Emergency Network Restoration for Non-Profits
Many non-profits have cyber-insurance to provide some financial protection against a cybersecurity incident. Best practice dictates that a concentrated Incident Response process should take place after a major cybersecurity incident in order to determine the root cause and scope of the issue.
Unfortunately, insurance-provided Incident Response teams often focus solely on scoping the issues for forensic purposes. While this insurance investigation is under way, your network may still be down and costing you money by the minute. This is where Scarlett|Cybersecurity can help.
What Should a Victim Do?
Unfortunately, there is no substitute for thorough preparation. Many times, these attacks are only a matter of time due to lax security policies. Scarlett|Cybersecurity is here to help ensure that your company has all the resources needed to recover from the attack and prevent future attacks from being catastrophic. Below are the steps a victim should take whenever they are impacted by a major security event:
- Ensure that all relevant resources are aware of the issue. This may include cyber-insurance providers, outsourced IT or security, and internal leadership.
- Determine the realistic capabilities of the resources at your immediate disposal.
- Working with all available resources, develop a plan to resolve the incident while preserving evidence if necessary.
- If no course of action can be determined, contact a certified consultation firm such as Scarlett|Cybersecurity to help formulate a plan.
- If the currently engaged resources do not have the ability or bandwidth to resolve the incident, engage a third-party network restoration firm such as Scarlett|Cybersecurity to work alongside existing resources and augment the restoration efforts.
- Scope the incident, collect evidence, eradicate the threat, restore business functions, and improve security where needed.
Restoring Business Functions
During an insurance-mandated Incident Response engagement, many devices cannot be restored until they are properly preserved for forensics purposes. Scarlett|Cybersecurity has certified experts who will work directly with the IR teams to provide timely restoration of hardware as soon as the option is available.
We work in tandem with the insurance-provided IR team to provide restoration and recovery without impacting existing evidence. In addition, our unique IT capabilities allow us to deploy forensic tools for the insurance IR teams on the fly. This dynamic deployment drastically improves the speed at which the analysis can be completed.
By increasing the speed at which the insurance teams can complete their investigation, we further lower the time required to get you back online and back in business.
Typical Recovery Scenario
Our engagements in this domain typically look something like this:
- A cyber-attack hits an unsuspecting victim. This victim may or may not have cyber insurance.
- The current IT staff does not have the capability to restore business functionality in a timely manner.
- Scarlett|Cybersecurity is informed of the security incident from the victim. They require immediate business restoration as soon as possible. A full forensic investigation may or may not be ongoing.
- Scarlett|Cybersecurity works with the currently engaged entities to scope the issues and provide timely solutions to any issues affecting business operations.
- Actions here vary but may include: deploying forensic tools for insurance-provided IR teams, creating temporary workarounds to restore business functions, providing consulting on options to recover from the incident, and many other potential courses of action.
Incident Prevention Services
Prevent cybersecurity incidents by working with Scarlett Cybersecurity. We provide a robust array of cybersecurity services ranging from cybersecurity consulting to full defense-in-depth security services. Scarlett Cybersecurity uses the latest tools and techniques to help secure your organization. Our unique focus on transparency enables us to form close relationships with our clients and provide incident prevention services that emphasize effectiveness and cost-efficiency.
|Scarlett Managed IT Services||Fully outsourced IT and security managed by Scarlett Cybersecurity. Specific services are be determined on a per-client basis.|
|Co-Managed IT Services||Scarlett Cybersecurity will design a managed solution based on your business needs, existing IT expertise, geography, regulatory requirements and current business applications.|
|Scarlett Managed Cybersecurity Services||A fully managed security solution with implementation based on client needs and expectations.|
|Scarlett Co-Managed Cybersecurity Services||A co-managed security solution with implementation based on client needs and expectations. Work with existing client internal security to achieve goals.|
|Cybersecurity Awareness Training||Training sessions designed to test users and provide actionable reports. Simulated phishing attacks test training effectiveness.|
|Managed AV Services||Managed AV with custom alerting and issue resolution.|
|Managed Patching Services||Managed monitoring and patching of devices to ensure updates are implemented in a timely manner.|
|Managed Network Security Services||Managed Firewalls and Network Security Appliances. Only available with other managed service packages.|
|OpenDNS||DNS resolution with built-in security features that helps prevent malicious or undesired traffic from resolving.|
|Single-Sign-On (SSO)||Implement SSO solution to enable use of a single set of credentials for most services.|
|Centralized Password Management||Centralized password management including the implementation of a password manager for all users.|
|Multi-Factor Authentication||Implement MFA solutions to provide enhanced authentication security.|
|Application Whitelisting||Managed application that provides the ability to control what runs in the environment and what users can install.|
|Managed Cloud Web Application Firewall||Fully managed cloud WAF to reduce risk to exposed Web Servers. Prevents common attacks and exploits and provides DDOS protection.|
Incident Detection Services
Detecting a cybersecurity incident can be a difficult task. Partner with Scarlett Cybersecurity to ensure all threats are detected and eradicated before they cause irreparable harm to your organization.
|SIEM/SOC||Centralized logging and alerting. Used for network visibility and compliance. Provides 24/7/365 customized alerting and reporting.|
|Data-loss Prevention Solutions||DLP solutions classify and protect confidential and critical information in order to prevent end users from accidentally or maliciously sharing data that could put the organization at risk.|
|Endpoint Detection and Response||EDR is an endpoint protection solution designed to be a full replacement for AV. Network isolation, rollbacks, IR forensics, and machine learning are some of the flagship features.|
|Hardware Monitoring||Monitored hardware health with proactive notifications.|
|Vulnerability Testing||Extensive network scans with annotated reports that provide insight into network health and security gaps.|
|Penetration Testing||Advanced manual penetration test to discovery specific vulnerabilities.|
|Network Security and Health Monitoring||Central administration and monitoring of the network.|
Whether your organization is the victim of an attack or you just want to be prepared, working with Scarlett Cybersecurity can ensure that you will be able to recover quickly should an attack happen.
|Disaster Recovery as a Services (DRaas)||DRaaS is an enhanced backup solution. It is fully managed by Scarlett Cybersecurity. DRaaS provides managed, rapid network recovery from catastrophic events.|
|Incident Response on Retainer||Contact Scarlett Cybersecurity to get your organization's information on file for rapid response in the case of a cybersecurity incident. Incident Response services are billed, but the initial registration is free and information can be kept on file to facilitate rapid response procedures.|
|Scarlett|CIRT (Cyber Incident Response Team)||Utilize Scarlett|CIRT's expertise to resolve cybersecurity incidents. Includes all phases of the IR process and the follow-up "Post-Incident" cybersecurity improvements.|
|Emergency Network Restoration||A specialized Incident Response service focuses on rapid restoration of network services.|
|Persistent Malware Removal||Assistance in removing persistent or highly evasive malware from a network.|
|Ransomware Recovery Services||Assistance in recovering from a ransomware attack utilizing all available options to get an organization back online as quickly as possible.|
|Cyberinsurance Incident Response Assistance||Work with an organization's current cyberinsurance retainer IR team to deploy recovery solutions and remediate out-of-scope network issues.|
Scarlett Cybersecurity’s Consulting Team is led by ISACA Certified Auditors. These services provide information to clients as a trusted partner. Specific services are offered to assist in the realization of large projects. We are highly specialized in “Virtual CIO” services, Cloud Strategy, and IT Governance consultation.
|Virtual CIO||A virtual CIO is an outsourced specialist who acts as an overall IT strategy partner for client. This service can augment existing IT leadership or act in an advisory capacity.|
|Virtual CISO||A virtual CISO is an outsourced specialist who acts as an overall Cybersecurity strategy partner for client. This service can augment existing IT leadership or act in an advisory capacity.|
|Governance Consulting||IT governance is a framework that provides a structure for organizations to ensure that IT investments support business objectives. Our Governance Consultants often augment an organization’s current staff.|
|DRBC Consulting||Consultants assist in the creation of a DRBC plan with consideration for infrastructure, applications, staff, data, and IT availability. They will design and recommend options to accomplish disaster readiness.|
|Cloud Strategy Consulting||Tasks focused on migrating a client to the cloud. Consultants formulate a strategy based on requirements from client. Hybrid solutions available.|
|Workflow Consulting||Business process mapping focused on providing an objective picture into procedural improvement opportunities.|
|Compliance Consulting||Consulting focused exclusively on achieving compliance. Examples include HIPAA, HITRUST, NIST, PCI DSS, GDPR.|
|RFP Services||Evaluating and selecting new IT solutions within guidelines. Assistance can be provided at any point in the purchasing process.|
Scarlett Cybersecurity was founded and built by certified Information Technology Auditors. The assessments listed below are commonly used to provide objective metrics and gain insight into the current network posture. Our assessments can be utilized as a standalone deliverable or as a precursor to more significant projects.
|Comprehensive IT Assessment||Performed by our ISACA Certified Auditors, this is a comprehensive report on the status of your entire IT infrastructure (security included).|
|Cybersecurity Assessment||In-depth security analysis performed by our ISACA Certified Auditors. Includes extensive report with recommendations.|
|Disaster Recovery | Business Continuity Assessment||In-depth disaster readiness analysis performed by our ISACA Certified Auditors. Includes extensive report with recommendations.|