this is the archive page

How CBTS changes the game with the Network as a Service solution

What can a business do when its growth has outstripped its networking resources? With IT personnel stretched thin and struggling with limited budgets, many organizations have seen their networks suffer from increased downtime and higher operating expenses as a result. Over time, this has led to business networks becoming more difficult to manage, even in terms of simple day-to-day tasks.

That’s why so many organizations across a wide variety of industries have turned to Network as a Service (NaaS) to simplify and streamline their IT needs while gaining improved network reliability, total transparency, overall lower operating costs, and many more benefits. With NaaS, clients are able to offload the monotonous daily tasks from their in-house IT teams to CBTS experts, freeing up the client’s resources, which can then be dedicated to more long-term and mission-critical strategic initiatives.

NaaS by CBTS streamlines your organization's network. Download CIO's definitive guide to cloud network solutions

As the business world works tirelessly to match the relentless pace of cloud technology’s evolution, managed solutions like NaaS will only become more relevant and in-demand. In fact, NaaS’s flexibility in cloud-powered networks is one of the key factors of its rapid adoption rate—many top-performing companies are seeking a way to leverage the power of the cloud and with NaaS, CBTS delivers that power along with a dependable partnership and ongoing technical support. Currently, more than 600 clients in 5,000+ locations rely on NaaS by CBTS.

Currently, more than 600 clients in 5,000+ locations rely on NaaS by CBTS.

On top of providing measurable and superior business outcomes with its customized NaaS solutions, CBTS also brings to the table years of valuable experience in implementing unified communications (UC) services, software-defined wide area network (SD-WAN) solutions, and other offerings that synergize to deliver clients a full-spectrum and future-forward networking strategy.

One aspect that makes the NaaS by CBTS offering unique is the involvement of Cisco Meraki, a platform that enables seamless expansion, maintenance, and security of a client’s managed network—all with unparalleled scalability. This leaves the client’s network in capable hands while it scales as needed and is kept safe from intrusion. These capabilities add up to a tremendous value for CBTS NaaS clients, who gain peace of mind and the precious breathing room necessary to reallocate their internal IT resources toward the mission-critical objectives that drive the growth of their companies.

CBTS also leverages automated monitoring capabilities to make seemingly complicated installations significantly more manageable. During the consultation and auditing phase, CBTS experts work closely with the client to solidify a functional template for the client network. This then allows CBTS to utilize a hybrid monitoring system and launch automated processes that manage the network with minimal input. These cutting-edge solutions make it possible to install NaaS environments quickly and painlessly.

One example of the success that NaaS by CBTS has brought to clients can be found in the story of Tire Discounters, an automotive service company based in the Midwestern United States that operates 137 locations. When Tire Discounters found itself in need of a new point-of-sale solution to process transactions and manage inventory, as well as a more standardized network to manage analytics across the corporation, the company turned to CBTS for support. After CBTS implemented a NaaS solution, Tire Discounters benefited from a seamless, interconnected, and managed networking environment that balanced more than a hundred disparate retail locations, leading to less network downtime and lower operating expenses.

NaaS by CBTS would not be the popular solution that it is without the trademark CBTS commitment to agility, adaptivity, and meeting client expectations at all levels. As the provider, we’re not content to sit still either—CBTS has plans in motion to launch new services to address demands in the marketplace for cyberthreat detection, patch management, multifactor user authentication, and more. NaaS has proven to be a gateway to the future of enterprise networking, and that future waits for no one.

Contact us for more information on how NaaS by CBTS can help streamline and simplify your organization’s network for the cloud age.

Integrating Hosted UC and Webex to enable unified collaboration and simplified IT

As communication channels rapidly evolve in today’s digital age, businesses must adapt quickly to support seamless interactions across voice, video, mobile, messaging, and chat. With workplace trends shifting toward more remote collaboration, it can be challenging for organizations to effectively manage a multitude of tools to keep employees, customers, and partners actively engaged across channels, devices, and locations.

business woman on the move, utilizing unified collaboration tools

To provide a more flexible workplace for their employees, agile enterprises are turning to hosted unified communications as a service (hosted UCaaS) to streamline collaboration and maximize productivity. Now, the advanced collaboration capabilities of Cisco Webex are fully integrated into the CBTS Hosted UC platform powered by Cisco BroadWorks—bringing together hosted VoIP, chat, video conferencing, remote meeting capabilities, and many more features—all through a unified collaboration application: Webex.

By combining all the features of Hosted UC enterprise-grade cloud communications solutions with the Webex collaboration tool, CBTS delivers an integrated platform that empowers companies to stay completely connected. Keep reading to learn how this integration can increase productivity and improve efficiency in your organization.

Unified collaboration and communication

Modern communication can be a juggling act that requires toggling between systems, devices, and networks to carry on a conversation. When enterprise phone systems are completely integrated into cloud-based collaboration tools, it streamlines the user experience and simplifies IT operations.

Leveraging the leading VoIP technology from Cisco BroadWorks, the CBTS platform enables WiFi calling, hosted VoIP calling, and smooth VoIP handovers to support calls as you move between data networks. Similarly, the system can seamlessly move active calls from audio to video, or from desk phone to softphone to mobile phone with a single click—without interrupting your call.

By integrating these calling capabilities with Webex, CBTS users can enhance the omnichannel collaboration experience for internal employees and external partners alike. Group chat, file sharing, whiteboarding, chat, and presence features make it easy to collaborate anywhere, at any time, with built-in application integrations that automatically connect to other business tools you use every day.

Meanwhile, Webex meetings features keep teams connected even when working remotely. Users can join meetings from any device with a single click, while effectively multitasking and staying productive. Online meeting rooms blend audio, HD video, chat, messaging, screen sharing, and wireless content sharing to keep participants engaged.

Blending these features on a single hosted UC platform creates a seamless communication experience. Instead of dealing with dial-in numbers or using mobile phone minutes, CBTS users can join virtual meetings with the click of a button from the company’s enterprise dial plan. You can make and take phone calls through the Webex application—using the desktop, tablet, or smartphone device of your choice—to connect more easily and collaborate more effectively. If you prefer to continue to use a traditional desk handset, that option is available as well.

The enhanced Hosted UC experience

By integrating cloud calling and collaboration solutions onto one secure platform, CBTS delivers a managed UCaaS experience to help companies future-proof their communication infrastructure. Designed to be open and interoperable across the most complex enterprise ecosystems, our integrated solutions are custom-designed to deliver the tools you need to enhance your unique customer journey.

Whether your employees work from one central office, multiple locations, or remotely from home, they can enjoy one core user experience across multiple devices, software applications, and workstyle preferences. Plus, CBTS can layer on advanced applications such as hosted IVR, mass notifications, e-911, and other contact center features to make your employees or agents more productive and your business more profitable.

Simplifying enterprise calling, messaging, and video conferencing through the unified Webex platform can also reduce telephony hardware costs and ongoing maintenance requirements, since upgrades happen automatically without any downtime or additional investments. The predictable fixed monthly cost of hosted UC enables you to focus on core innovations instead of billing surprises.

Hosted UC from CBTS delivers all the features of an enterprise-grade, cloud-enabled communications solution, combined with the latest remote collaboration apps—all on a single platform that’s flexible enough to scale up as your business grows. With 99.999% network availability and full redundancy, along with end-to-end security and 24x7x365 support, CBTS integrates Hosted UC with Webex to meet the full range of ever-changing communication and collaboration capabilities your enterprise needs in order to be equipped for the future.

Contact us to learn how Webex can empower your business to leverage the benefits of Hosted UC.

How to build a full-spectrum cloud security strategy

The growing relevance of cloud technology shows no signs of slowing down. As more organizations migrate to cloud environments, their managers and IT specialists are grappling with the issue of cloud security.

However, a number of misconceptions currently muddy the water and could prevent your enterprise from achieving the secure cloud networking environment it needs to stay competitive. Before you embark on a comprehensive cloud migration journey with your organization, ensure that you have all the information you need to build a cloud-enabled security solution.

More isn’t always better

You may hear from time to time that the more cloud security tools your enterprise can bring to the table, the safer your data will be. This isn’t always necessarily the case. In fact, too many disparate systems, as well as too many security service providers, can overwhelm your staff and security experts and create additional avenues of attack.

It’s also vital to not simply rely on your cloud security provider to manage all aspects of your organization’s security solution. While working with a security provider, your team should remain responsible for the data it places in the framework of your managed cloud security environment. Overall, a streamlined and customized cloud security strategy, in which your organization has transparency into the entire process, is the best approach.

Stay ahead of the curve

The interconnected and comprehensive nature of cloud computing imposes some inherent risks and vulnerabilities, chief among them being the volume of access points to secure across the environment and the amount of auditing and review needed to prevent breaches.

Additionally, cyber attackers are constantly evolving their techniques and employing more advanced methods to break into protected stores of data. However, in most cases, successful security breaches are the result of lapses, errors, and lack of preparation on the part of the victim. To prevent opportunistic hackers from finding an open window into your network, a robust security policy must be instituted so that employees are held accountable for every possible network entry point.

This team-oriented approach to cyberattack defense may be counter-intuitive; after all, isn’t security best left to the professional providers and consultants? Not necessarily. Security is everyone’s responsibility—especially in the hyper-connected cloud era. Your developers should be involved in the ongoing process of securing your cloud environment with the assistance and guidance of your security provider.

Don’t count too much on automation

Although automated network security is an attractive goal to strive for, human input should not be underestimated or discounted. Studies have shown that both human specialists and computer-driven security systems are equally valuable in terms of identifying and mitigating weak spots in a cloud computing network.

Securing a cloud network environment is not a simple matter, and it can be difficult to know the first steps or to separate myths from the truth. However, by keeping these guiding principles in mind and choosing the right provider to meet your specific security challenges, you can set your organization up for success in an increasingly cloud-centric world.

To help future-facing enterprises secure their cloud computing environments, CBTS is bringing Check Point CloudGuard Security as a Service (SaaS) to market. CloudGuard SaaS is a cloud service tailored for real SaaS threats. More than just a cloud access security broker (CASB), it blocks attacks intended to steal data on common SaaS applications and cloud e-mail. It provides complete protection against malware and zero-day threats, sophisticated phishing attacks, and hijacking of employee SaaS accounts. Users also gain instant threat visibility and data control and protection.

“CBTS has leveraged SD-WAN technologies to help our customers along their journey to the cloud and their path to digital transformation,” said Jon Lloyd, Director of Cloud Networking for CBTS. “Organizations are now facing the challenge of how to secure this new, flexible, always-on network where an application can live anywhere in the world and employees can work from anywhere in the world. Check Point’s CloudGuard Connect and CloudGuard SaaS enable our customers to make the network decisions and application decisions that are best for their organization without the added difficulty of securing a malleable, distributed network. We are delivering peace of mind now along with our flexibility and convenience.”

Check Point and CBTS can offer differentiated security services to customers moving towards borderless compute (SASE and CASB).

Contact CBTS for more information on how to build a cloud security strategy that keeps your organization’s data and employees protected.


Read more: Protect your SD-WAN network with cloud-enabled security

Read more: Finding the right SD-WAN provider for your organization

Evaluate collaboration technology with 3 key questions

Several collaboration technology platforms have emerged in recent years incorporating robust and secure voice, video, and content sharing functionality alongside its messaging.

Evaluating these different vendors and platforms goes far beyond researching the features and benefits of existing collaboration apps used inside the organization. The process also involves establishing user policies and formulating a plan for implementation and training.

Questions to ask when conducting research

Here are three questions companies need to ask when conducting their search:

  1. How established is the collaboration company and its tools, and is security a top priority? The top companies in the space use a holistic approach to security and will employ experienced security personnel to identify and eliminate threats proactively.
  2. How does the collaboration company support rollout and training? An experienced collaboration partner can help establish policies to reinforce your company’s security posture and simplify implementation across all functional teams.
  3. Does the collaboration solution support end-to-end connectivity required by today’s agile workforce? Managing your hosted application environment requires a high-performance solution to support visibility across the organization, monitor security threats in real-time, and implement changes to address threats quickly.
Balancing security risks with business needs for online collaboration technology

To keep security risks to a minimum, enterprises must begin to reign in and consolidate the numerous collaboration tools used by different teams throughout the organization.
 

Focus on security makes Cisco Webex a trusted collaboration technology

Cisco Webex® is a proven suite of applications enabling today’s global employees, virtual teams, and remote employees to work side-by-side to achieve objectives, as if in the same room. The security features built into Cisco Webex applications make it a trusted solution for corporations, institutions, and government agencies worldwide.

CBTS, a Cisco Webex Master Service Provider

Why hire a technology partner to manage implementation and ongoing support and maintenance of your collaboration solution? Because in-house teams working diligently to meet business goals for encouraging innovation through digital collaboration shouldn’t be burdened with ever-changing security and compliance responsibilities.

With CBTS as your technology partner, IT leaders can integrate new collaboration functionality into the corporate environment while continually addressing security concerns, no matter the location of distributed team members.

Learn more about the top goals of IT executives implementing collaboration technology and how CBTS can help.

Balancing security risks with business needs for online collaboration tools

While an increasing number of CIOs recognize the benefits of implementing standardized, corporate-wide collaboration tools, the top priority for most companies continues to be security.

Yet, the collaboration tools used extensively every day by employees contain some of your company’s most sensitive information, from customer data to logon credentials to details about a proprietary process or an innovation driving a new product offering.

In an environment where mobility is not only valued but mandatory, IT is still responsible for complying with mounting regulatory requirements, including safeguarding all information shared across collaboration platforms.

Collaboration suite vulnerability threats

Threats most often identified as arising from collaboration suite vulnerabilities include:

  • Users accessing collaboration tools from the public Internet versus a secure VPN, opening up threats from web-based opportunists.
  • Unauthorized individuals breaching logon credentials, allowing them to gather details for accessing proprietary company data, customer information, and even financial records.
  • When limited encryption gives hackers an opening, making the organization vulnerable to considerable compliance risks.
  • When code-related issues accidentally expose confidential data.
  • Third-party integrations into collaboration tools.

To keep security risks to a minimum, enterprises must begin to reign in and consolidate the numerous collaboration tools used by different teams throughout the organization. CIOs can initiate the process by engaging stakeholders to determine functionality crucial to the lines of business, while carefully considering the diverse needs of corporate headquarters, branch, and remote users.

Give teams secure collaboration anytime, anywhere

Today, more than 63% of companies globally employ remote workers and over 48% regularly hire independent contractors.
 

Focus on security makes Cisco Webex a trusted collaboration tool

Cisco Webex® is a proven suite of applications enabling today’s global employees, virtual teams, and remote employees to work side-by-side to achieve objectives, as if in the same room. The security features built into Cisco Webex applications make it a trusted solution for corporations, institutions, and government agencies worldwide.

Get more done with Cisco Webex. Learn how.

CBTS, a Cisco Webex Master Service Provider

Why hire a technology partner to manage implementation, ongoing support, and maintenance of your collaboration tools? Because in-house teams working diligently to meet business goals for encouraging innovation through digital collaboration shouldn’t be burdened with ever-changing security and compliance responsibilities.

With CBTS as your technology partner, IT leaders can integrate new collaboration functionality into the corporate environment while continually addressing security concerns, no matter the location of distributed team members.

Schedule a collaboration security assessment today.

Give teams secure collaboration anytime, anywhere

Now, more than ever, enterprises recognize the positive impact of remote workers on the business and the value of secure collaboration technology to connect them, no matter their location, on any device.

Indeed, according to a recent, eye-opening study by Upwork, more than 63% of companies globally now employ remote workers, and over 48% regularly hire independent contractors, many of them on-demand. As a result of these more agile team structures, modern offices have become temporary anchor points for specialized, project-based services.

The challenge for CIOs

For CIOs, the challenge is how to deliver reliable, collaborative experiences consistently across these dispersed teams without sacrificing the organization’s security.
 
 

Secure collaboration balances risks and rewards

Modern corporations have discovered an agile workforce isn’t just a trend designed to keep today’s mobile, digitally connected employees engaged and happy, but a strategy that makes good business sense.

A distributed workforce can tackle project tasks around the clock, and the organization can benefit from talented people living in locations outside commuting distance to corporate headquarters or branch offices. Also, many of today’s flexible meeting rooms, offices, and co-working spaces provide an environment conducive to secure collaboration technology.

Still, many companies have not embraced the implementation of universal collaboration tools, risking security, and often struggling to keep their widely distributed teams aligned and on target with corporate initiatives. Without access to secure, virtual meeting spaces—integrating voice, messaging, video, and content sharing—suboptimal user experiences are common, with valuable meeting time wasted on technology setup or addressing issues with seemingly simple, collaborative functionality.

As a result, companies are collecting a variety of different collaboration and communications tools downloaded by their employees.

Although these apps give distributed workers the ability to share content and gather feedback needed to keep the momentum after a meeting, the sheer number of apps creates fragmentation. Content, contacts, and conversations get distributed across these various apps, and information either gets lost or becomes difficult to track down—hurdles CIOs and executive teams understand can slow operations and stall innovation.

Balancing security risks with business needs for online collaboration tools

To keep security risks to a minimum, enterprises must begin to reign in and consolidate the numerous collaboration tools used by different teams throughout the organization.
 

Focus on security makes Cisco Webex a trusted collaboration platform

Cisco Webex® is a proven suite of applications enabling today’s global employees, virtual teams, and remote employees to work side-by-side to achieve objectives, as if in the same room. The security features built into Cisco Webex applications make it a trusted and secure collaboration solution for corporations, institutions, and government agencies worldwide.

Get more done with Cisco Webex. Learn how.

CBTS, a Cisco Webex Master Service Provider

Why hire a technology partner to manage implementation and ongoing support and maintenance of your collaboration solution? Because in-house teams working diligently to meet business goals for encouraging innovation through digital collaboration shouldn’t be burdened with ever-changing security and compliance responsibilities.

With CBTS as your technology partner, IT leaders can integrate new collaboration functionality into the corporate environment while continually addressing security concerns, no matter the location of distributed team members.

Schedule a collaboration security assessment today.

SD-WAN: The perfect prescription for CIOs’ pharmacy network challenges

There’s one thing causing pain for every IT specialist in the pharmacy industry today— enterprise WAN.

Symptoms include: traditional MPLS networks that cannot offer low-latency/high-performance access to cloud applications; security and management requirements associated with disparate traffic flows begin to add to the complexity of managing branch operations; and increasing operational (staffing) costs.

If you’re experiencing any of these issues, it may be time to ask your CIO about SD-WAN.

The evolving pharmacy environment

In today’s ever-changing pharmacy landscape, large-scale drugstore chains are strategically shifting away from significant retail presence to offering more and more healthcare services for their customers. Nurse practitioners and physician assistants are commonly available at drugstore locations to diagnose and treat minor health conditions, administer low-cost lab tests and immunizations, and provide wellness services like disease awareness and education. Additionally, some pharmacy chains now offer in-home healthcare services and have developed and maintained tools designed for specific healthcare purposes, like sourcing low-cost prescription medications, including generic and pharmacy branded drugs provided at a discount.

In this same environment, consolidation and acquisitions among pharmacy chains and other healthcare industry companies are prevalent. And like many retail environments, store closings are common, especially in drugstores with excessive floor space dedicated to retail products instead of growing healthcare services.

So, in this evolving pharmacy marketplace, IT departments must strategically bend and flex as their companies bring on new healthcare services while paring down or eliminating unprofitable products and service lines.

The challenge for CIOs—whether managing hundreds, thousands, or even 10,000+ locations with various functions, products, and services—is how do you bring all of these different moving parts together?

These challenges are especially difficult in an industry traditionally operating in technology silos across their corporate-wide branch networks.
 

Top three network challenges SD-WAN solves

Let’s take a look at the top three network challenges CIOs must overcome to operate smoothly in this shifting pharmacy environment and remain solidly profitable.

1. Volume of pharmacy locations with disparate, siloed networks

Connecting a multitude of drugstore locations with massive data footprints and ever-changing product and service lines can be a daunting challenge.

For CIOs, network engineers, and network administrators, consolidation of company location networks into an easily accessible and managed enterprise WAN is a top priority—not just from the standpoint of controlling network traffic and bandwidth usage but also understanding consumer behavior and feedback.

With SD-WAN implementation, corporate technology teams gain insight into the performance of every drugstore location network, and can then proactively and securely manage bandwidth and data flow to meet specific business objectives.

2. Obtaining single-pane-of-glass visibility without losing platform control to a managed services provider

With its real-time, centralized, web-based dashboard, SD-WAN gives pharmacy technology teams greater visibility and control than traditional enterprise-WAN infrastructure, like MPLS.

The advanced SD-WAN monitoring and orchestration software allows users to drill down into the minute details of network performance data to identify bottlenecks and reroute traffic to less stressed resources. Priority can be given to customer-focused applications such as patient monitoring and prescription refill apps to minimize emergencies or provide data to doctors to adjust treatment plans when necessary.

Single-pane SD-WAN management does not mean your IT staff must give up control over the centralized platform. By partnering with a managed service provider allowing for co-managed centralized monitoring, your pharmacy technology team gains unprecedented visibility and control over the applications driving growth for your organization, with access to managed services partner experts as needed.

3. The need to improve Quality of Service (QoS)

By eliminating the pain of managing disparate networking equipment across all pharmacy locations for centralized SD-WAN, Quality of Service improves immensely through categorization and policy changes that deliver predictable performance. In a majority of cases, potential network challenges can be addressed upfront, leading to smoother data flow and more reliable service. Many of the adjustments are applied automatically through increasingly intelligent algorithms, giving IT staff the ability to step away from day-to-day network management responsibilities to focus on the strategic initiatives designed to drive pharmacy chain growth.

With the real-time, web-based SD-WAN dashboard, technology teams can quickly analyze key metrics and performance indicators, and ensure they align with strategic business goals.

Choosing an SD-WAN provider

When making the critically important decision to choose an SD-WAN provider, just like any long-term relationship, it is important to know they have your organization’s best interests at heart and that they’re going to support future growth. That’s why a big part of our commitment to you is the roadmap we create and how it supports a long-term enterprise strategy.

CBTS is a committed SD-WAN provider. We take significant time, research, investment, expertise, and vetting to develop a roadmap that is long-term and offers a breadth and depth of functionality that aligns with your pharmacy and retail requirements.

Remember: Making the right decision about your SD-WAN provider leads to the long-term health of your IT operations and success of your business.


Learn more about the SD-WAN solution from CBTS.

Discover how advanced VMware SD-WAN by VeloCloud capabilities like Dynamic Multi-Path Optimization (DMPO) and cloud gateways can give you a competitive advantage.

Experience immediate relief when you take advantage of our 90-day SD-WAN proof-of-concept.

  1. Register for a FREE 90-day proof-of-concept (PoC) and receive Co-Managed Cloud SD-WAN at up to four sites.
  2. Receive a customer premises device provided by CBTS and cutting edge SD-WAN software technology from VMware SD-WAN by VeloCloud.
  3. Experience a simple, zero-touch deployment of the market leader in SD-WAN, helping organizations migrate to cloud applications and reduce overall network cost while increasing performance.
  4. Discover the freedom to manage company application policies through the Orchestrator or offload management to CBTS with confidence, giving you back your nights and weekends.

6 security trends to keep an eye on in 2020

Happy 2020! As a practitioner and consultant I’m excited to see what the year brings in terms of new technology, research, and clever Twitter and blog posts from the security community. To get the ball rolling, here are six security trends to keep your eye on as we start the new year.

Two security trends for home users and consumers:

1. Attacks against smart home products will increase

We will see more discovered vulnerabilities in, and attacks against, so-called “smart home” products, such as smart speakers, security systems, and cameras. Any time we see widespread deployment of technology that is, relatively speaking, in the early stages of maturity, we expect that attackers will pay attention and work to discover ways to circumvent security functions of these devices. In the last few months we’ve seen lasers used to surreptitiously command smart speakers, attackers remotely compromise smart home devices, and the inadvertent disclosure of PII from smart camera owners by the camera’s vendor. Expect attackers to look for, find, and exploit ways to control, obtain sensitive data from, and disrupt these devices.

What you can do today:

Make sure you’ve hardened your smart home devices. Change factory passwords after you install them, restrict the activities they can perform without identity validation, and regularly review the “connected apps” they use.

2. An influx of noise on social media

Because of the 2020 presidential election, we expect that social influence operations will substantially escalate from foreign states that have an interest in our country’s politics. This will include social media “news” posts, activity programmatically generated by computer-controlled (or “bot”) accounts, and an uptick in spam e-mail and robocalls to your phone. There’s also the possibility that attackers will target our voting machines. Stanford University’s Cyber Policy Center published an excellent paper on the risks and some countermeasures and controls to ensure our elections are conducted with integrity and security.

What you can do today:

Be cautious with blindly trusting any material you read from your browser or smartphone. Make sure you’re getting your news from vetted sources that are known to publish content of substance based on careful investigation and thorough research. Contact your state and local boards of elections and tell them you expect the voting process to be secure, transparent, and free from any interference, and ask what is being done to ensure this happens.

Four security trends for enterprises:

1. Ransomware incidents will continue to shift from opportunistic to targeted attacks.

Opportunistic attacks—those that aren’t focused on a specific individual or organization, but instead sent broadly to the public Internet—are certainly still going to happen, but we are seeing more and more ransomware incidents that are deliberate in nature, with a focused effort on a specific organization (say, the City of Baltimore or New Orleans). Attackers will build phishing and social engineering campaigns designed to exploit human weaknesses, as well as find exposed infrastructure with technical weaknesses and misconfiguration that will allow them a presence on the network. They will use this presence to install ransomware on key systems, attempting to impact the organization’s operations sufficiently to encourage payment.

2. Business e-mail compromise attacks will continue

We also expect to see “business e-mail compromise” attacks continue, as attackers conduct similar focused campaigns to obtain access to trusted e-mail accounts, and use that access to trick employees into providing cash, gift cards, funds transfers, or financial information. It is by far the most common successful “cyber” attack we see in our customer environments, one that’s trivial for an attacker to perform with commoditized tools and methodologies, and susceptible users at nearly every business.

What you can do today:

Begin a comprehensive security awareness training effort, intended to teach users to spot and report these attacks. Inform every employee that their managers and leadership aren’t going to ask them to take pictures of gift cards and text them back, so those requests can be safely ignored! Review your security controls posture to ensure you have sufficient defense against these threats.

3. Improvements in attacker capability

Attackers will focus research efforts on credential theft, bypass of so-called “next generation” endpoint protection solutions, and defeating multi-factor authentication. We can expect to see new standalone tools, shared code, and malware kits that leverage these advances.

What you can do today:

Ensure your risk management efforts include staying current with modern threats, including those that compromise the effectiveness of the controls you’ve deployed. Continue to monitor the threat landscape, the output from vendors that provide these solutions, and at least annually review your control set to ensure it aligns with the risks you’ve identified.

4. The California Consumer Privacy Act went into effect on January 1.

That means if you serve customers in California and (a) make $25M in revenue, (b) possess personal data for more than 50,000 individuals, or (c) sell personal data and make more than 50% of your revenue from that effort, you are subject to the law. You’re required to tell customers what data you’re collecting about them, provide this data to them when requested, and delete it when requested. The EU’s General Data Protection Regulation (GDPR) made this practice more common in 2018, but we anticipate a greater number of US businesses will be looking to add it in 2020.

What you can do today:

Read the CCPA to see if you’re subject to the law, and if so, get ready to field requests from customers or face penalties.

 

Related Articles:

Is SMS-based Multi Factor Authentication Secure?

Understanding “Data Breach Safe Harbor” law

Create your data breach response plan

How to efficiently search for executive technical talent

Finding the right executive talent to manage a rapidly evolving technology environment is proving to be one of the most significant challenges facing the enterprise in this age of digital transformation.

The fact of the matter is, those who are qualified for senior-level IT jobs have spent the bulk of their careers overseeing the static, silo-laden infrastructure of the on-premises data center and have only recently come to grips with the scalability and availability of the cloud. In short order, however, both of these environments will become steeped in artificial intelligence, system autonomy, and a host of other technologies that will not only remake data infrastructure itself but also business processes, services, and perhaps the entire business model.

This puts the enterprise in an unstable position when it suddenly finds itself without a key player since it can leave a major gap in day-to-day operations or even bring key processes to a standstill. With the business at risk, then, the faster you can fill that job with a qualified candidate and then transfer the necessary knowledge, the faster you reduce the severity and duration of the situation.

Attributes technically-inclined executive talent should have

The problem that most organizations encounter is that the pool of candidates possessing the right experience and leadership skills is limited. Ideally, you need to find not just a good manager but a technology visionary with the following skillsets:

  • Communications. When working with non-technical executive leadership or front-line employees, the candidate must be able to translate complex technology solutions in ways that are both relatable and compelling. Likewise, they must be able to understand the needs and concerns of others as they relate to the mission of the organization.
  • Foresight. The ability to seek out mission leaders and champion new initiatives, even in the face of internal blowback, is essential. This skill must apply not only to new deployments but in supporting ongoing programs as well.
  • Deep knowledge. Tech leaders should have a broad knowledge of technologies and technology initiatives and should be fully versed in the impact they will have on legacy operations and future goals. The ability to determine risk and evaluate risk ownership is also a key attribute.
  • Leadership. Mentoring, monitoring, and managing both individuals and teams is a crucial aspect of the job. Successful project management is also required, as is longer-term strategic thinking.

Laying out the requirements for top technical talent is one thing, actually finding qualified candidates is quite another. A typical mistake is to rely on internal HR and other sources to locate and vet candidates when there are specialized consultants and staffing services that can tap a far wider range of resources to acquire senior-level candidates.

CBTS provides access to top executive talent

At CBTS, we provide quick access to top executive talent with all of the skills needed to take control of demanding technical environments. Since we are at heart a technology company, we understand the technical needs of our clients and what it takes to achieve success in an increasingly competitive landscape.

Our subject matter professionals prescreen all potential candidates to ensure they are experts in their respective fields and maintain all the necessary training and certifications. We also provide a range of staffing solutions, from temporary placements to maintain operations while permanent hires are being vetted, to the transition of the temp executive to full-time status should they turn out to be the right person for the job. Either way, the enterprise saves time and money during the appointment process and lessens the risk of a bad hire or termination.

Conclusion

Despite all of the advanced technology that has come to bear on the modern business model, the most valuable enterprise asset remains its human talent, particularly those at the top of the organizational structure. Vacancies at this level must be filled quickly but not carelessly. By turning to outside help like CBTS, organizations will find that they can satisfy both demands with a temporary hire in conjunction with a thorough, professional candidate search.

For information on how CBTS can help with your staffing needs, please visit: https://www.cbts.com/consulting-services/it-staffing-and-consulting/.

Cybersecurity Awareness Month: the Essential Security Practice

I’ve spent more than half of my 23-year IT career in security. In seeing shifts from standalone viruses to networked worms to state-sponsored attackers and ransomware, I’ve heard folks say periodically that we’re failing as an industry. “Look at all the breaches,” they say, “we’re obviously having no impact, we need to rethink everything we’re doing.”

To which I say, frankly, that view is nuts. Totally bonkers.

Effective prevention, detection and response is the goal of information security

Of course, the number of breaches we see, the volume of lost records, and the degree to which certain threat actors can act with impunity inside certain networks, is always alarming. The practitioners I know don’t see that as a hopeless situation, but instead as an opportunity to which they will rise. The fact is, we’ve had a clear positive impact. I know that, because no threat actor can do whatever they want on any network they want. Attacks are stopped every day. Breaches are detected, cleaned up, and improvements are made every week.

Think of it like law enforcement: The goal of law enforcement isn’t to stop crime, because you’ll never stop all crime. It’s not possible. It’s not even a reasonable goal that any police officer aims for. The goal is to minimize crime and allow law enforcement to protect as much as they can.

The information security industry has a similar goal: It’s not possible to guarantee an organization won’t suffer a breach. However, organizations can commit to doing their best to stop opportunistic attacks. When a breach does occur, the organization can commit to a complete and effective response.

Use October to re-commit your organization to cybersecurity awareness

I’ve been reminded recently, though, where our most challenging work will continue to reside, and that is in improving the cybersecurity awareness of the non-technical folks in our midst.

Fraud, business email compromise, and e-mail account compromise are still plaguing many organizations.

The Internet Crime Complaint Center noted recently that in the last three years we’ve seen over $26 billion dollars lost to these attacks.

Technical controls can help, but the most important step we can take is educating individuals about the types of attacks that they can expect to see and how to report them.

Our partners Proofpoint and Cofense have some great resources available to help address this threat. I know we can continue to make our organizations more secure as we work together, equipping our customers with the tools and practices to protect themselves and their assets.

Happy October, and Happy Cybersecurity Awareness Month!

 

Related Articles:

Understanding the “attacker mindset” in security

Three steps to enhancing security solutions

Create your data breach response plan