NSA Security Pyramid

Security Operations Center:
24×7 “eyes on your environment” designed to detect, identify, respond & remediate any
security threats.

Firewalls & Zero Trust:
Includes minimizing/prevention of outside threats from breaking into your environment from the web or other external elements. Zero Trust assumes that all devices, users, and applications are potentially malicious and cannot be trusted until proven otherwise. As a result, the Zero Trust model relies on several key network security concepts to ensure that only authorized users and devices are granted access to sensitive data and resources.

Multifactor Authentication:
Either second layer authentication (via text or email code verifications), or password less biometric authentication, designed to verify authorized access.

Server & Endpoint Protection:
Monitoring, updating anti-virus, encryption, keeping up to date on all application & operating system versions.

O365 & Email Phishing:
Over 70% of all intrusions are via email. It is therefore essential to develop a multi-layer email security to minimize the effectiveness of spear phishing, zero-day attacks. Include associate email testing & training.

Business Continuity & Disaster Recovery:
When something does get through your security defenses, it is critical to be able to quickly and effectively restore operations and to eliminate the threat as soon and as quickly as possible.

Security GAP Analysis Review:
Before determining an action plan, it is important to understand what security is currently in place and to then put in place a plan to enhance existing security as well as develop a prioritization on security gaps in your environment.

Search for Solutions, Webinars, Nuggets and Other Helpful Resources