by Damon Fleury
Increased cyber security challenges
With some of the largest scale hacks occurring last year, there has never been a better time to pay attention and re-evaluate your defenses. An estimated 111 billion lines of new software code being created every year, equates to billions of potential vulnerabilities. There are new estimations that cyber-crime damages will cost the world $6 trillion annually by 2021, making it more profitable than the global trade of all major illegal drugs combined. With the growing need for a wider range of more sophisticated defenses, we at CDI continue to grow our capabilities to address the escalation of cybersecurity challenges. We’re adding key expertise to our team to address the full scope of cybersecurity challenges for our clients.
Ray Yepes is an experienced cyber security practitioner, with proven skills in the fields of information security and IT privacy/risk/compliance. Yepes has consulted, designed, maintained, and/or implemented perimeter/infrastructure security, endpoint/network security architectures, and security policies for companies, including Fortune 50 organizations. He has conducted and managed responses to thousands of incidents such as malware, phishing, password attacks, denial of service attacks (DoS), social media threats, advanced persistent threats (APT), and much more. Ray explains that cybersecurity solutions are valuable tools and “must-haves” for any organization today; however, the gaps and loopholes in these cybersecurity solutions pose the greatest risk to any organization. That’s why Yepes’ focus has been to create and manage teams capable of manning these gaps and loopholes by embedding analytics deeply into the business process at the stage where actions are not automated, but manned by an actual person.
Ray joins the team to head up our Incident Response and Forensics activities and to join forces with our other seasoned cybersecurity leaders, including Monty St John and Chris Rogers. Together, these industry leaders are guiding the teams providing the world’s most advanced and innovative threat hunting and response services. They are advancing the way we roll-out security services to our clients. We are excited to add Ray’s deep skills and experience to our team and look forward to working alongside him as he engages with our clients and the larger community in his new role.
Threat Hunting and Response
What does all of this mean? With a whole Managed Security Services division focused on Threat Hunting and Response, we can amplify our ability to tackle all three subdivisions of this area of cybersecurity, namely, Advanced Detection, Incident Response, and Digital Forensics.
- Advanced Detection: Managed detection and response (MDR) services focus on finding previously undetected threats that have breached an organization’s perimeter and are moving laterally through the IT environment. This includes: behavioral analysis, big data analytics, threat intelligence & hunting, proactive incident response, and 24/7 monitoring.
- Incident Response: If an Incident Response (IR) plan, properly trained personnel, and specific policies and procedures are not in place, an incident can quickly escalate into an emergency, crisis, or a disaster. IR is the process of limiting the potential disruption caused by such an event, followed by a return to business as usual. This 5-step process includes procedures to execute identification, containment, eradication, recovery, and hardening processes.
- Digital Forensics: The need for computer forensics could emanate from investigation into intellectual property theft, industrial espionage, employment disputes, fraud investigations, forgeries, bankruptcy investigations, inappropriate email and internet use in the work place or regulatory compliance. It involves finding and analyzing files and file ‘metadata’ to ascertain facts and involves steps to collect, analyze, and report findings.
Time to Act
With a growing number of entities, both in the public and private sector, being targeted on a regular basis, there has never been a greater need to evaluate your systems and induce well-though-out and tested approaches to cyber security procedures. For more on these Managed Security Service options you can visit our website and utilize the drop down menus: Our Services>Managed Security Services>Threat Hunting & Response.