Author Archives: Thrive

By Ian Bowell, Head of Information Security – EMEA

According to PwC’s 2021 Global CEO Survey, 47% of CEOs identified cybersecurity as the top threat to their organizations’ growth prospects—up from 33% in 2020. This concern reflects the escalating frequency, complexity, and financial impact of cyber attacks and also the critical shortage of cybersecurity talent needed to meet those challenges.

IT decision-makers face the daunting task of finding security professionals with the right mix of skills and experience to protect their organizations. In response, many are turning to cybersecurity certifications—particularly CISSP (Certified Information Systems Security Professional)—to identify high-impact security talent.

CISSP can also be a boon to security professionals, helping them deliver improved job performance while creating opportunities for career advancement and higher compensation.

CISSP — The World’s Premier Cybersecurity Certification

CISSP is a certification offered by the International Information System Security Certification Consortium—(ISC)². With almost 148,000 members worldwide, CISSP-holders are globally recognized as having the skills and experience to design, implement, and manage high-performance cybersecurity programs.

CISSP takes a comprehensive approach to certification. Applicants must possess the equivalent of four years of cybersecurity experience, receive an endorsement from an existing (ISC)² credential holder, and complete an ongoing 120 credit education program over three years to retain their certification.

Assurances for the C-Suite

With the average cost of a cybersecurity breach in the financial sector pegged at $5.1 million, C-level executives are prioritizing security programs and infrastructure to reduce their risk. But talent is a problem; demand is high for experienced, certified security experts, with an estimated 3.5 million unfilled cybersecurity positions in 2021.

While organizations must compete hard for security talent, executives need assurances that potential hires have the experience, skills, and ‘growth mindset’ to meet the challenges of a rapidly-evolving cybersecurity landscape.

CISSP certification helps provide those assurances. Forbes found that 96% of IT leaders surveyed believed team members with cybersecurity certifications add value to their organizations. And according to Brad Puckett, Global Product Director for Cybersecurity at Global Knowledge, “Any organization with sensitive critical infrastructure and assets will look to the CISSP as a staple when screening prospective candidates for open cybersecurity leadership positions.”

An Important Differentiator for Security Pros

Certifications like CISSP are also critical for cybersecurity professionals to accelerate their career development. According to the Global Knowledge 2020 IT Skills and Salary Report, more than half of survey respondents had at least one cybersecurity certification. As well, those certifications were associated with the highest IT salaries globally. “The top-tier cybersecurity certifications validate professionals for jobs in cybersecurity senior leadership positions, which are among the highest in-demand,” says Global Knowledge’s Puckett. 

CISSP—Meeting the Demands of the Changing Security Landscape

The CISSP program is broken down into eight knowledge domains that continually evolve. Each update, issued every three years or so, brings changes that address technology advancements, escalating security threats, and new compliance requirements.

Asset Security

This domain details the physical requirements of information security.

The most significant change in this domain reflects the evolution of the General Data Protection Regulation (GDPR) standard since the privacy legislation was improved. CISSP certification now extends beyond data and system ownership into a complete set of GDPR terms for data processor, custodian, user, and the all-important privacy-protected data subject.

This section also acknowledges the rising significance of digital rights management covering ownership of data. This topic is now even more important with the rise of non-fungible tokens (NFTs) in the blockchain world and other digital assets of value, like the first tweet by Twitter’s founder, recently auctioned for charity.

Security Architecture and Engineering

Addresses several important information security concepts, including secure engineering design, mitigating system security vulnerabilities, and designing and implementing physical security.

The updated CISSP certification reflects advances in standard procedures (also raised by regulatory bodies) for Zero Trust, Least Privilege, Separation of Duties, and Two-Person Control.  It also covers the Defense-in-Depth concept extensively utilized by Thrive TG to ensure that no one security layer is a single point of failure. If a failure or breach does occur, then another layer, vendor, or source of authority will pick up the attempt and prevent it with appropriate logging and analysis.  Defense-in-Depth also includes the concept of Fail Securely, whereby if one layer fails, then systems fail to a secure state.

This section of the certification now also contains nearly twice the material covering various forms of cryptographic attack and their definitions, as well as quantum computing’s potential capacity to defeat current encryption.

Communications and Network Security

Focuses on the design and protection of an organization’s networks.

This section includes expanded coverage to reflect the increased relevance of wireless and cellular systems in communication and network security.  CISSP now covers Wi-Fi Protected Access 3 (WPA3) in Wi-Fi networks and further deprecating WPA, along with the previously-addressed Wired Equivalent Privacy (WEP). Also highlighted is how WPA3 uses a Simultaneous Authentication of Equals (SAE) with Advanced Encryption Standard (AES) cryptography.

Other communication networks now included are:

• Zigbee for IoT, hinting at the rising security concerns for industrial complex OT (Operational Technology security considerations)
• 5G together with existing 4G
• Satellite communications, although Starlink internet as developed by SpaceX is not yet explicitly mentioned

Also covered is the rising use of Content Delivery Networks (CDN), essential for responsive proximity and static content distribution (images, videos, podcasts, and more) on the internet and social media.

Surprisingly, the list of standard ports has not changed to accommodate the increase and standardization of SFTP (SSH File Transfer Protocol) on port 22 and elsewhere across financial institutions, counter-parties, and others.

Identity and Access Management

This domain helps security professionals understand how to control the way users access data.

This section’s changes reflect a marked increase and open standardization on Security Assertion Markup Language (SAML), OpenId, and OAuth. These protocols are used for cross-entity federated authentication that simplifies single sign-on for corporate credentials and Google accounts while addressing some of the past credential leakage issues. New access control definitions also expand to include rule and risk-based access control, joining role-based access control (RBAC) with attribute-based access control (ABAC).

Security Assessment and Testing

Addresses the design, performance, and analysis of security testing.

This section has updated coverage of SSAE16 to SSAE18, and SOC audits for regulatory considerations, but no other notable changes.

Security Operations

This domain details the way security plans are implemented and optimized.

The Security Operations section remains little-changed compared to the other domains.  Future changes should include more detailed coverage of newer forensics or cloud-influenced processes in this area, particularly in light of Security Orchestration, Automation & Response (SOAR), and evolving ransomware attacks with robust responses.

Security and Risk Management

CISSP’s largest domain, Security and Risk Management, provides a comprehensive overview of security and information systems management. 

There are no significant changes of note in this section.  Thrive TG’s CISSP experts are monitoring the certification requirements for any upcoming developments.

Software Development Security

Helps professionals to understand, apply and enforce software security.

While this large section could be considered a discreet career path, it incorporates minimal changes at this time. Other available certifications have a greater focus on privacy or security-by-design, as mandated by GDPR or other considerations.

ISO 27001 and related certifications will continue to evolve, as a renewed ISO 27001 standard was expected in 2020.  We also anticipate a new version of the Information Technology Infrastructure Library (ITIL), ITIL 4.

Security and the Human Factor

Deloitte calls the ‘human factor’ a critical element in “reducing the widening cyber risk gap and enabling organizations to capture the full promise of new technologies.”

Eager to close that gap, many C-level executives are leveraging CISSP as a strategic resource to identify the talent they need to protect their organizations’ systems, data, and infrastructure.

________________________________________

The insights into the additions and improvements to the CISSP program domains are provided by Ian Bowell, EMEA Information Security Manager at Thrive Technology. These perspectives reflect the overall change in focus and priority by CISSP. Please note that CISSP will be launching updated material in May 2021

Contact us for more information about Thrive Technology’s cybersecurity offerings, or to learn more about cybersecurity best practices.

Financial services firms have an abundance of responsibility and challenges when it comes to information technology. Thrive’s FinTech Platform helps organizations manage and solve those IT challenges while also maintaining industry compliance mandates.

Through decades of experience and knowledge of the industry, Thrive utilizes SEC, FINRA, and SIPC guidances, risk alerts, and observations when developing an actionable IT and cyber security plan. Furthermore, Thrive is the ideal partner to assist alternative investment firms to evolve beyond on-premise architectures and capitalize on the compliance-friendly Cloud.

The On-Premise Model Shifts

Historically, emerging Cloud architecture has given organizations pause. However, the on-premise model is becoming unsustainable and COVID-19 is exponentially accelerating that process. During the last year, I’ve talked to financial services organizations with a server cabinet in the office who had to spend support time on physical infrastructure and server issues. Others have required upgrades to VPN licenses or requested more bandwidth to ensure efficient remote access. That time and money would have been better spent developing a future-proof Cloud architecture.

Rather than investing in aging infrastructure, it makes much more business sense to leverage Thrive’s Hybrid Cloud Director to pivot workloads to a Cloud environment. For instance, an organization may have training applications or a portfolio system that need to be in the private Cloud, whether for cyber security reasons or performance reasons. However, there may be other applications housed with a Cloud Service Provider (CSP). The all-or-nothing approach does not apply to modern Cloud computing where everything must be in a public Cloud such as AWS or in a private Cloud. Thrive has built the FinTech Platform to move workloads between a public Cloud and Thrive’s private Cloud infrastructure, and it’s all done seamlessly in a frictionless, compliance-friendly manner.

Compliance Solutions Through the Thrive FinTech Platform

When new SEC and FINRA regulations are announced, Thrive’s Account Management team is in contact with clients to confirm they understand any compliance changes which are relevant to their business. Thrive’s Service Delivery Engineers specialize in financial services applications and are well aware of their critical impact to your business. Senior Principal Consultants, meanwhile, provide advisory services and consult clients on a regular basis to discuss potential risks while developing infrastructure recommendations.

With a steadfast commitment to maintaining customers’ compliance and cyber security postures, Thrive understands the need for ongoing communication and partnership. As such, we create an annual roadmap to inform customers of the following:

• The state of their IT infrastructure
• What peers in the industry are doing
• Recommended investments in their IT infrastructure.

Thrive’s FinTech Platform manages the full investment lifecycle, while our private Cloud platform delivers enterprise-grade service from multiple SSAE 16 SOC 2 data centers. Learn more about our FinTech Platform and what we offer to alternative investment management and hedge fund communities.

How the Newest Task and Project Management Offering from Microsoft Office 365 Can Simplify Your Business

So, what exactly is Microsoft Planner?

Microsoft Planner can enable your firm to organize projects, centrally assign tasks to individuals, set priorities and deadlines, and provide teams with instant progress updates via dashboards. To make life easier there is an iOS and Android app for mobile and tablet devices alongside integration with Microsoft Teams.

Accessibility and Benefits

Third-party project and task management tools come with a price tag requiring integration and an increased cloud footprint. For organizations already taking advantage of Office 365, Microsoft Planner is ready to use with no additional costs or integrations dependent on subscriptions. As part of a subscription, Planner data can be automatically secured inside the Office 365 tenant and protected by an organization’s existing in-place security controls.

Advanced Task Management

Planner understands a completed task is much more than just a tick in a box by offering a simple but enhanced visual approach to teamwork logistics.

Upon creating a task, owners and allocated team members have access to Kanban style boards with buckets and swim lanes allowing employees to set priorities, check project status and achieve deadlines. Checklists and note fields can be created within a task to ensure all steps are completed start to finish including time tracking to better understand and analyze project duration. Dashboards and notifications can be accessed from any devices ensuring your team is up to the minute.

Teams Integrations

Teams is at the forefront of Microsoft collaboration and provides integration across the Office 365 technology stack.

Integrating Planner with Teams is quick and offers the same browser-like experience so your team does not have to break focus by application switching. Planner can be accessed alongside Teams channels and Office 365 group resources including OneNotes providing quick access for setup and use.

Dashboards

Project managers often need a quick snapshot of a project status to report back to senior management and dashboards are the answer. Easy access to real-time data will inevitably give way to increased efficiency from team members. Planner provides preconfigured dashboards out of the box, ensuring team members are always on the same page… or dashboard.

Conclusion

Microsoft Planner is a great tool for any organization with an existing Office 365 subscription looking for a quick and efficient way to manage projects. For now, the task and project management market leaders are still the likes of Asana, Trello, and Microsoft Project. Microsoft Planner is an upcoming and worthy contender in the collaboration and task/project management space.

Why not have a look at Planner today?

The recent attack on Microsoft Exchange Server by Chinese hacking group, Hafnium, has affected thousands of organizations across the country in a brief period of time. Microsoft announced news of the attack on March 2nd, and immediately released urgent patches in an effort to defend against further attacks.

Microsoft detected zero-day exploits used to attack on-premise versions of Microsoft Exchange Server. These vulnerabilities allowed threat actors to access email accounts and install malware to gain long-term access to these environments.

Thrive has responded quickly to assist clients affected by this attack, and will continue to support them in the coming weeks and months ahead.

What Happened with the Hafnium Attack?

Chinese hackers, known as Hafnium, began exploiting Microsoft Exchange servers in early January. These hackers stayed in stealth mode until early March, when Microsoft urged Microsoft Exchange Server users to patch Exchange systems as quickly as possible.

After the announcement by Microsoft, Hafnium switched from stealth mode to a more aggressive scanning of servers across the globe, looking for vulnerabilities. Soon after, additional hacking groups (now believed to be upwards of 10) began exploiting vulnerabilities on servers in over 100 countries.

By accessing servers, hackers were able to:

• Access other systems within an environment
• Exfiltrate data
• Install malware
• View sensitive and proprietary information, including intellectual property (IP) and personal identifiable information (PII)

How Thrive Has Responded

Thrive has worked diligently to assist companies impacted by this recent attack, proactively deploying Thrive’s Endpoint Detection and Response into these environments. As a precaution, Thrive also used advanced endpoint detection to allow our teams to better analyze, diagnose, and prevent future malicious activity.

Meanwhile, our engineering team has worked around the clock to initiate recommended Microsoft and cyber security best practices. Engineers applied the latest patches and scripts to client environments, following Microsoft’s guidance.

Finally, Thrive has also hired a consulting firm to validate that all steps were taken to implement patches properly. We did so in a proactive manner to ensure all processes and precautions were followed.

Next Steps to Take

We highly recommend migrating off of dated legacy platforms and implementing Thrive’s End-User Cyber Security Bundle, which provides several layers of protection for your end users.

This bundle should include:

Endpoint Security & Response

• Thrive’s Endpoint Security and Response service provides Next Generation malware detection & protection for servers and workstations.
• With the advent of sophisticated malware such as file-less attacks and zero-day executables, a feature-rich signature-less endpoint solution is needed in many organizations.
• Our solution offers all of the necessary features to combat advanced endpoint attacks while meeting multiple compliance guidelines that typically require traditional antivirus protection.

Advanced Email Threat Security

• Email Gateway, Advanced Security, and Data Leak Prevention
  • Virus and spam protection
  • DNS authentication and advanced reputation checks
  • Multi-layered malware protection against known and zero-day threats
  • URL re-writing with on-click scans to block malicious URLs in email and attachments
  • Sophisticated protection against social engineering, homoglyph/homograph deception, and impersonation attacks
  • Analysis of internal and outbound URLs, attachments, and DLP checks
  • Continuous rechecking of files for malware
  • Threat dashboard showing cyberthreats relevant to your business
  • Remediation of malicious or undesirable mail controls
  • Signatures, disclaimers, watermarking, metadata scrubbing
  • Content Examination and Data Leak Prevention (DLP) for inbound and outbound mail
  • Easily detect sensitive and confidential information in emails
• Mailbox Continuity and Data Recovery
  • Uninterrupted access to live and historic email
  • 365-day email retention period
  • 100% SLA on email availability
  • Comprehensive continuity event management through service monitors and alerts
  • Rapid recovery and restoration of mail, folder, calendar, and contact data

Secure Internet Gateway

• Thrive’s Secure Internet Gateway (SIG) service is a Cloud-delivered security service that brings together essential functions that you can adopt incrementally, including:
  • Secure web gateway
  • DNS-layer security
  • Cloud-delivered firewall
  • Cloud access security broker functionality, and
  • Threat intelligence.
• Deep inspection and control ensure compliance with acceptable-use web policies and protects against internet threats
• Accelerated threat detection/response and centralized management makes it ideal for decentralized networks

Security & Awareness Training

• Thrive Security Awareness Training (SAT) ensures your employees understand the mechanisms of spam, phishing, spear-phishing, malware, ransomware and social engineering using training materials and targeted user campaigns aimed at improving awareness of and response to security threats.
• Integrates with Active Directory
• Branded Phishing messages
• Leverage a library of Standard and/or ‘build-your-own’ Custom email templates
• Customize intervals and groupings of campaigns and target employees
• Curriculum Builder

Lastly, strengthening the cyber security posture of Cloud and on-premises is crucial. Thrive can provide forward-thinking solutions to protect your important information, including intellectual property and other sensitive data that amount to your crown jewels.

Law firms have often had to bridge a digital divide in handling clients, cases, documents, employees, and more. Now, challenging IT issues like remote work, cyber security, application management, privacy regulations, and data governance have only made it more difficult to remain technologically sound. Yet there is a tremendous opportunity for firms to transform their operations by taking advantage of all that the Cloud has to offer.

At Thrive, we leverage advanced technology to help bring law firms into the 21st century, moving critical applications to the Cloud Workspace and modernizing their IT infrastructure without complicated employee retraining or upscaling. The Cloud also gives law firms the agility and flexibility to not only easily modernize technology, but gain a competitive advantage, because they can seamlessly transition to new practice management software or add cutting-edge collaboration tools that boost efficiency and improve service.

For law firms, the time is now to go all-in on Cloud computing.

Leveraging Thrive’s Robust Cloud Platform

In our experience, most law firms are operating with an IT infrastructure that requires better redundancy, higher levels of security, and remote access. On-premise servers, which require maintenance, a proactive approach, and backups, can lead to IT headaches.

On-premise servers also limit employee productivity to a single desktop or laptop. Without Cloud-enabled virtual desktops, firms can’t empower their teams to succeed in the fast-paced legal world, which largely requires courthouse trips, off-premise meetings, and on-the-go communication.

Deploying a Cloud environment also means debunking some myths perpetuated about access and security.

Myth #1: If I’m in court and the internet is lagging, I can’t get to data.

Reality: Access to applications is available 24/7 from compatible devices. Anyone can work from anywhere.

Myth #2: I don’t trust the cloud.

Reality: The Cloud is highly reputable. Thrive Cloud, our private Cloud service, is hosted in a SOC 2 Type II-certified data center. Building a Cloud platform from the ground up protects valuable client information, going well beyond the entry-level office firewall and providing the ability to encrypt data in transit or at rest.

Reducing Complexities While Gaining Workplace Flexibility

For firms with just one office or a small team, an on-premise server, while outdated, may get the job done. However, an on-premise server is not compatible when satellite offices or remote computing are introduced into the equation. Perhaps a firm has two locations and each has its own server – suddenly, the IT team must manage a disjointed environment, which acts as two separate firms. A clunky, legacy VPN only adds to the frustration.

With remote workforces increasing in prevalence, security is another critical topic of conversation. Recently, a client learned their insurance provider would not renew their cyber policy unless they upgraded endpoint detection and response solutions on each of the firm’s computers. Thrive’s Endpoint Detection and Response protects firms by offering real-time, automated security across all devices – in the office, at home, and on the move.

Thrive’s Cloud Desktop as a Service (DaaS) platform optimizes performance and cost, while providing access to multiple Hybrid Cloud platforms, all managed by our experienced team of engineers. Moving both SaaS-based and legacy applications to the Cloud keeps everything aligned, even when legacy applications aren’t yet ready for that next level of performance. When legacy applications do evolve or become SaaS-based, they can be removed, making way for the newest SaaS-based option.

Law firms can control costs while improving security and resiliency with a Cloud solution, and gain peace of mind knowing important legal applications will be available when they need them most. The knowledgeable team at Thrive is here to help your firm make the move to the Cloud.

Want the best of both worlds when managing the cloud? A multi-cloud approach allows for the strategic use of services from different Cloud providers to optimize performance and cost when running different workloads on different platforms. Thrive recently launched Hybrid Cloud Director to provide clients visibility and management capabilities across the private ThriveCloud, public clouds like Azure and AWS, and on-premise virtual server deployments.

Why the Multi-Cloud Approach Works

We’ll use the example of a thriving e-commerce company to help illustrate the value of the Hybrid Cloud Director. This hypothetical organization wants its resources secured and available 24/7/365, with a need for performance certainty, knowing the resources contracted for are performing at the level required when traffic spikes or seasonal events occur.

These environments will typically be placed in private Clouds. However, if a development team writes new software code for a temporary e-commerce site that is not in the private Cloud, it may lead to the IT team managing workloads in different locations. Plus, it can be a challenge to move the development workload on Azure or AWS to a production workload on the private Cloud without a lot of heavy lifting.

Thrive’s Hybrid Cloud Director does the hard work, and provides visibility into the state of virtual machines, resource usage, and any potential resource conflicts across each Cloud service to ensure smooth performance for users. The platform can work with all of the different environments an organization may have deployed, be it in ThriveCloud, Azure, or AWS, and not only manage workloads, but seamlessly move them between services. It takes only a few clicks to move workloads between clouds, while the platform facilitates everything on the back end.

Cutting-Edge Self-Management Solutions

Thrive has the capability to fully manage multi-cloud deployments, but self-service and direct control of environments may be preferred in many instances. We’ve heard the feedback from those who want that instant access to perform tasks such as virtual machine creation. The old way? Calling a sales representative to create an order for a new virtual machine can take days just to complete the contract. The new way? Within minutes, that machine can be up and running by using the Hybrid Cloud Director.

It’s easier than ever to create new virtual machines, remove machines, or add resources. It’s also easy to log in to the Hybrid Cloud Director and add more storage to machines on the fly if needed, too.

There are Cloud-related challenges, and retaining control over resources and knowing where they’re stored is one of them. Through this single platform, however, clients have visibility and control over their ThriveCloud, Azure, and AWS servers. It’s sort of like the air traffic control platform for diverse cloud environments.

To learn about Thrive’s NextGen Services and what we can do for your organization, get in touch with us today.

Over the past few years, we’ve worked hard to improve how we deliver managed IT services to clients. With the Thrive Platform, powered by ServiceNow, we eliminate many of the IT challenges organizations face on a daily basis.

The platform removes manual error from the equation, allowing tasks to be handled more efficiently, improving the day-to-day productivity of the IT team and saving valuable time. By building on the enterprise-class power of ServiceNow, the Thrive Platform gives clients better access to service and more accurate environment insights, while also transforming how IT is consumed through self-service.

The Power of Self-Service IT

When it comes to self-service, our goal is to streamline the process for employees and organizations. Whether utilizing a managed services provider or an IT help desk, employees may have to place a call or send an email to solve even the simplest of issues, such as changing a password. Gartner Group estimates at least 20% of help desk calls revolve around password resets. With the Thrive Platform, that once-tedious task is simplified by providing an employee a portal log-in, where a password reset takes just seconds.

Organizations can benefit from Thrive in a variety of ways. One example is in the legal profession. I’ve talked to a number of CIOs in the legal world, and it’s clear the top issue they face is maximizing billable hours. Attorneys need to be spending time on what they do best, not waiting for new passwords or finding time to handle application updates on their own time. And that’s just one quick example. There are so many organizations that can benefit from having a platform that:

• Automates IT tasks
• Enables self-service for employees
• Delivers a 360-degree view of an organization’s technology

IT Service Management Drives Efficiency Gains

The Thrive Platform provides a number of benefits to users in SMB, mid-market, and enterprise organizations.

The platform automates the user creation process, so new hires enjoy a streamlined onboarding process that puts them in control. The outdated method of emails, spreadsheets, and manual entry leaves new hires waiting around for access to key applications and programs. The Thrive Platform brings them up to speed almost instantly.

Even when the onboarding process has come and gone, end users have access to helpful knowledge articles, too. These guides allow users to solve their own issues without contacting IT.

The IT team benefits, too, as the platform offers dashboards with reporting information, including service desk metrics and the ability to sort tasks by order of importance. Instead of manual calculations and outdated user issue reports, IT sees the latest trends and knows where to direct resources.

Want to Learn More?

The Thrive Platform offers several advantages, from increased end user productivity to faster support resolution to less IT time spent on tasks.

If you’re interested in learning more about our easy-to-use portal, get in touch with us to schedule a demo today. It’s the best way to experience the Thrive Platform for yourself!

Incident response planning is an important part of any organization’s cyber security program. Having a proper plan in place ensures smooth communications and quick decision-making in the event of a breach or attack.

To facilitate planning, the team at Thrive devises cyber security tabletop exercises to help organizations identify and prepare for various scenarios. The goal is to increase situational awareness and facilitate discussion of incident response.

This invaluable exercise clarifies an organization’s incident response plan, identifying what works and where improvements should be made.

Types of Cyber Security Incidents to Prepare For

An incident can occur at any time and include many variables, so it’s not always practical to write step-by-step instructions for each potential one. However, a tabletop exercise provides clarity on how to handle different types of incidents with an actionable strategy.

First, it’s important to understand the types of attacks that can occur.

• External/removable media: An attack executed from a flash drive, CD, or other device
• Attrition: A brute force attack meant to compromise or destroy systems, networks, or devices
• Web: An attack from a website or web-based application
• Email: An attack executed via an email or attachment (phishing)
• Improper usage: An incident resulting from a violation of usage policies
• Loss or theft: A computing device or media used by the organization, like a smartphone or laptop, is deemed lost or stolen

These categories can be used to define specific responses, as different incidents will require certain response plans.

As the tabletop exercise commences, Thrive runs through various scenarios, discussing proper course of action at each inflection point.

Preparation
Before any technology or business practice discussion begins, a risk assessment will be performed. The assessment can be formal or informal, and enables a full understanding of typical network activity while documenting network infrastructure.

Identification
The mock scenario seeks to detect the incident and determine its reach, while involving the appropriate parties. Information sources will be analyzed, including antivirus logs, server connection attempts, and suspicious network traffic.

Mitigation
The primary goal of mitigation is to lessen the impact of a security incident. It’s generally assumed that incidents will occur from time to time, so containing the incident and mitigating its effects are key. This portion of the exercise includes taking steps to disconnect an infected area from the internet, while understanding how to best throttle or block distributed denial of service (DDoS) traffic.

Remediation
Ensuring impacted services are once again reachable, the remediation stage involves discussing best practices for security patches, antivirus signature database updates, and restoring data from uninfected backups. If disclosed data cannot be recovered, a report must be provided to executive management, and applicable legal and customer teams must be made aware of the issue.

Recovery/Root Cause Analysis
Recovering from an incident is key to future success. The analysis exercise identifies what went right, what went wrong, and provides a timeline of important events. We will discuss the results of the incident, the lessons learned, and explain the steps to take to respond more effectively in case of a real attack.

The Benefits of Completing a Tabletop Exercise

A tabletop exercise raises security awareness within an organization, highlighting what could occur during a real cyberattack. It is meant to highlight deficiencies and weaknesses, so proper steps can be taken to prepare an efficient organizational response in advance.

The exercise determines whether an organization can coordinate communications, business operations, and external parties, with every scenario designed to focus on the likeliest threats.

Thrive provides enterprises with the tools to facilitate a tabletop scenario, but we also have the capability to run the exercise from beginning to end. To get better insights into the readiness of your organization’s cyber security incident response plan, contact our experts today.

The public cloud is in demand for small start-ups and larger existing firms alike. How can you take advantage of all the cloud has to offer?

Here are the benefits to consider when moving from on-premises to cloud computing, including real-life examples from Thrive, Managed Service Provider (MSP) and trusted advisor to the alternative investment industry.

1. Layered Security

Human error is the biggest security risk any company faces. In the cloud, you remove all internal human error from physical data center security. Working with an MSP experienced in creating cloud environments, you have the ability to add layers of cybersecurity around data access.

For example, Thrive applies automated cybersecurity warnings to our clients’ environments to detect any attempted breaches immediately. “One of our hedge fund clients recently experienced an attempted breach, which was immediately identified and blocked via multiple conditional access policies, resulting in zero data loss or compromised accounts,” stated Michael Laudenslager, Cloud Architect at Thrive. “Prior to becoming an Thrive client, that same hedge fund experienced a security breach resulting in data and monetary loss. The breach was not discovered for a few days.”

The importance of engaging a knowledgeable vendor was underscored by a recent survey[i] reporting that security misconfiguration errors accounted for 67% of all cloud data breaches in 2020. An expert vendor will know how to avoid these costly pitfalls.

Another security consideration for moving to the cloud is the outages that data centers can suffer. In the public cloud, you don’t have to worry about the physical security and availability of your company’s data. Mr. Laudenslager cited Superstorm Sandy: “We had clients whose buildings were flooded, and some lost equipment.” The risks associated with on-premises equipment vanish for firms fully invested in the cloud.

2. Cost Reduction and Increased Revenue

Right now, the physical location of your data center is racking up costs for maintenance, energy, a generator, and support personnel. The equipment housed inside will deteriorate over time, giving way to necessary and costly upgrades, on top of software licensing and renewal fees. There is the added expense of Disaster Recovery (DR), which requires a second location to allow seamless transitions from the primary system in the case of a disruption. Switching to a qualified public cloud service provider can reduce these operational costs, as well as infrastructure overhead.

The cloud’s flexibility can also drive revenue. “Our customers are hedge funds, private equity firms, other alternative investment companies, and quant [quantitative] funds,” said Mr. Laudenslager. “When we look specifically at quant funds, they trade by programming. The public cloud’s flexibility and agility support them on high-volume trading days, increasing resources based on the volume of trades.” For these types of funds, prices can drop within seconds, so the cloud’s speed is paramount, yielding increased revenue.

Hedge funds, by their very nature, are ideal for the cloud’s flexibility. The average hedge fund employs less than 20 people. If you have14 people in five countries, you can share the same functionality and save money because you don’t need a data center in every single country or location (an additional cost savings).

Migrating to the cloud can also yield cost savings[ii] by eliminating telecom expenses, offloading storage, streamlining data-intensive processes, and creating a unified infrastructure.

3. Flexibility and Agility

It can take a short amount of time to go from a blank slate to a fully functioning cloud environment depending on complexity and need.  If you only need to use certain parts of the public cloud, such as solely using Microsoft Teams for collaboration, you can be set up and configured in a matter of hours, with zero interruption to workflow.

With the public cloud, you can easily increase computing and trading speed point-to-point from your office to the data center. AWS’s Direct Connect and Microsoft’s Express Route offer different storage tiers and processing speeds. And it’s important to note that the public cloud is completely customizable for speed and resources, depending on your needs.

In addition, the public cloud allows you to process a tremendous volume of workflow, using collaborative SharePoint sites or web apps, without concerns about memory and storage space. And for international operations, you can go global in minutes, setting up operations in the UK or Singapore, enabling you to expand your global business faster and eliminating the need to be physically in those locations.

A 2017 Harvard Business Review study reported[iii] that “business agility/flexibility” was the primary reason companies either migrated fully to the cloud or adopted a hybrid cloud architecture.

In this fast-moving, agile world we now live in, the public cloud gives your IT infrastructure flexibility to keep up with business, social, and/or environmental changes that may materialize.

4. The Public Cloud Is Always Progressing

New functionality is updated daily in the cloud. At Microsoft alone, just under 1,000 new features are currently at various stages in its roadmap. However, your firm doesn’t have to lift a finger to accommodate these upgrades-—an experienced cloud provider handles all these new functionalities and administers all your software upgrades for you.

As the adoption of the public cloud is exploding, you as a customer are constantly benefitting from extensive R&D and testing. Your company gains from all these innovations without having to undergo the costs of testing or any potential issues that arise during the testing process.

Recently the cloud has been constantly innovating[iv] in response to the pandemic, as enterprises’ IT infrastructures become more complex and remote working expands to home offices and devices.

Lastly, cloud providers build compliance tools and configuration options into their infrastructure, so you have peace of mind your technology solutions are compliant. These compliance features enable you to easily configure and/or audit your environment to address discrepancies in governing body regulations and compliance policies, making it easier to adhere to government regulations.

In the world of alternative investments and hedge fund cybersecurity, there’s nothing you can’t get in the cloud. If you’re interested in learning more about what the public cloud has to offer—security, flexibility, cost savings, and increased revenue—let’s talk about the best solution to meet your business requirements.

[i] Security Magazine; Nearly 80% of Companies Experienced a Cloud Data Breach in Past 18 Months; 6/5/20

[ii] InfoWorld; Where to look for cost savings in the cloud; 3/16/20

[iii] Data Kitchen, Your Cloud Migration is Actually an Agility Initiative; 9/10/20

[iv] The Cube on Cloud; 12/21/20

Today, it’s hard to go more than a few days without hearing of some sort of cyber security issue or breach on the news. Cyber security isn’t just a “set it and forget it” type of endeavor — it’s something that requires planning, detail, and attention.

Thrive’s Cyber Security Bundle leverages best-in-class technologies to educate and ultimately protect end users. We’ve worked hard to protect businesses and organizations by preparing a multi-layered cyber security plan that mitigates the enormous consequences a data hack can have.

Protect Against a Potential Data Breach

Data breaches affect organizations in many ways, both monetarily and psychologically. It’s possible the issue may be smaller in nature; perhaps an employee’s laptop is infected with ransomware, causing a lost day of work or decrease in productivity. The employee may have had personal information on that laptop, even if it was a work-issued device.

If a large-scale database hack were to happen, that personal information exposure may be more widespread. The database could hold valuable client information, including usernames, e-mail addresses, and phone numbers, and the PR ramifications can be immense.

No solution provider can promise organizations they will never be breached. A company that stays in business long enough may deal with a cyber security issue at some point, but it’s imperative to create layers of security to protect the organization.

Just five years ago, it was widely believed antivirus software on a workstation and a firewall would do the job. Today, with many people working from home, the firewall idles in the office while antivirus protection only does so much. More specifically, signature-based antivirus protection may not catch a malicious file, which is why we look at anomaly-based antivirus protection while adding a cyber security bundle to deliver best-in-class endpoint security.

Targeted Cyber Security Training That Informs

Thrive’s Cyber Security Bundle offers protection for end users against:

• Malware
• Social engineering
• Phishing
• Ransomware

One of the top bundle benefits is the targeted training it provides for employees. It’s easy to tell someone not to click on a phishing email, but is that practice being followed? Thrive sends simulated phishing messages, changing the patterns and language to make each one a challenge. While we do inform organizations that these simulated phishing exercises exist, they are designed to mimic the real thing. This is all in the name of better informing end users so they can easily pick up on real phishing attacks.

We devise quarterly training for organizations through videos, too. These videos are short, typically around five to 15 minutes in length, and discuss important topics like what phishing emails look like, social engineering, and how to create strong passwords. Security and IT can have a negative connotation and imply a broken process that needs fixing, but these training videos open the lines of communication and provide end users with the information they need.

Educating and protecting end users mitigates data and productivity loss, which is why Thrive offers end user security solutions through our Cyber Security Bundles. Find the right fit and bring your cyber security practices up to speed today!