False Sense of Security

As Donna takes some time off, David scores an awesome co-host for the Help Me With HIPAA podcast, False Sense of Security – Ep 404. Gary Salman, the CEO of Black Talon Security, discusses threats his company is seeing in the cyber world and explains how businesses can protect themselves from cyber attacks.

One of the services that Black Talon Security provides is scanning of every device on your network to detect any vulnerable entry points that cyber attackers could exploit. Once identified, Black Talon proactively takes necessary steps to close those loopholes to ensure that hackers cannot infiltrate your system. In addition, their ethical hackers employ the same tools and techniques as cybercriminals to simulate an attack on your network to identify potential weaknesses. Black Talon will also work alongside your IT vendor to strengthen your network’s security and minimize the risk of unauthorized access.

Endpoint Detection Response (EDR) or Extended Detection Response (XDR) technologies implemented by your IT or MSP provider are considered to be an effective means of safeguarding your network. EDR provides security by analyzing individual machines, while XDR examines machines and networks as a whole, allowing for broader visibility across the environment as opposed to being limited to a single computer. This is where you might be thinking “Wow, this sounds awesome!” Well, that’s where a false sense of security will bite you in the rear end.

Despite being reliable technologies, Gary has observed that some of the most advanced EDRs and XDRs can still be breached by the bad guys. This is due to the fact that these technologies are now readily available and being employed by threat actors as well. They are developing techniques to evade detection and launch malicious attacks. Gary goes on to tell us about some strategies that we should be aware of to help with our cyber due diligence.

Another great strategy that Black Talon Security uses to help organizations is to help them conduct tabletop exercises. This is a type of simulation, or rehearsal, that is designed to test an organization’s ability to respond to a hypothetical emergency situation in a controlled environment. It is typically conducted in a meeting room or similar setting, and involves participants discussing and making decisions on how they would respond to a scenario that is presented to them.

During a tabletop exercise, participants may be given a written or verbal description of a simulated emergency, such as a natural disaster, cyber attack, or other crisis. Then, they are asked to work together to come up with a response plan, identify key decision points, and determine the roles and responsibilities of various team members.

Tabletop exercises can be an effective way to identify weaknesses in an organization’s emergency response plans and procedures, as well as to train personnel on how to respond to different types of emergencies. They can also help to build teamwork and collaboration among team members as they work together to solve problems and make decisions under pressure.

If you are interested in having Gary and his team at Black Talon Security conduct a tabletop exercise for your organization or to evaluate whether your endpoints or network are vulnerable to cyber attacks, give them a call 800-683-3797 or check out BlackTalonSecurity.com.