this is the archive page

Enhance services for your communities with Unified Communications for Government

In an increasingly remote work environment, governments around the globe are improving the effectiveness of their workforces by combining voice, video, and data functionalities in one streamlined channel, a technique known as Unified Communications (UC).

Unified Communications (UC) improves government workforces
Unified Communications (UC) addresses service issues faced by government constituents.

Adoption of UC is particularly crucial for communities navigating the economic impact of COVID-19. As the pandemic raged across the U.S. last year, CBTS assisted a government Jobs and Family Services (JFS) office in the Midwest that was overwhelmed by unemployed residents seeking new employment opportunities.

CBTS designed and implemented a UC for government solution to address service issues faced by JFS constituents. The solution included scaling existing call paths, organizing remote call center operations, and configuring a new Interactive Voice Response (IVR) solution. Cisco’s Unified IP IVR was deployed at scale specifically to address mass layoffs by major companies.

Even as the pandemic dissipates, state and local governments worldwide are meeting citizens’ heightened service expectations with Cisco UC solutions. This article will explain the benefits of UC innovations for agencies and municipalities of all stripes.

Also read: VoIP vs UCaaS: What is right for your business?

How to utilize the benefits of UC for government

Accustomed to reliable online and automated voice service from retailers and other private-sector institutions, most people expect the same response from their government. Antiquated phone systems and outdated legacy systems are being replaced by UC technology boasting a wide range of benefits:

  • Enhanced public safety: First responders are more efficient when they can communicate and access critical information from anywhere, at any time, under any circumstance.
  • Improved service effectiveness: Citizen satisfaction is enhanced when services are easier to obtain. Reaching an employee or agent on the first call, receiving a medical consultation from a nearby clinic, or reserving a public meeting via an automated voice response system can foster greater trust and satisfaction among citizens and stakeholders.
  • Citizen empowerment and social inclusion: Connected communities enable residents and businesses to get timely government information and services through self-service voice applications and web portals. UC for government also helps public agencies reach out to underrepresented or rural populations that are typically unable to access key services.
  • Economic development: Employers are attracted to communities that make it easy to do business—which UC for government can provide while also enabling the education and training required to cultivate a skilled workforce.

Also read: Four Considerations for Building a Remote Network with SD-WAN

With Cisco UC services, communities and agencies are bolstered by:
  • Effective phone systems, unified messaging, and collaboration.
  • Advanced call processing and contact centers.
  • Robust video collaboration and surveillance.
  • Mobile voice and interoperability.

Eight benefits of UC for governments

Public safety, effective services, high productivity, and social inclusion are keystones of any strong community. A cloud-based UC solution can help transform governmental activities, while the right partner will lead your agency to success.

CBTS provides industry-leading modern communication resolutions for any number of municipal functions and use cases. Here are a few examples:

1) Surveillance video: An ability to see real-time video improves citizen safety and public safety personnel responsiveness. For example, when police officers in Everett, Washington, are dispatched to a crime scene, they can plan an effective response by viewing live surveillance footage from vehicles equipped with Cisco mobile access routers.

2) Rapidly deployable communications: Public safety agencies must be able to maintain lanes of communication in case of network shutdown or lack of infrastructure. With Cisco’s rapidly deployable communications solutions, a first responder can simply flip a switch to connect to an IP network by satellite. This creates an instant network through which to send and receive voice, video, and data utilizing wired or wireless devices.

3) Access to government services: In many cities, individuals who reach the wrong department must wait while an employee searches a paper directory for the appropriate extension. With Cisco UC for government, calls can be seamlessly transferred by selecting an employee’s name from an up-to-date online directory located on their Cisco Unified IP Phones.

4) Well-organized contact centers: Cisco Unified Contact Centers route calls to agents ready to meet callers’ pressing needs, improving service efficacy, and reducing call-handling time. Derwent Living, a UK-based not-for-profit organization that partners with local governments on affordable housing, harnesses UC technology to direct calls from citizens to expert housing advisers.

5) Unified messaging: With Cisco Unified Messaging, government personnel can access messages all from one interface, either their PC or voicemail inbox. Responsiveness improves further when employees retrieve communication and collaboration tools from a single screen.

6) Workplace transformation and efficiency: Many agencies provide permanent desks to mobile employees who rarely work in the office. Cisco UC for government solutions enable desk sharing, allowing workers to make and receive calls from any available desk. This is made possible either by logging into a Cisco Unified IP Phone or Cisco’s Unified Personal Communicator software on PC.

7) Access to human resources: Rural residents can link to social workers, child psychologists, and other human resource offices by using Cisco video telephony and Cisco Telepresence available at their local government offices.

8) Ease of doing business: With so many employers preferring to base their companies in business-friendly communities, Cisco IVR solutions and online web portals are key for governments seeking to provide secure tax payments and other services to new and established businesses.

Also read: Case Study: Safer travels with CBTS on-premises private cloud

A foundation for government services of all kinds

Cisco Unified Communications for Government solutions bridge the gap between needed services and available resources. Ultimately, this technology creates a foundation for a connected community, satisfying demands for public safety, service reliability, citizen empowerment, and a thriving economy.

Contact CBTS for more information on converting your government agency’s legacy infrastructure to a modern cloud-based environment.

Thriving in 2020: employee resource groups cultivate our culture

When it came to sustaining our employees beyond the necessities of work, our employee resource groups (ERGs) stepped up reconnect us in crucial ways and became essential to strengthening our new virtual culture.

Despite the social distancing, ERGs creatively continued their collective mission to foster diversity and inclusion efforts. In addition to numerous virtual happy hours and informative talks, our ERGs stayed active with these important activities and initiatives that impact our employees and our society as a whole in 2020, like:

  • BOLD, the ERG for Black employees, created and shared a video series in which local Black leaders and professionals shared their experiences in corporate America.
  • PRIDE, for LGBTQ+ employees and their allies, organized a month-long virtual Pride celebration in June that featured testimonials from company leaders and wrapped with a virtual Porch Party streamed to Facebook Live.
  • Conexion, which celebrates Hispanic culture, observed Hispanic Heritage Month virtually with weekly shares of Hispanic heroes, culture, language, and cooking classes as well as a campaign to support some Hispanic families that recently moved to the region.
  • BEAD, for employees with disabilities and their supporters, hosted panels and discussions during Mental Disability Awareness Week as well as a series of cooking classes.
  • VALOR, for Veterans and their supporters, hosted an inspiring talk with Ret. Army General Rick Lynch, a virtual event attended by more than 70 employees. Several members of the VALOR ERG canvassed a local cemetery over a month and then placed flags at veteran graves there for Veterans Day.

All of our employee resource groups found ways to keep their members connected with each other and with the community through other virtual events and volunteer work.

The pandemic transformed the workplace as we knew it in early 2020, shifting overnight to a work-from-home environment that practically erased the social interaction of the shared workspace, canceling casual conversations on the elevator, group lunches, and team meetings. The employee resource groups tackled our new work-from-home silos and proved that connections are made stronger when we embrace the diversity in our employees, customers, and community.

Revolutionize Your Cloud Disaster Recovery Capabilities with DRaaS

Building and maintaining a data environment that is used for daily business activities may be expensive but, by any measure, is more than worth the effort. Doing the same for an environment that is rarely, if ever, activated is both expensive and burdensome, with little prospect for a decent return on the investment.

And yet, this is what a large portion of the enterprise community does in order to maintain continuity of critical operations during a disaster. In this age of connected devices, with applications acting as the lifeblood of most business models, downtime of data infrastructure for even a short while can quickly throw an organization into financial turmoil and perhaps cause lasting damage to the brand as users are able to switch to new providers at the touch of an icon.

When it comes to disaster recovery (DR) in the cloud, the enterprise must rethink the complex and costly approaches of the past in favor of streamlined, easily managed infrastructure that is ready to activate at a moment’s notice. And for this, there is no better solution than the public cloud.

The key advantage that the cloud brings to DR is the ability to provide this vital function on the same footing as any other Software as a Service (SaaS) offering. This provides a range of cost and feature benefits that enable you to reap the rewards of a state-of-the-art DR environment without the high overhead of dedicated equipment that sits idle for the majority of its lifetime.

Specifically, disaster recovery as a service (DRaaS) provides the following:

Low cost

By shifting disaster recovery services from a capital expenditure (CapEx) model to an operating expenditure (OpEx) model, you can vastly reduce your overall cost structure in two ways. First, you no longer need a massive upfront capital outlay because there is no infrastructure to buy, build, provision, or integrate. Disaster recovery services are delivered from the cloud, where the cost of infrastructure is shared among multiple clients. Secondly, ongoing operational costs are lessened because the management and upkeep of infrastructure are outsourced to the cloud provider. All you have to do is oversee your own internal processes and coordinate testing with the managed cloud provider to ensure data and operating environments can be failed over quickly and smoothly to ensure the highest levels of continuity are being maintained.

Advanced features

Unlike on-premises environments, managed cloud disaster recovery services are routinely upgraded with the latest features and to the most robust industry standards. Cloud DR providers must compete for your business just like any other supplier, which means they are constantly striving to out-perform their own competition. Already, in fact, many providers are deploying advanced technologies like artificial intelligence (AI), robotics process automation (RPA), and even quantum computing to ensure that their services stand out from the rest of the field.


Contrary to the stereotype of the cloud as a warehouse of generic computing and storage technology, the fact is that in recent years, providers have made great strides in the delivery of highly customized advanced features and solutions. Starting with robust templates for key industry verticals like finance and healthcare, most providers work closely with leading technology consultants like CBTS to craft solutions that meet the unique requirements of each enterprise and address your industry’s compliance and regulatory requirements.


Unlike the traditional data center, public cloud provides just the right level of storage and compute to satisfy business objectives—in this case, continuity after a failure—without over engineering the environment. There is no need to overprovision resources only to have them sit idle most of the time. The cloud provides near-instant provisioning of virtual environments so that your consumption matches your data load. Also, data environments can be migrated from cloud to cloud with relative ease, offering an added layer of protection against failure in the event of a regional disaster like an earthquake or hurricane.

The key challenge when it comes to DRaaS, however, is the need to acquire expertise in cloud infrastructure and services. Your provider will certainly offer a wealth of assistance, but it is usually better to bring in an independent contractor to ensure that the environment you create offers the highest return on your investment.

This is where CBTS becomes invaluable. Our proven methodology delivers highly targeted solutions for your managed cloud disaster recovery needs. We begin with a thorough assessment of existing infrastructure, services, workflows, business objectives, and other aspects of your enterprise, followed by a robust program designed to fulfill optimal recovery point and time objectives (RPO/RTO). We also have the means to incorporate a wide range of managed services, including annual testing to ensure a successful recovery every time, and we also provide ongoing maintenance and support of the full environment so your IT staff can focus on running your data ecosystem.

The ease with which robust DR environments can be created in the cloud and integrated into the enterprise business environment is nothing less than revolutionary. With the business model quickly becoming wholly dependent on functioning data infrastructure, the risk is simply too great to avoid making this transition much longer.

Download this case study from CBTS for an example of a cloud disaster recovery solution that mitigates natural disaster risk.

Responding to 2020: Shifting operations and supporting clients like superheroes

The COVID-19 pandemic provided an opportunity for successful organizations like CBTS to prove that they could scale, adapt, and transform when a crisis hit. Looking back, we remained nimble, responsive, and resilient to meet the challenges head on. We supported our clients to grow stronger and more prepared to tackle any business challenge in the future.

Early on, CBTS leaders had begun thinking about how we should respond to a potential pandemic. They quickly implemented travel restrictions and established transparent communication with employees and clients. As a company that sells and supports technology solutions, we were in a good place to switch our gears and pull those proverbial levers to seamlessly transition to a work-from-home situation.

However, a bigger challenge loomed: sustaining our clients’ trust in us to securely support those same technology solutions they rely on to keep their businesses moving and adapting to the new realities. Between a 24x7x365 enterprise network operations center and teams of engineers and specialists that collaborate on longer range solutions, CBTS provides a level of immediate response and quick resolution, which we could not and would not compromise.

Leveraging our agility, flexible delivery models, and client focus, we sent people and their access to technology home to resume the same standard of responsiveness, security, and attention to detail that our clients have come to expect. And we couldn’t be happier with the results.

Within a week of shifting operations, we were responding to clients in crisis, clients who were trying to meet the needs of their customers, patients, employees, students, faculty, and citizens. Just as quickly as the problems poured in, our teams met them head-on. A few of our successes include:

  • When a healthcare client needed a technology solution to help it rapidly expand its COVID pop-up clinics, our teams created and deployed a solution for secure connectivity and full access to hospital applications.
  • When schools were scrambling to adapt to remote learning, we provided hardware, software, connectivity, and support to enable teachers and students to quickly adapt.
  • When a public assistance service needed a remote option to check on seniors, we launched an Interactive Voice Response (IVR) solution in eight days.
  • One government-based client turned to us to securely connect their now-remote employees while another came to us to improve their call center capacity.

We are proud of our employees, who went above and beyond, worked through lunches, pulled long hours, and performed like the superheroes they are to quickly resolve each client issue. And we are grateful for our clients, who have trusted us to help them solve their business challenges, in 2020 and beyond. While we hope that we never see a year like this again, the changes we have had to make have made us a better, stronger company and partner to our clients.

Contact us today to learn more about how we can help your business become future-proof and ready to thrive in a crisis.

How CBTS changes the game with the Network as a Service solution

What can a business do when its growth has outstripped its networking resources? With IT personnel stretched thin and struggling with limited budgets, many organizations have seen their networks suffer from increased downtime and higher operating expenses as a result. Over time, this has led to business networks becoming more difficult to manage, even in terms of simple day-to-day tasks.

That’s why so many organizations across a wide variety of industries have turned to Network as a Service (NaaS) to simplify and streamline their IT needs while gaining improved network reliability, total transparency, overall lower operating costs, and many more benefits. With NaaS, clients are able to offload the monotonous daily tasks from their in-house IT teams to CBTS experts, freeing up the client’s resources, which can then be dedicated to more long-term and mission-critical strategic initiatives.

NaaS by CBTS streamlines your organization's network. Download CIO's definitive guide to cloud network solutions

As the business world works tirelessly to match the relentless pace of cloud technology’s evolution, managed solutions like NaaS will only become more relevant and in-demand. In fact, NaaS’s flexibility in cloud-powered networks is one of the key factors of its rapid adoption rate—many top-performing companies are seeking a way to leverage the power of the cloud and with NaaS, CBTS delivers that power along with a dependable partnership and ongoing technical support. Currently, more than 600 clients in 5,000+ locations rely on NaaS by CBTS.

Currently, more than 600 clients in 5,000+ locations rely on NaaS by CBTS.

On top of providing measurable and superior business outcomes with its customized NaaS solutions, CBTS also brings to the table years of valuable experience in implementing unified communications (UC) services, software-defined wide area network (SD-WAN) solutions, and other offerings that synergize to deliver clients a full-spectrum and future-forward networking strategy.

One aspect that makes the NaaS by CBTS offering unique is the involvement of Cisco Meraki, a platform that enables seamless expansion, maintenance, and security of a client’s managed network—all with unparalleled scalability. This leaves the client’s network in capable hands while it scales as needed and is kept safe from intrusion. These capabilities add up to a tremendous value for CBTS NaaS clients, who gain peace of mind and the precious breathing room necessary to reallocate their internal IT resources toward the mission-critical objectives that drive the growth of their companies.

CBTS also leverages automated monitoring capabilities to make seemingly complicated installations significantly more manageable. During the consultation and auditing phase, CBTS experts work closely with the client to solidify a functional template for the client network. This then allows CBTS to utilize a hybrid monitoring system and launch automated processes that manage the network with minimal input. These cutting-edge solutions make it possible to install NaaS environments quickly and painlessly.

One example of the success that NaaS by CBTS has brought to clients can be found in the story of Tire Discounters, an automotive service company based in the Midwestern United States that operates 137 locations. When Tire Discounters found itself in need of a new point-of-sale solution to process transactions and manage inventory, as well as a more standardized network to manage analytics across the corporation, the company turned to CBTS for support. After CBTS implemented a NaaS solution, Tire Discounters benefited from a seamless, interconnected, and managed networking environment that balanced more than a hundred disparate retail locations, leading to less network downtime and lower operating expenses.

NaaS by CBTS would not be the popular solution that it is without the trademark CBTS commitment to agility, adaptivity, and meeting client expectations at all levels. As the provider, we’re not content to sit still either—CBTS has plans in motion to launch new services to address demands in the marketplace for cyberthreat detection, patch management, multifactor user authentication, and more. NaaS has proven to be a gateway to the future of enterprise networking, and that future waits for no one.

Contact us for more information on how NaaS by CBTS can help streamline and simplify your organization’s network for the cloud age.

Integrating Hosted UC and Webex to enable unified collaboration and simplified IT

As communication channels rapidly evolve in today’s digital age, businesses must adapt quickly to support seamless interactions across voice, video, mobile, messaging, and chat. With workplace trends shifting toward more remote collaboration, it can be challenging for organizations to effectively manage a multitude of tools to keep employees, customers, and partners actively engaged across channels, devices, and locations.

business woman on the move, utilizing unified collaboration tools

To provide a more flexible workplace for their employees, agile enterprises are turning to hosted unified communications as a service (hosted UCaaS) to streamline collaboration and maximize productivity. Now, the advanced collaboration capabilities of Cisco Webex are fully integrated into the CBTS Hosted UC platform powered by Cisco BroadWorks—bringing together hosted VoIP, chat, video conferencing, remote meeting capabilities, and many more features—all through a unified collaboration application: Webex.

By combining all the features of Hosted UC enterprise-grade cloud communications solutions with the Webex collaboration tool, CBTS delivers an integrated platform that empowers companies to stay completely connected. Keep reading to learn how this integration can increase productivity and improve efficiency in your organization.

Unified collaboration and communication

Modern communication can be a juggling act that requires toggling between systems, devices, and networks to carry on a conversation. When enterprise phone systems are completely integrated into cloud-based collaboration tools, it streamlines the user experience and simplifies IT operations.

Leveraging the leading VoIP technology from Cisco BroadWorks, the CBTS platform enables WiFi calling, hosted VoIP calling, and smooth VoIP handovers to support calls as you move between data networks. Similarly, the system can seamlessly move active calls from audio to video, or from desk phone to softphone to mobile phone with a single click—without interrupting your call.

By integrating these calling capabilities with Webex, CBTS users can enhance the omnichannel collaboration experience for internal employees and external partners alike. Group chat, file sharing, whiteboarding, chat, and presence features make it easy to collaborate anywhere, at any time, with built-in application integrations that automatically connect to other business tools you use every day.

Meanwhile, Webex meetings features keep teams connected even when working remotely. Users can join meetings from any device with a single click, while effectively multitasking and staying productive. Online meeting rooms blend audio, HD video, chat, messaging, screen sharing, and wireless content sharing to keep participants engaged.

Blending these features on a single hosted UC platform creates a seamless communication experience. Instead of dealing with dial-in numbers or using mobile phone minutes, CBTS users can join virtual meetings with the click of a button from the company’s enterprise dial plan. You can make and take phone calls through the Webex application—using the desktop, tablet, or smartphone device of your choice—to connect more easily and collaborate more effectively. If you prefer to continue to use a traditional desk handset, that option is available as well.

The enhanced Hosted UC experience

By integrating cloud calling and collaboration solutions onto one secure platform, CBTS delivers a managed UCaaS experience to help companies future-proof their communication infrastructure. Designed to be open and interoperable across the most complex enterprise ecosystems, our integrated solutions are custom-designed to deliver the tools you need to enhance your unique customer journey.

Whether your employees work from one central office, multiple locations, or remotely from home, they can enjoy one core user experience across multiple devices, software applications, and workstyle preferences. Plus, CBTS can layer on advanced applications such as hosted IVR, mass notifications, e-911, and other contact center features to make your employees or agents more productive and your business more profitable.

Simplifying enterprise calling, messaging, and video conferencing through the unified Webex platform can also reduce telephony hardware costs and ongoing maintenance requirements, since upgrades happen automatically without any downtime or additional investments. The predictable fixed monthly cost of hosted UC enables you to focus on core innovations instead of billing surprises.

Hosted UC from CBTS delivers all the features of an enterprise-grade, cloud-enabled communications solution, combined with the latest remote collaboration apps—all on a single platform that’s flexible enough to scale up as your business grows. With 99.999% network availability and full redundancy, along with end-to-end security and 24x7x365 support, CBTS integrates Hosted UC with Webex to meet the full range of ever-changing communication and collaboration capabilities your enterprise needs in order to be equipped for the future.

Contact us to learn how Webex can empower your business to leverage the benefits of Hosted UC.

6 security trends to keep an eye on in 2020

Happy 2020! As a practitioner and consultant I’m excited to see what the year brings in terms of new technology, research, and clever Twitter and blog posts from the security community. To get the ball rolling, here are six security trends to keep your eye on as we start the new year.

Two security trends for home users and consumers:

1. Attacks against smart home products will increase

We will see more discovered vulnerabilities in, and attacks against, so-called “smart home” products, such as smart speakers, security systems, and cameras. Any time we see widespread deployment of technology that is, relatively speaking, in the early stages of maturity, we expect that attackers will pay attention and work to discover ways to circumvent security functions of these devices. In the last few months we’ve seen lasers used to surreptitiously command smart speakers, attackers remotely compromise smart home devices, and the inadvertent disclosure of PII from smart camera owners by the camera’s vendor. Expect attackers to look for, find, and exploit ways to control, obtain sensitive data from, and disrupt these devices.

What you can do today:

Make sure you’ve hardened your smart home devices. Change factory passwords after you install them, restrict the activities they can perform without identity validation, and regularly review the “connected apps” they use.

2. An influx of noise on social media

Because of the 2020 presidential election, we expect that social influence operations will substantially escalate from foreign states that have an interest in our country’s politics. This will include social media “news” posts, activity programmatically generated by computer-controlled (or “bot”) accounts, and an uptick in spam e-mail and robocalls to your phone. There’s also the possibility that attackers will target our voting machines. Stanford University’s Cyber Policy Center published an excellent paper on the risks and some countermeasures and controls to ensure our elections are conducted with integrity and security.

What you can do today:

Be cautious with blindly trusting any material you read from your browser or smartphone. Make sure you’re getting your news from vetted sources that are known to publish content of substance based on careful investigation and thorough research. Contact your state and local boards of elections and tell them you expect the voting process to be secure, transparent, and free from any interference, and ask what is being done to ensure this happens.

Four security trends for enterprises:

1. Ransomware incidents will continue to shift from opportunistic to targeted attacks.

Opportunistic attacks—those that aren’t focused on a specific individual or organization, but instead sent broadly to the public Internet—are certainly still going to happen, but we are seeing more and more ransomware incidents that are deliberate in nature, with a focused effort on a specific organization (say, the City of Baltimore or New Orleans). Attackers will build phishing and social engineering campaigns designed to exploit human weaknesses, as well as find exposed infrastructure with technical weaknesses and misconfiguration that will allow them a presence on the network. They will use this presence to install ransomware on key systems, attempting to impact the organization’s operations sufficiently to encourage payment.

2. Business e-mail compromise attacks will continue

We also expect to see “business e-mail compromise” attacks continue, as attackers conduct similar focused campaigns to obtain access to trusted e-mail accounts, and use that access to trick employees into providing cash, gift cards, funds transfers, or financial information. It is by far the most common successful “cyber” attack we see in our customer environments, one that’s trivial for an attacker to perform with commoditized tools and methodologies, and susceptible users at nearly every business.

What you can do today:

Begin a comprehensive security awareness training effort, intended to teach users to spot and report these attacks. Inform every employee that their managers and leadership aren’t going to ask them to take pictures of gift cards and text them back, so those requests can be safely ignored! Review your security controls posture to ensure you have sufficient defense against these threats.

3. Improvements in attacker capability

Attackers will focus research efforts on credential theft, bypass of so-called “next generation” endpoint protection solutions, and defeating multi-factor authentication. We can expect to see new standalone tools, shared code, and malware kits that leverage these advances.

What you can do today:

Ensure your risk management efforts include staying current with modern threats, including those that compromise the effectiveness of the controls you’ve deployed. Continue to monitor the threat landscape, the output from vendors that provide these solutions, and at least annually review your control set to ensure it aligns with the risks you’ve identified.

4. The California Consumer Privacy Act went into effect on January 1.

That means if you serve customers in California and (a) make $25M in revenue, (b) possess personal data for more than 50,000 individuals, or (c) sell personal data and make more than 50% of your revenue from that effort, you are subject to the law. You’re required to tell customers what data you’re collecting about them, provide this data to them when requested, and delete it when requested. The EU’s General Data Protection Regulation (GDPR) made this practice more common in 2018, but we anticipate a greater number of US businesses will be looking to add it in 2020.

What you can do today:

Read the CCPA to see if you’re subject to the law, and if so, get ready to field requests from customers or face penalties.


Related Articles:

Is SMS-based Multi Factor Authentication Secure?

Understanding “Data Breach Safe Harbor” law

Create your data breach response plan

Cybersecurity Awareness Month: the Essential Security Practice

I’ve spent more than half of my 23-year IT career in security. In seeing shifts from standalone viruses to networked worms to state-sponsored attackers and ransomware, I’ve heard folks say periodically that we’re failing as an industry. “Look at all the breaches,” they say, “we’re obviously having no impact, we need to rethink everything we’re doing.”

To which I say, frankly, that view is nuts. Totally bonkers.

Effective prevention, detection and response is the goal of information security

Of course, the number of breaches we see, the volume of lost records, and the degree to which certain threat actors can act with impunity inside certain networks, is always alarming. The practitioners I know don’t see that as a hopeless situation, but instead as an opportunity to which they will rise. The fact is, we’ve had a clear positive impact. I know that, because no threat actor can do whatever they want on any network they want. Attacks are stopped every day. Breaches are detected, cleaned up, and improvements are made every week.

Think of it like law enforcement: The goal of law enforcement isn’t to stop crime, because you’ll never stop all crime. It’s not possible. It’s not even a reasonable goal that any police officer aims for. The goal is to minimize crime and allow law enforcement to protect as much as they can.

The information security industry has a similar goal: It’s not possible to guarantee an organization won’t suffer a breach. However, organizations can commit to doing their best to stop opportunistic attacks. When a breach does occur, the organization can commit to a complete and effective response.

Use October to re-commit your organization to cybersecurity awareness

I’ve been reminded recently, though, where our most challenging work will continue to reside, and that is in improving the cybersecurity awareness of the non-technical folks in our midst.

Fraud, business email compromise, and e-mail account compromise are still plaguing many organizations.

The Internet Crime Complaint Center noted recently that in the last three years we’ve seen over $26 billion dollars lost to these attacks.

Technical controls can help, but the most important step we can take is educating individuals about the types of attacks that they can expect to see and how to report them.

Our partners Proofpoint and Cofense have some great resources available to help address this threat. I know we can continue to make our organizations more secure as we work together, equipping our customers with the tools and practices to protect themselves and their assets.

Happy October, and Happy Cybersecurity Awareness Month!


Related Articles:

Understanding the “attacker mindset” in security

Three steps to enhancing security solutions

Create your data breach response plan