replacement solution from any/all other vendors or resellers.

Discover Reliable Telecom Solutions Today

Contact us today to learn how we can help your government seamlessly transition to modern telecom solutions. Let’s work together to ensure continuity and efficiency in your telecommunications infrastructure.

The Advantages of Privately Peered Connections for Critical Internet-connected Security, Alarm, Fire, Elevator and Communications Systems

/in , , ,

In today’s digital age, the backbone of our connected world lies in the seamless communication between various internet-connected hardware components and critical systems.

As organizations increasingly rely on these connections, the importance of their speed, security, control, and reliability cannot be overstated. 

Although somewhat rare, special Privately Peered Connections, which involve direct interconnections between networks, offer significant advantages in these areas. 

What are some of the benefits to leveraging private peering when possible?

Speed – Reducing Latency and Enhancing Performance

One of the most immediate benefits of privately peered connections is the significant reduction in latency. When data travels over the public internet, it often takes a convoluted path, hopping through multiple routers and networks before reaching its destination. 

This journey can introduce considerable delays, especially during peak traffic times. In contrast, privately peered connections enable direct data exchange between networks, bypassing the congested public internet.

A direct path minimizes the number of hops and reduces the overall distance data must travel, resulting in lower latency and faster data transfer speeds. 

Faster connections translate to more responsive systems, improved user experiences, and a competitive edge in the market.

Security – Safeguarding Sensitive Data

Security is a top concern for any organization handling sensitive data. When data traverses the public internet, it is exposed to a myriad of potential threats, including interception, hacking, and other forms of cyberattacks. 

Privately peered connections provide a robust security advantage by creating a dedicated, isolated link between networks.

With a privately peered connection, data bypasses the public internet entirely, significantly reducing the risk of interception. This isolation ensures that sensitive information remains within a controlled environment, enhancing overall data security. 

For industries such as healthcare, finance, and government, where data breaches can have severe consequences, privately peered connections offer peace of mind and regulatory compliance.

Control – Customizing Network Management

Control over network management is another compelling reason for privately peered connections. Public internet traffic is subject to the policies and priorities of multiple Internet Service Providers (ISPs), which can lead to unpredictable performance and limited control over routing decisions. 

Privately peered connections, on the other hand, grant organizations greater control over their network infrastructure. You can often tailor their network configurations to suit specific needs, ensuring optimal performance and reliability. 

This control extends to bandwidth allocation, Quality of Service (QoS) policies, and traffic prioritization, allowing organizations to fine-tune their networks to meet the demands of their critical applications.

Reliability – Ensuring Consistent Connectivity

Reliability is a cornerstone of any robust network infrastructure. The public internet, with its susceptibility to congestion, outages, and route changes, can be unreliable for mission-critical use cases. 

Privately peered connections offer a more dependable alternative by providing a stable, dedicated link between networks.

This dedicated connection is less prone to the fluctuations and failures that can plague public internet routes. By reducing the dependency on third-party ISPs, organizations can ensure more consistent and predictable network performance. 

This reliability is particularly crucial for services that require uninterrupted connectivity, such as POTS line replacement solutions, VoIP services, security/fire alarm sensor panels, or online transaction processing systems.

The Trinsio Private Peering Advantage

All of Trinsio’s POTS replacement solutions include an industry-exclusive Privately Peered Connection between the hardware inside your buildings and the POTS replacement service provider.

This allows Trinsio to provide your organization with increased speed, security, control, and reliability compared to any other POTS replacement solution from any/all other vendors or resellers.

This key feature, combined with Trinsio’s preferred pricing status, gives you a better overall solution at unbeatable prices.

Trinsio is focused on empowering you to future-proof your organization’s critical communication systems to handle the demands of tomorrow. 

Contact us today to see how much you could save today on a POTS replacement solution for your organization.

Case Study: Jefferson County, Idaho

/in , ,

Third-Party Validation Threat Assessment Leads To Enhanced Cybersecurity Protections

Less than 100 miles west of Yellowstone National Park, Jefferson County, Idaho, offers scenic views and unparalleled wildlife sightseeing at either the Camas National Wildlife Refuge or Mud Lake Wildlife Management Area. The county seat, Rigby, is famous as the home of Philo Farnsworth, inventor of the first television system including both a TV receiver and camera. The region was originally founded in the mid 1800s by Pioneers trekking the Old West.

Jefferson County IT Director, Garn Herrick, had recently completed a new next-generation firewall deployment combined with additional security features from his firewall vendor. 

 However, Garn knew even the best-practices reactive measures on offer from next-generation firewalls  no longer can be assumed to be considered comprehensive protection due to the size and scope of today’s cybersecurity attacks and the fact that organizations like Jefferson County now endure almost half of all attacks – far more than any other private or public sector organization.  

 Garn was aware of the International City/County Management Association (ICMA) published report for State and Local governments entitled “A Look at Local Government Cybersecurity in 2020”, that directed small governments to better protect sensitive personally identifiable information being stored on their networks. 

 He also knew about the alarming growth of cybersecurity attacks targeting small county and municipal government networks beginning in 2020 that drove the Cybersecurity Infrastructure Security Agency (CISA) to publish its Cybersecurity Performance Goals (CPGs) recommending a variety of third-party validations available to public and private sector organizations at no cost.

 The next task on Garn’s cybersecurity action plan was to align with recent guidance from CISA on third-party validations as a method of identifying any potential gaps in cybersecurity protections through penetration tests, risk assessments, and vulnerability scans.

Like many IT professionals, Garn understood that directives from both CISA and ICMA are critical to follow, but also that the size and budget constraints of organizations like Jefferson County greatly impact their ability to prevent attacks. 

As Garn began his search for third-party validations he encountered Trinsio, a technology solutions provider who offers low and no-cost options designed to empower IT departments with tools to protect their networks and data.

A threat assessment from Trinsio identified that a large percentage of the inbound and outbound traffic to and from Jefferson County’s firewall was actually malicious in nature. This data aligned with the majority of similar threat assessments performed by Trinsio for smaller county or municipal governments, further re-enforcing the threats reported on by CISA, ICMA, and other similar groups.  It was evident by this data that the consensus across the cybersecurity community is correct, that simply deploying a next-generation firewall is no longer enough protection. 

While still a critical part of network security, a firewall’s reactive approach to dealing with threats when paired with a proactive Active Defense with Real-time Threat Intelligence solution offers a new level of cybersecurity protection for any network.

“Even with the peace of mind that came from my next-gen firewall deployment, I knew that my county’s network may not be fully protected (especially from outbound traffic that typically isn’t dealt with at the firewall level). Trinsio’s free threat assessment really opened my eyes to the large number of both incoming and outgoing threats our network was getting exposed too. I told Trinsio about my budget limitations, but they were able to quickly design and deploy an affordable, proactive solution that sits in front of my firewall blocking millions of threats before they hit my network while also blocking potentially malicious outbound traffic at the same time.”

Garn Herrick 

IT Director – Jefferson County

Trinsio’s Solution

Trinsio’s threat-blocking technology, powered by Threater’s Active Defense with Real-time Threat Intelligence, proactively protects against threats from every path in your network.  Leveraging more than 50 world-class cyber intelligence feeds, Trinsio can inspect, block, and log every known threat trying to access your network. 

Since Threater sits in front of the firewall, Jefferson County did not need to rip-and-replace any existing network gear making the process quick, easy, and cost-effective. Millions of bad actors now are being actively blocked on a daily basis before traffic ever reaches Jefferson County’s firewall providing Garn and county officials with an enhanced level of confidence in their security stack.

Results

  •  Millions of  identified threats detected
  • Significant reduction in time spent monitoring network traffic
  • Implementation of blocklist containing millions of known bad actors
  • Cost-effective solution that fit the county’s budget
    constraints and needs
  • Active defense built on real-time threat intelligence

Challenges

  • Searching for guidance on  CISA-recommended third-party validation testing services
  • Recent deployment
    of  new next-gen firewall
  • Small, rural county with limited budget.
  • Ideal target for cyber-attackers

Ransomware Attack in New Mexico: A ‘Gut-Check’ for Local Government Entities

/in ,

Ransomware Strikes New Mexico

On January 5, 2022 between Midnight and 5:30 a.m. ransomware struck Bernalillo County in New Mexico. The Albuquerque Journal reported that the attack affected “a wide variety of county government operations. Most county buildings were closed” which halted many of the counties operations.

All Bernalillo County websites were offline as a result of the cyber attack which made working with the public very difficult, but most concerning was the way the county-operated jail was affected. Government officials were unable to access cameras which caused inmates to be temporarily limited to their cells. Inmates were also reduced in their access to telephones, tablets, and unable to have visitors. The facility was on lockdown for several days following the attack. 

Bernalillo County was not the first Ransomware attack on a local government entity and certainly will not be the last. These ransomware attacks are frequent and not only disrupt government services but can also compromise data and have significant impacts on local communities.

Ransomware Attacks Targeting Local Government Entities

According to The Washington Post, “in 2019, cybersecurity experts noticed a significant increase in ransomware attacks on municipalities, cities, and towns across the country and these attacks continue to trend upward. Cyber criminals target local governments because oftentimes these organizations have limited personnel, equipment, budget, and resources to devote to cybersecurity. 

The FBI has said concerning the matter that local government entities will continue to experience ransomware attacks. Especially as “deployment and targeting tactics evolve, further endangering public health, safety, and resulting in significant financial liabilities.”

Is your City/State/Municipality Prepared?

Months later, Bernalillo County continues to feel the effects of this ransomware attack. This devastating attack certainly serves as a gut check for other local government entities. Are you prepared to withstand a ransomware attack? Do you have a data backup strategy in place? Are your employees adequately informed and understand the risks/vulnerabilities?

ENSURE you are SECURE

Trinsio is a data backup solution that will ensure that your data is secure. As a Rubrik strategic partner, Trinsio offers top-of-the-line technology for a fraction of the cost. Trinsio understands that your small town is important to you & will help you first, to understand your data, and then create a plan to protect it.

US Trucking and Logistics Companies Fall Prey to Ransomware Gangs

/in , ,

Cybersecurity is an ever increasing necessity as ransomware attacks occur more frequently. Three companies, all a part of the transportation and logistics industry, have experienced this in the past few months. 

 

Transportation and Logistics ransomware attacks

On December 15, 2020, Forward Air, a trucking and logistics company located in Tennessee, was attacked by ransomware group Hades, which resulted in a loss of revenue. This targeted attack left the company vulnerable to further data loss and affected both their operational and information technology systems. A note found on their computer screens threatened the total loss of their data unless they complied with the instructions to follow a link to a dark website. No ransom amount was included with the initial message, only a note that the link would provide further instructions.  A week later their website was back up and they looked to be on their way to a recovery.

During that same month, another company, OmniTRAX, was attacked and had at least 70 GB stolen and leaked through a well known leak site. OmniTRAX was the first US Freight rail operator company to be targeted by this kind of cyber attack. OmniTRAX, located in Colorado,also refused to comment on the scale of the attack, however they will be inputting more cyber security measures to prevent future attacks. 

DSC Logistics, located in Illinois, was also attacked  late January of this year. As with the previous companies, they did not comment on the effects of the attack. They did not pay the ransom demanded, apparent by the company being listed on a leak site. However, due to cyber security measures already in place, the attack did minimal damage to the company, with data unknown to have been stolen.With “security practices and response measures” already in place, DSC Logistics was the most prepared for and least affected by a cyber attack (Tabak, 2021). Even so, they are also increasing their cyber security to prevent further damages.

 

Federal Bureau of Investigation taking steps to take down ransomware gangs

As evident by the location of each of these companies, the entire nation is susceptible to cyber and ransomware attacks. It is a growing concern, and one that our nation is taking steps to eliminate. The Federal Bureau of Investigation recently disrupted activities of a well known ransomware gang Emotet. They are responsible for millions of computers affected and hundreds of millions of dollars in damages. The FBI are currently working with private and public entities to stop Emotet from further destruction. 

Along with ransomware gangs, individuals involved in these gangs are being investigated. Take Sebastien Vachon-Desjardins, a Canadian indicted in Florida. From his charges in the indictment, it is supposed that Desjardins has accumulated over $25 million from cyber crime.

The Department of Justice is also actively pursuing and investigating the ransomware gang NetWalker. NetWalker’s attacks have targeted several different entities, from hospitals to universities. The FBI has seized approximately $500,000 of their ransom payments. 

No one is completely safe from ransomware attacks, as evident by these three examples. It is in your best interest to have the security measures in place that will prevent damage to your company and yourself. Do your part by increasing your cybersecurity. If you are a victim of an attack, contact your local FBI authorities and file a report. Every recorded attack helps the effort to stop cyberattacks and ransomware gangs.

New CyberEdge Cyberthreat Defense Report Shows Scary Stats

/in , ,

CyberEdge Group, a well-known marketing and research firm with a focus in technology, recently came out with the newest CyberEdge Cyberthreat Defense Report (CDR). The report surveys large companies (500 or more employees) around the world and spans 19 different industries. It reports on the companies’ relative preparedness to the rest of the survey population and the cyberthreats they encountered throughout the year. The survey is fairly comprehensive and provides a good standard on how to measure how businesses across the world are combating cybersecurity threats. 

This year’s report confirmed the prevalence of ransomware and other cyberthreats, as well as introduced new IT trends. We’ve brought to you the top five insights from this year’s report:

1. In 2020, over one-third of the organizations surveyed by CyberEdge experienced more than 6 successful cyberattacks. 2020 saw the highest percent of organizations experiencing successful cyberattacks since 2015 (80.7%). 

While the trends on cyberattacks have been scary, never before have we seen these kinds of statistics. Let’s think about what this means; on average, over one-third of the organizations surveyed fell prey to a cyberattack every two months. With that magnitude of interruptions, cyberattacks are sure to be a serious hindrance to those businesses’ ability to create new value for themselves and their customers. 

Additionally, we have seen an increase of 10 percent in the number of organizations who experienced a successful attack since 2015. With over 80 percent of those surveyed reporting that they experienced at least one attack in 2020, the chances of any business experiencing a cyberattack at least once during 2021 are only ever increasing.

2. 62% of organizations were victims of ransomware (this has been steadily rising since 2017). An increased number are paying the ransom demand, too (58% of victims, compared to 45% in 2019).

Lane Livingston, CTO and Co-Founder of Trinsio said in a recent interview, “In today’s world there are a few things that will make or break your company, regardless of your size or industry. In addition to the list you are thinking about (key employee retention, brand and reputation, sales and marketing, customer retention), an often overlooked but potentially even more devastating source of disruption and destruction is cybersecurity.

“If your IP or critical data is exposed or encrypted and held for ransom (Ransomware), what’s the impact on your business? What if that data is irretrievably lost? Two critical facts: 1, According to DHS, every business will have a cybersecurity breach within the next two years. That is everyone. 2, 70%+ of all businesses who lost critical data in a data breach or data loss scenario will go out of business within 2 years.   Prepare and plan or crash and burn.”

3. More organizations than ever are saying they are very likely to experience a cyberattack in the next year (69%). 

While the number of organizations that recognize that they are susceptible to cyberattacks has increased, it is still in question whether organizations are doing enough to turn that around. The CyberEdge DFR reported that the organizations surveyed saw lack of budget as a barrier which inhibited their organizations from adequately defending against cyberthreats. 

4. 85% of respondents said they wanted security products with machine learning and AI. 

Many of the other barriers which prevented adequate defence against cyberthreats (such as too much data to analyze, insufficient automation of threat detection and response processes could be solved with Artificial Intelligence (AI). AI as a tool against ransomware has proved to be a great asset, and this new trend suggests that companies are beginning to see that. As the threats against us get smarter, so must we! 

5. One of the biggest barriers in 2020 in cybersecurity remains the lack of available skilled professionals.

The highest ranked barrier to establishing effective cybersecurity defenses for 2020 was the lack of skilled personnel, with the next highest barrier being the low security awareness among employees. Until organizations can effectively increase the security awareness for their employees, they will be hard pressed to have an effective cybersecurity posture. As the saying goes, the chain is only as strong as its weakest link.

Want to check out more interesting security trends in 2020? Read this article. Looking for ways to improve your organization’s cybersecurity posture? Click here.