The 6 Questions your Cyber Security Vendor(s) needs to answer

Cybersecurity continues to be a problem for all organizations. That’s why finding a quality cyber security services company should be a top priority. The popular Oregon chain McMenamins learned this firsthand when an attack breached their systems and stole employee information going back to 1998. In other words, employees who hadn’t worked at the hotel and brewpub chain since the Clinton administration had their personal information accessed. According to the data reported to the Oregon Department of Justice, the number of employees needing to be notified could top 30,000.

In these situations, at Compass Computing Group, we would use Axcient to help companies take their systems back to the last good point to restore their information. If every PC and Mac server had Sentinel tools, it is possible that the breach would not have even happened.

These threats are just a part of doing business today, with criminals hitting organizations of all sizes, across all industries. There are even scams where the attackers send fake invoices that look impressively real. They count on several companies not noticing the discrepancy and paying them anyway.

Despite these threats, it is common for those in senior management roles to not have significant training in technical information security and risk management. Therefore, you need an IT management partner on your side, who you can trust, to help you navigate these threats and protect your organization.

To find the right cyber security services company, you need to know the right questions to ask. These questions can help you evaluate your cybersecurity standing and MSP, so you can firmly establish your security.

6 Cybersecurity Questions and Answers That Decision Makers Need To Know

Businesses should begin by reviewing these questions internally and seeing which ones they need to address with their MSP so that they can secure their systems and prepare for attackers.

What are our compliance obligations regarding sensitive data?

You need to have a thorough understanding of the compliance obligations surrounding sensitive data. Over a certain dollar amount, you have to tell the FBI. Regulations also mandate that you let vendors and employees know of these significant breaches. In other words, these breaches can significantly affect your reputation.

Also, don’t forget the financial peace of mind that comes with credit protection. You will need to help those impacted by the breach monitor their credit so that they have method to alert them of potential identity theft. The cost of a significant data breach will grow significantly beyond the monetary amount stolen.

Consider the example of McMenamins discussed above. That breach has impacted more than 20 years of employee data.

With Compass Computing Group, professionals will help businesses like yours thoroughly understand compliance regulations and then go a step further in protecting your information. We are the only business our size that offers SentinelOne tools with a million-dollar guarantee. Our customers know that we help them abide by regulations and amplify their security.

Do I need cybersecurity insurance? Is our cybersecurity insurance policy appropriate for our risks?

We recommend that businesses secure enough cybersecurity insurance to cover a potential hack. The cybersecurity insurance market is expected to grow from 7.8 billion in 2020 to 20.4 billion in 2025. That rapid growth comes largely in response to the COVID-19 pandemic and the acceleration of work-from-home capabilities. Without this coverage, businesses breached by hackers will struggle tremendously to navigate ransoms and the financial fallout of the attack.

Compass Computing Group helps businesses understand what they need to cover and how to better evaluate their insurance options. We also offer tools, training, and policy-planning services to help businesses lower the costs associated with insurance. For over 25 years, Portland businesses have trusted Compass Computing Group – an expert cyber security services company – to keep them safe from bad actors, human error and more.

Do our documented policies match what is actually happening in practice?

Documented policies need to be created and regularly monitored. Processes may have changed with work-from-home policies and COVID. For this reason, businesses want to review their policies to make sure they align with current regulations. For example, Oregon now requires businesses to create COVID-19 policies to articulate details such as internal COVID-mitigation methods. The policies you create can even impact your cybersecurity insurance. But, if you do not follow them, you can place your business at risk and even run afoul of the regulations that require your policies.

Watch this quick video to learn our Cybersecurity Best Practices for Small Business.

As many as 79% of Americans report that they are not at all or not too confident in businesses admitting their mistakes or taking responsibility if they compromise customer information. Businesses not following their own policies further erodes this trust and creates opportunities for cyber breaches.

Compass Computing Group can help businesses navigate the work from their home system, including establishing policies and modifying old policies to fit new needs. We have blank policy templates that can help businesses better articulate how they will handle different situations and protect their data.

Are our employees being appropriately trained on cybersecurity?

As many as 85% of breaches have a human element, making employee training an important part of safeguarding an organization. Paying what amounts to a few dollars a month for employee training can block a major passage for criminals to get in, reduce your cyber insurance cost, and increase your security awareness.

Get started with your employee cyber education right now.

Compass Computing Group offers training to educate employees about cyber threats so that they can better understand network security.

Can we detect an attempted or successful cybersecurity incident, brute-force attack, or data breach?

The faster a business can detect a breach, the easier it is to minimize the potential damage. Working with partners who can help you better protect these breaches and navigate discovery quickly is critical. At Compass Computing Group, we once had a client who contacted us because they had trouble accessing their database. A second employee then noticed that files had a weird extension. We realized that a breach had occurred. We were able to quickly take steps to navigate the problem and minimize the damage.

Working with Compass Computing Group gives you access to tools that can help monitor these steps. Having SEIM (Security Event and Incident Management) completely automated can help detect errors and problems as no human can. Our 24-hour Security Operation Center provides additional, robust, tools. It is important to remember that, even if you have these tools in place, you will also need someone interpret the information them. Compass Computing Group provides you with this partnership, allowing you to relax.

Do we know how to respond in a cybersecurity emergency?

Your business needs a plan so that everyone knows what to do in the event of a breach. This includes suitable backups that have been properly executed and are ready to be run. A plan includes properly testing your backups, checking the reports provided, and being prepared with Axcient and Acronis.

Consider the business that fails to monitor the backup system and, therefore, does not notice that a hacker entered the system and turned off their backup. Since the business did not monitor, when the criminal launches their full-scale attack, the company will have nothing to rely on.

Failing to prepare also can greatly hinder the speed with which a business can respond to a threat, which can result in greater costs.

Compass Computing Group helps businesses test their backups and develop plans to navigate a potential breach. Working as our partner will mean that you have solid breach-response policies, as well as regular backup reports, so that you know instantly if the backup failed to run as expected.

Trust Compass Computing Group To Be Your Cyber Security Services Company

As your IT security consulting experts, you can trust us to help you navigate the issues surrounding your network security. We answer your questions, help you understand how our tools protect you, and provide continual support. You will never feel as though you are navigating cybersecurity and cloud services alone. We are your partner in protecting your data. Contact us now for a 2022 Tech Assessment to see how your technology is protected.