this is the archive page

How do you ensure the security of your supply chain?

Over the weekend another major crypto ransomware attack occurred, this time through an enterprise software vendor called Kaseya.

Tracking Point of Sale malware and determining if the malware from the Home Depot Cyber Attack was different than what was used on Target
This kind of attack allows the cyber criminals to maximize the damage.

For many CEOs or business owners, that name might not be familiar, since many of the companies that use this software are Managed Service Providers (or MSPs). The MSP uses the Kaseya software to manage their client’s computers.  This kind of attack allows the cyber criminals to maximize the damage by attacking not just one or two victims, but instead attacking one company that has connections to hundreds of other companies.

The technical details of the attack can be found here in this Threatpost article, Kaseya Patches Imminent After Zero-Day Exploits | Threatpost. If you have been impacted, you can track updates from Kaseya here on their website update link: Important Notice July 7th, 2021 – Kaseya

So what should you do if you have been impacted by this criminal attack? I’ve had similar considerations in my time as a security leader—here’s my take.

First, if you have cybersecurity insurance, hopefully you have called your insurance provider and you are working with them to obtain the necessary resources to get back up and running.

Second, once you have a minute to stop and think, review what other vendors you depend on to function as a company.

Do you have a payroll provider? If so, you will want to assess the maturity of their security program— perhaps by examining the results of an independent audit, such as a SOC Type II report, to see how they are protecting your data. 

Do you have vendor partners who have access to your company network? If so, you want to review how they protect their networks from cybercriminals so that if they are attacked, you don’t become a victim as well.

Do you use an MSP to help you manage your computers? If so, you also want to understand the measures they take to protect you from cybercriminals. Do they require multi-factor authentication (MFA) to access your network? Do they regularly update their computers and network to prevent attacks by cybercriminals using known vulnerabilities? Are they doing the same types of risk reviews you are with their own third-party service providers and vendors? There’s a lot to consider when assessing the security of your supply chain. If you have questions about cybersecurity insurance, what a “SOC Type 2 audit” is and how to interpret the report, or how to know if your MSP is protecting your data, contact the CBTS Security practice.

John is a veteran technologist, CTO and CISO. He has nearly 30 years of experience building and running enterprise IT and shepherding information security programs towards maturity, based on industry standards like ISO27K and NIST CSF, as well as regulatory compliance requirements from PCI-DSS, HIPAA, FERPA, A133 and GDPR.

John has several GIAC certifications (GSEC, GCIH and GCWN) and has been active in the local information security community, through groups like Infragard and the Higher Education Security Council for EDUCAUSE. He holds BS and MA degrees from Xavier University and has served as an adjunct professor at Xavier and the University of Cincinnati.

Cybersecurity Guidance from the Top

Seems like nowadays, everybody’s got an opinion on how to protect your data and assets from threats like ransomware, supply chain attacks, and good old exploitation of vulnerable Internet-facing services.

That’s not really a bad thing, to be honest. At the heart of any responsible, mature security program is a set of fundamental principles—least privilege access, defense in depth, etc.—as well as basic practices like vulnerability management and security monitoring. The more voices we have urging organizations to adopt them, the better.

One significant voice in the last few months has been the White House. In May, we saw the President issue an executive order directing new security requirements for federal agencies as well as their suppliers. Key among these requirements:

  • Service providers will have to share information about threats they’ve observed and breaches they’ve experienced, and to store logs and telemetry for use in breach investigations.
  • Suppliers of software to the federal government will have to adhere to new requirements around secure software development. They will need to use administratively-separate build environments, audit trust relationships, and implement risk-based multifactor authentication (MFA).  Additionally, they will need to document and minimize software dependencies in the build process, use encryption, and monitor the environment for threats.
  • Federal agencies themselves will have to migrate to a zero trust network architecture, roll out endpoint detection and response (EDR) tools, and implement MFA and stronger encryption on data at rest and in transit. Furthermore, they will have to adopt a new framework to share threat and incident information with each other.

The technologies listed here—MFA, EDR, and zero trust—are more than just fancy new industry buzzwords (although they sure are used that way). They represent some of the most effective modern security controls available. It’s encouraging to see the White House push their use.

The Biden administration has been vocal about the recent spate of high-profile ransomware attacks, too. In response, Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology, published a memo to business leaders—not just federal contractors, but any business operating a computer network—urging them to invest in some of these same technologies.

The guidance lays out a set of valuable practices that can help address ransomware as well as many other potential threats:

  • Implement MFA, to protect against stolen credentials.
  • Implement EDR, to identify suspicious activity in your environment and respond quickly.
  • Encrypt your data (note that while ransomware attackers also encrypt data, this control prevents them from publishing stolen data, a more common tactic observed by these attackers).
  • Patch your operating systems and applications.
  • Back up your systems, test the backups, and use offline backups.
  • Run tabletop exercises to test your incident response plan.
  • Use a third-party penetration testing firm to determine if your defenses will withstand an actual attack.
  • Segment your networks to limit internal access to critical systems and data.

While we agree with this guidance, and the effectiveness of these technologies and practices—indeed, our security team can help with solution selection, design, implementation, testing, and tabletop exercises—we feel they are best accomplished not as a set of standalone projects, but as the effort of what Neuberger calls a “skilled, empowered security team” that is the core of your business’ information security program.

We talk a lot about security programs around here, and we’d love to talk to you about how to build yours!

Critical MS Exchange Server Vulnerabilities – What you need to know

While the last few years have seen most of our customers move their enterprise messaging from a local Exchange cluster to Microsoft 365, plenty still have some on-premises Exchange infrastructure. If this describes your organization, hopefully you have already heard about the critical updates that were released to address vulnerabilities in Exchange 2010, 2013, 2016, and 2019.

Vulnerabilities in some on-premises Exchange infrastructure can expose your organization to attackers.

It is absolutely essential that these updates are applied to your servers immediately. Bring them down in the middle of the day if need be—whatever it takes to get them applied. Why is this so serious? Because the vulnerability is currently being widely exploited by attackers, many of whom are believed to be nation-state actors. The exploit allows the attackers to gain access to the Exchange server, its data, and can also provide a launchpad for further attacks against the victim’s computing environment.

If you’ve patched already, great—but understand that this  does not protect you if you were compromised before the patch was installed. Microsoft has released guidance on what to look for on your Exchange servers to ensure no attacker successfully gained a presence on them. This guidance, and links to the updates, are all available at, which is being regularly updated with new information. Get patching!

Continue Reading: Top 5 cybersecurity actions to take right now

Post COVID-19: Will a remote workforce become the new normal for healthcare?

During this time of uncertainty many healthcare professionals are appropriately focused on an endless list of things we have to do before our healthcare systems are hit with the full force of COVID-19. While we can and throughout the entire pandemic, I encourage everyone to take time to focus on things that are going well and can be leveraged in the future. 

Having spent 15 years in healthcare IT operational / strategic roles and now time with healthcare executive customers, I’ve had the opportunity to reflect on how healthcare organizations across the country respond to natural disasters and, in this case, a global pandemic. One question that keeps coming to mind is “Why is it always a fire drill, when healthcare organizations decide to send non-clinical employees home to work?”

Most of my 15 years of healthcare IT leadership were spent working for healthcare organizations in Florida, so I’ve seen my fair share of hurricanes. While we were always clinically prepared for the hurricane, we would still struggle with what to do with essential, but non-clinical employees. I recognize there are significant differences between a global pandemic and a hurricane, but argue there are similarities in the non-clinical response from healthcare organizations. In each case, the primary focus of healthcare organizations is to provide uninterrupted care for patients, protection for our employees and to return to normal operation as quickly and safely as possible.  Shifting Patient Financial Services, HR, Finance and Accounting, Patient Registration, etc. to work from home or remote work is always considered and often selected as the solution to protecting our employees and providing continuity of operations. After the event, we begin to return to normal operations, but what if we changed the definition of “normal operations” by leaving those remote workers…remote?

There are many reasons to consider making this the new normal, but two stand out:

  1. When the next natural disaster / pandemic hits, healthcare organizations will not have to figure out what to do with non-clinical employees since they will already be working from home. Instead, they will be able to immediately focus ALL of their efforts on the clinical response.
  2. Physical space is at a premium in healthcare organizations across the globe. Leaving these employees at home would create opportunity to turn non-revenue generating space into much needed revenue generating space. Many of these offices and buildings can be converted in to Ambulatory care spaces with relative ease. In the cases where buildings are leased, the positive impact would certainly be seen on the balance sheet.

So…why haven’t we done this already?

  1. It’s the way we’ve always done it. Healthcare has traditionally been a face to face workforce. The majority of care is still delivered in a face to face fashion and often this approach to work is adopted by the entire organization without thought. It just happens over time.
  2. HIPAA / Privacy concerns are always cited and MUST be considered when employees work with patient health information (PHI) in any location. With that said, clinicians have been providing remote care for years under the same HIPAA / privacy concerns.

During the COVID-19 pandemic, healthcare organizations should take advantage of the opportunity to scrutinize what works and what doesn’t with regard to their current implementation of non-clinical work from home employees. Post COVID-19, healthcare organizations should seriously consider why those employees need to return to the office.

If HIPAA / Privacy concerns are a “perceived” roadblock, consider this fact – For years, doctors and nurses have been documenting from home, using telephones and video to treat patients remotely and, in many cases, monitoring ICU patients remotely.

Ask yourselves why clinicians have adopted remote technologies at a faster pace than their back-office counterparts and then solve for those differences. The result will be a nimble, resilient, patient focused healthcare organization!

Machine learning and AI: past to present

1952 saw the first computer program that could learn as it ran. It was a game which played checkers and was created by Arthur Samuel.

Fast forward to 2019 and the usage of machine learning (ML) and artificial intelligence (AI) has accelerated to real-world use cases that can be applied to modern-day business problems.

Here are just a few of the ways that machine learning and AI improves our quality of life on a daily basis:

  • Receiving a movie or song suggestion while browsing video or music streaming services like Netflix, YouTube, and Spotify.
  • Using smart devices, such as the Nest thermostat, to determine your home’s optimal temperature settings when you’re home and away.
  • Google provides suggestive “predictions” based on the initial keyword(s) that you type into the search bar.
  • Machine learning and its subset, AI, have been deployed to assist companies with solving legacy problems related to IT systems (e-mail spam, threat detection, and mitigation) as well as physical security (theft and shrink reduction).
  • Document recognition and compliance to check signatures on thousands of documents—a process that takes humans hours or days to complete.
  • Image analysis using ML and AI is showing promise in the detection of cancerous tumors and is being used to diagnose and determine action to mitigate risk.
  • Chatbots, or automated “Level 1” support, provides customer service support without human intervention.

What is Machine Learning and Artificial Intelligence?

AI is a broad term that refers to the doctrine or study of training systems to perform tasks in a more efficient manner than humans can execute.

Machine learning is more nuanced and is often referred to as a “subset” of AI. Machine learning speaks to the systems, processes, and specific frameworks that are required to perform a task. This enables technology to actually “learn” and potentially provide value. The goal of machine learning is to ingest data input such as logs and images with the intent of learning things from that data.

Room for opportunity, and what enterprises are doing – by the numbers

I recently came across a Forbes article that polled C-level executives on the state of AI propagation in their respective enterprises. Poll results demonstrate that these leaders want to implement some form of AI in their respective line of business.

  • 47 percent of business executives have embedded at least one AI capability in their business processes.
  • 21 percent say their organizations have embedded AI in several parts of the business.
  • The Forbes article also cited a McKinsey study which found that 30 percent of businesses surveyed are piloting AI.
  • According to a RELX Group survey, 55 percent of government officials are aware of AI but say it is not being utilized, while 37 percent of surveyed officials are utilizing AI.
  • According to PricewaterhouseCoopers, only 15 percent of enterprises have appointed a single enterprise-wide AI leader while 3 percent said they were not sure who was in charge of AI, and none of the respondents said there was a single C-level executive who was in charge of AI at their firm. 24 percent said their enterprise-wide AI efforts were being led by an AI “center of excellence.”

First engagements with clients concerning machine learning and AI – what we have encountered

Most of our clients are generally in the discovery phase. This is when an organization studies how machine learning and AI can help streamline business processes and provide a relevant return on investment (ROI).

Unfortunately, we’ve also learned that many clients don’t know where to start when classifying what data is relevant to implement an AI strategy that aligns with their business needs. And there are often challenges with how they utilize data with an AI/machine learning framework in mind when the identified business process is data rich.

We also see businesses trying to operationalize an AI framework from an IT perspective before clearly identifying the appropriate use cases. We have engaged with clients that want to start this conversation using the same approach they would in sizing a “traditional” IT workload.

What OEM is the market leader, from a server perspective?

What GPU should I utilize?

Can we virtualize this workload? 

What are your other clients utilizing to manage this infrastructure?

Will the new AI platform that I am evaluating integrate with my current network/storage topology?

These questions are fundamentally relevant but are not necessarily the most pertinent at the onset of the AI conversation.  The success of any ML/AI deployment heavily relies on conversations with both business and technology leaders. It is essential to understand the entire business before discussing the speeds and feeds of any technology that will eventually follow.

Personnel, the AI practice, and the ability to execute

Finally, it’s important to mention the overall importance of skillsets that are typically required to deploy a successful AI infrastructure. In most cases, these skillsets are radically different from what enterprises have traditionally needed.

“Typical” legacy application deployment relies heavily on the systems administration and application development skillset. The machine learning and AI deployment shifts that focus from a primarily infrastructure-centric discussion to a more business-centric/data science approach.

This shift requires a new set of skills for success. Machine learning and AI professionals are typically more data driven and often hold advanced degrees in mathematics and/or computer science. They are typically subject matter experts in the area of statistics, data mining, and programming.

These roles typically include:

  • Data scientists, who are proficient with the knowledge of extracting data and who can interpret that data using tools and frameworks commonly found in the ML/AI stack. Data scientists spend a majority of their time collecting, preening, and massaging data to eventually drive actionable results. Data scientists are typically not primarily interested in the hardware technology, infrastructure, or day-to-day operations of a given deployment. Their primary goal is to evaluate data and provide meaningful insights.
  • Data engineers typically have knowledge specific to infrastructure and data architecture. Data engineers are often involved with the methods, tools, and infrastructure required to discover, extract, convert, and move data to its respective AI platform.

These data-centric skillsets are becoming increasingly difficult to find as the adoption of AI increases in the enterprise.

CBTS and our value add with machine learning and AI

The challenges specific to AI adoption quickly become apparent as these disciplines gain traction in the enterprise.

CBTS brings multiple aspects of value to your AI deployment based on our experiences with clients in multiple industries.

Perhaps you are just beginning to examine how an AI framework can bring value to your enterprise. Maybe you require assistance with finding qualified data science and engineering resources in a very competitive workforce. And there’s always a need to understand the right approach when selecting the appropriate infrastructure to deploy and operationalize your AI effort.

You can be confident that CBTS has the expertise to assist you wherever you are in your AI and machine learning journey.

CBTS showcases HPE partnership at Discover 2019

The blizzard of innovation at this year’s Hewlett Packard Enterprise Discover 2019 conference is a testament to HPE’s bold technology and business model innovation bets.

CBTS, which is an HPE Platinum partner, was among the conference participants, and Ron Nemecek, Business Alliance Manager for CBTS, participated in a panel discussion. Ron discussed a recent CBTS-HPE collaboration on behalf of a global financial services firm that needed to refresh its data center infrastructure for multiple United Kingdom locations.

CBTS and HPE partnered on a solution that features the latest technology, is sized effectively, and is structured to align the costs of the refresh and new IT infrastructure to the business usage. The solution is delivered via HPE GreenLake Flex Capacity to eliminate the extensive cost of over-provisioning.

It’s a great example of how HPE’s innovation has extended beyond tech products and services into business outcomes for customers, Ron said.

“The new innovation that HPE brings to the marketplace is business solutions and business outcomes that are really desired by our customers, because they only want to pay for what they use moving forward,” Ron said.

“Customers are telling us that CBTS and HPE have listened to what they have been asking for years — getting them out of paying for technology they are not going to use.”

Nemecek said customers are impressed with the GreenLake consumption experience.

“They can’t believe that it is true, and that a company came to them with a partnership to solve the business problem they have had for decades,” Ron said. “That is the innovation that HPE has brought to the marketplace, and they have empowered it through partners with GreenLake 3.0.”

Ron said he sees exponential growth ahead with GreenLake.

“This is what our customers are looking for, and we are going to address their needs,” he said.

Click here to learn how partnering with CBTS drives cutting-edge capabilities.

Municipalities streamline operations with NaaS

Municipalities are following the private sector, which has embraced Network as a Service (NaaS) to improve performance, deliver better services and products to consumers, and lower overall operating costs.

Advanced digital capabilities are reconfiguring the way municipal data infrastructure improves critical functions like emergency services, utilities management, and even traffic control. One of the core technologies involved in this transformation is networking, which can be complex, costly, and difficult to manage.

But as more municipal IT environments transition to virtual, software-defined infrastructure, many cities and towns are starting to recognize the benefits of converting from on-premise networking assets to streamlining operations with Network as a Service.

Network as a Service is reliable, cost-effective

Municipalities benefit from OpEx model

The chief advantage NaaS brings to municipalities is the ability to shift costs from a capital expenditure (CapEx) model to an operational expenditure (OpEx) model. In this way, agencies avoid the high upfront costs of network rollouts and expansion, while adjusting the consumption of resources according to workload demands.

The end result is a more reliable and cost-efficient network experience that allows municipalities to concentrate on their core mission and improve public service for their constituents.

But exactly how does NaaS work?

Third-party support gives municipalities flexibility

While every office has its own networking infrastructure in place, tasks like configuring routers, optimizing protocols, and setting up firewalls can be costly and time-consuming. With NaaS, municipal offices are able to outsource these functions to a third party.

Most solution providers offer a web platform that serves as a portal for IT staff to monitor and manage the network security and ensure that it meets regulatory compliance.

In this way, agencies are provided with a dynamic network environment managed by a trusted third-party solution provider.

Streamline operations, meet budgetary goals

In the private sector, networking budgets are often constrained due to the pressure faced when trying to achieve a company’s bottom-line as well as the competing demands of the overall IT stack. In the public sphere, budgets tend to be tight as a general rule, lest the elected decision-makers face the wrath of unhappy voters.

In both cases, however, the perpetual goal is to do more with less.

NaaS fulfills this mandate on the network level, while laying the groundwork for enhanced virtualization across the entire IT stack. Rarely does a solution provide improved service at less cost right from the start, particularly in networking.

CBTS helps municipal organizations streamline operations with Network as a Service and delivers an agile, top-notch network infrastructure that meets their budgetary goals.

Discover how CBTS helped a municipality save $12,000 a year by adopting Network as a Service to monitor and manage their infrastructure.

5 key benefits of CBTS NaaS solution for municipalities

The CBTS NaaS solution provides municipal organizations with these key benefits:

  • 24x7x365 engineering support from highly-qualified CBTS experts.
  • Data center support. CBTS establishes the groundwork for a software-defined data center through expert support of existing virtual servers.
  • Infrastructure support. CBTS provides the necessary infrastructure for additional applications, such as Hosted Unified Communications (Hosted UC).
  • Third-party visibility. CBTS offers third-party visibility into servers and individual telephones.
  • Predictable monthly costs. CBTS provides a predictable monthly cost model that builds hardware refreshes into the network lifecycle.

CBTS NaaS also provides a foundation for the extension of virtual networking over the wide area, a crucial element of flexibility for agencies that coordinate with other agencies or non-governmental entities like utility collectives, non-profit organizations, and contractors.

At the same time, CBTS NaaS provides seamless adherence to strict compliance rules, data sovereignty, and other regulatory measures.

CBTS is a trusted IT partner

With CBTS NaaS, our expert engineers are available 24x7x365.

CBTS helps municipalities free up their staff so they can focus on mission-critical tasks rather than spend time conducting patchwork, monitoring the network, or dealing with expensive hardware issues.

In partnering with a trusted solution provider like CBTS, municipalities remove the burden of IT management from their staff and are able to streamline operations with Network as a Service.

Continue Reading: Enhance services for your communities with Unified Communications for Government

CBTS wins VMware partner Innovation Award

CBTS awarded VMware 2018 Partner Innovation Award

Partners Awarded for Extraordinary Performance and Notable Achievements

Cincinnati, Ohio — CBTS is proud to announce that we have received the Americas 2018 VMware Partner Innovation Award in the VMware SD-WAN by VeloCloud Solution category. CBTS was recognized at VMware Partner Leadership Summit 2019, held in Carlsbad, CA.

“We congratulate CBTS on winning a Partner Innovation Award as Partner of the Year in the VMware SD-WAN by VeloCloud Solution category, and look forward to our continued collaboration and innovation,” said Jenni Flinders, vice president, Worldwide Channel Chief, VMware. “VMware and our partners will continue to empower organizations of all sizes with technologies that enable digital transformation.”

“CBTS is very pleased to receive this recognition from VMware, which validates our strong relationship and our shared commitment to providing an outstanding customer experience to our clients,” said Joe Putnick, Vice President and Principal of the CBTS Communications Practice. “We are excited to build on this momentum in 2019 and deliver continued success to organizations through custom designing a migration strategy to the cloud that will future-proof their network.”

Recipients of the Americas VMware Partner Innovation Award were acknowledged in 11 categories for their outstanding performance and distinctive achievements during 2018.

To be awarded the Partner of the Year for the VMWare SD-WAN by VeloCloud solution category, CBTS had to be a partner with a large focus on SD-WAN by VeloCloud solution whereby our outstanding performance can be attributed to aligning our skills, competencies, sales, and services capacity with our global practices. Our history of successful implementation of SD-WAN is evident in this case study, in which our deployment of this powerful solution delivered innovative results for a client in the healthcare industry.

Learn why successful businesses choose CBTS as their preferred provider of advanced networking solutions in our SD-WAN CIO Toolkit.

Take a look at our guide to learn more about CBTS SD-WAN solution powered by VeloCloud, now part of VMware.

CBTS Wins VMware Partner Innovation Award

About VMWare Partner Leadership Summit 2019

VMware Partner Leadership Summit 2019 offered VMware partners the opportunity to engage with VMware executives and industry peers to explore business opportunities, customer use cases, solution practices, and partnering best practices. As an invitation-only event, it provided partners with resources to develop and execute comprehensive go-to-market plans.

About VMware

VMware software powers the world’s complex digital infrastructure. The company’s cloud, networking and security, and digital workspace offerings provide a dynamic and efficient digital foundation to over 500,000 customers globally, aided by an ecosystem of 75,000 partners. Headquartered in Palo Alto, California, VMware is committed to being a force for good, from its breakthrough innovations to its global impact. For more information, please visit

VMware, VMware Cloud, VMware SD-WAN, and VeloCloud are registered trademarks or trademarks of VMware, Inc. or its subsidiaries in the United States and other jurisdictions.

About CBTS

CBTS serves enterprise and midmarket clients in all industries across the United States and Canada. From Unified Communications to Cloud Services and beyond, CBTS combines deep technical expertise with a full suite of flexible technology solutions that drive business outcomes, improve operational efficiency, mitigate risk, and reduce costs for its clients.

Managed services solution enables client transformation

A fresh start is sometimes exactly what an enterprise needs to modernize data infrastructure and shift processes to a forward-leaning, digital-ready framework. Such was the case with Unilever Federal Credit Union when it recently decided to relocate its main campus, and embrace a managed services solution.

Unilever FCU is a full-service, single-sponsor, non-profit financial institution that is owned by its members and governed by an elected board of directors. Its Corporate Credit Union is Alloya Corporate FCU. This organization provides a range of credit union services, such as compliance guidance and managed services solutions through a partnership with CBTS.

New data environment included key requirements

To bring its services in-line with today’s digital economy, Unilever FCU had to fulfill a number of requirements for its new data environment:

  1. Deploy its own network infrastructure. To ensure both operational efficiency and meet regulatory requirements.
  2. Upgrade its data resources. To accommodate rapid growth and the development of new products and services.
  3. Implement an in-depth data protection strategy. To support the needs of a modern financial institution.

But since every challenge is an opportunity, Unilever FCU seized on this project to implement a wholesale reimagining of the existing data center infrastructure.

Client operates in heavily regulated environment

A key challenge for any financial institution is meeting the regulatory requirements imposed by both regional and national authorities.

In UFCU’s case, this involved maintaining stringent levels of security and data availability, while also developing new services to provide members greater flexibility for their banking needs. This became increasingly difficult to do with aging infrastructure.

Solution leverages managed services model

In consultation with both Alloya Corporate FCU and CBTS, Unilever FCU decided to switch to a managed services model using a hybrid data center and networking infrastructure solution. In this way, the company benefits from:

  1. A high-availability cloud for all production.
  2. Data protection.
  3. Backup and disaster recovery services.
  4. A full suite of services for remote network monitoring and management.

CBTS has expertise to support complex managed services projects

A project of this magnitude requires a deep understanding of infrastructure needs and the emerging business objectives they will ultimately support. CBTS worked closely with UFCU to first design the environment, and then to define the ongoing responsibilities to maintain a tested and proven data ecosystem.

CBTS provides a cohesive solution

We began by assessing the current environment and establishing a set of success-based business objectives. We then developed new policies to guide the design and deployment of a new secure network.

For production workloads, we established a high-availability, multitenant cloud with managed backup and disaster recovery services across multiple CBTS data centers. This places primary production environments within a fully managed, high-availability CBTS cloud. A secondary offsite offers backup and full data replication for Disaster Recovery applications. This environment is subject to complete documentation and annualized testing.

The solutions allowed CBTS to assume responsibility for managing and monitoring key functions, such as network authentication based on group policies developed in conjunction with Unilever. In addition, our experts guided the client’s IT staff on the proper way to pull reports for auditing purposes to ensure regulatory compliance. CBTS oversees any and all third-party integrations and other support needs for the new environment.

Solution meets client’s needs, helps drive business outcomes

Today, Unilever FCU enjoys a state-of-the-art data ecosystem with redundant, secure and universal Internet-based access. We also provided a letter of attestation proving that UFCU is committed to ensuring full protection against downtime and data loss. We work with both UFCU and Alloya to continuously refine regulatory documentation to address stringent compliance requirements.

And as a fully managed environment, Unilever FCU can now relieve its internal IT staff of the day-to-day burdens of operating a data center to focus on more productive pursuits involving the delivery of outstanding member services.

Innovative security tools at 2019 RSA Conference

This year’s RSA Conference (RSAC) was bigger than ever – and I don’t mean that in the rote sense of “more exciting! Action packed! Full of more interesting things to see and learn!” I mean it literally – the physical space used by the conference that promises to showcase new innovative security tools covered more square mileage, and what was there was more densely packed. Good thing I brought my walking shoes.

So, does more equal better? Feedback from our customers and peers points towards the negative.

RSA reflects the crowded security solution market

Simply put, the security solution space is overcrowded. It makes sense – protecting your business, data, and assets from online threats is more of a concern now than it’s ever been. And certainly the market has reacted as one would expect, by growing exponentially. Standing shoulder to shoulder, vendors clamor for your attention, nearly every one guaranteeing they’ve got innovative security tools that will provide the assurance you’re seeking.

CBTS offers guidelines to help evaluate innovative security tools

Our team is uniquely positioned in this market. Our role is not to make empty promises to customers, standing between them and cybercriminals with a cape and tights. On the contrary, our customers depend on us to separate the wheat from the chaff, as it were. Customers expect us to point them to the practices and technologies that can materially improve the maturity of their security program. It requires a trained eye, to be sure, to identify these innovative security tools.

So what does CBTS look for in an enormous expo hall like RSAC’s? How do we pick our winners?

Guideline 1: Show me that your solution works; don’t just tell me

Execution is critical. More than what you say you can do, I want to hear success stories from your customers. What did their deployment look like? What other solutions did it displace or complement? What kind of staff does it take to admin and use? What kind of risk did it mitigate, and how? What threats did it stop or detect that couldn’t have been found otherwise?

Guideline 2: Innovative security tools must follow standards

Following standards is a personal big-ticket item for me. I was quite pleased to see how many vendors have adopted the MITRE ATT&CK Framework as a taxonomy to describe the kinds of threat tactics and techniques they can impact. If a vendor starts off the conversation by telling me the CIS Top 20 control category in which they fit, or the NIST 800-53 requirements they satisfy, I’ll be smiling ear to ear.

Guideline 3: Be wary of solutions that promise to solve all of your problems

The vendor that under-promises and over-delivers is valuable in my book. Claims that a product can solve all my security problems, or detect and stop every zero day exploit forever, will make me roll my eyes and move on. I want technology that solves very specific problems, tells me what it can do and what it cannot, and doesn’t try to boil the ocean. No product – no vendor alone, even – can satisfy every security need we have. Realism does the customer and the market a lot of good.

Guideline 4: It all comes down to innovation

Finally, innovation is at the top of my list. I look for technology used in truly new and interesting ways, and occasionally, I’ll find something new under the sun. Today anyone can cook up a fancy dashboard and an attractive, flashy UI. However, most of them are sitting atop the same approach as their conference floor neighbor. If I walk away from your booth and think, “huh, I’ve never seen anything like that before, and I think it could actually work!” that’s a healthy sign.

3 examples of innovative security tools

The SIEM space is a great example of a market segment where we’re starting to see more innovation. Here are three high-profile new offerings we saw announced around RSA:

  • Backstory, the new security analytics app from Chronicle, takes a new approach to log aggregation/correlation and incident investigation. Instead of presenting a simple table of log data from a structured query, analysts enter queries for common investigation-starting indicators – say, an IP address, username, or hostname. Backstory then provides a set of context-driven answers that give the analyst valuable insights immediately.
  • The demo of Azure Sentinel from Microsoft also caught my eye. While the investigation experience was much more reminiscent of a traditional SIEM, the UI presented an easy process to integrate event sources from Azure services, such as Azure SQL and Office 365, as well as sources from a variety of other network, server, and application platforms. An accessible, cloud-ready SIEM may be just what Azure customers are looking for.
  • Cisco’s Threat Response tool is similar – a “SIEM-like” interface that aggregates data from a variety of Cisco security products, such as Umbrella, AMP, and ThreatGrid. It also provides a really slick query/investigation interface to data from all of these tools.

Most interesting, though, were the licensing models for these three products:

  • Backstory is not priced based on log volume or events per second – common models from nearly every major SIEM player in the market – but instead based on number of employees. As a SaaS product hosted by Google, this means that storage is elastic and customers can maintain a virtually endless archive of data.
  • Cisco’s Threat Response may be even more appealing. It is free for use by Cisco customers that use AMP for Endpoints, Umbrella, next-gen firewalls, and ThreatGrid.
  • Microsoft’s Azure Sentinel, in its current preview program, is also free of charge to Office 365 customers.

CBTS wants to hear from you

So the next time you’re elbowing through a mass of people in a conference hall with the swag flying left and right, keep these criteria in mind.

And remember, CBTS has been helping customers leverage innovative security tools since 2005. Please contact us and let us know how we can help your organization.