Robert S. Mueller, III, Past Director FBI
“I am convinced that there are only two types of companies: those that have been hacked and those that will be. And even they are converging into one category: companies that have been hacked and will be hacked again.”
Robert S. Mueller, III, Past Director FBI
Cyber security is an increasingly vital business function that is significant to every aspect of corporate health. An appropriate and proactive cyber security function directly impacts:
Cyber-attacks are evolving rapidly, becoming more frequent, and are increasingly dangerous to on- going business operations. The risk of cyber threats is not new, but the levels of sophistication; the speed of attacks, and the severity of damage that can be inflicted are alarmingly ‘new’.
With stakes so high, organizations must understand their cyber security risk tolerance and how they will respond to cyber security threats. Many senior level executives are unaware of their responsibilities to manage compliance, and to affirm for customers, stakeholders and employees, that appropriate safeguards are in place.
In response to this urgent need, Starport Managed Services has introduced a suite of services that will help organizations of all sizes build a defence, and protect themselves from data loss, business disruption and possible extortion.
Starport delivers its cyber security services through its team of security professionals located at Starport’s Security Operations Centre (SOC). The security operations center staff is comprised of IT security professionals who work together to detect, analyze, respond to, report on, and prevent cybersecurity incidents.
In response to this urgent need, Starport Managed Services has introduced a suite of services that will help organizations of all sizes build a defence, and protect themselves from data loss, business disruption and possible extortion. Starport delivers its cyber security services through its team of security professionals located at Starport’s Security Operations Centre (SOC). The security operations center staff is comprised of IT security professionals who work together to detect, analyze, respond to, report on, and prevent cybersecurity incidents.
Each service is described in the sections following.
Starport’s CyberAudit is a service in which we conduct a deep analysis and review of your current IT defences and procedures, and provide you with a detailed review of your organization’s ability to protect its information assets and to defend itself against cyber threats.
A CyberAudit looks beyond pure technical readiness for cyber threats by taking a rounded view of people, processes and technology, to enable you to understand areas of vulnerability, identify and prioritize areas for remediation and demonstrate compliance; turning information risk to business advantage.
Upon completion of a CyberAudit, you’ll receive a report that provides a comprehensive view of your organization’s level of cyber maturity. We will look at:
After the completion of a CyberAudit, the next step many organizations will take is to implement some or all of the recommended changes to their processes and IT environment.
Some of the typical implementation outcomes of Starport’s CyberConfig may include:
The 7×24 cyber monitoring appliance will generate reports on a periodic or “on demand” basis. It will be configured to meet established specifications to ensure continuous, effective monitoring.
At the conclusion of the CyberConfig stage, your IT environment will be updated, secured and ready for continuous monitoring and reporting.
After the Cyber Security environment has been configured, the analytics and data produced by Starport’s Cyber Security appliance will be monitored by Starport’s SOC. Starport’s SOC is staffed by IT security professionals whose goal is to detect, analyze, and respond to cybersecurity incidents using a combination of technology solutions and established processes.
Staff at our SOC monitor and analyze activity on networks, servers, endpoints, databases, applications, websites, and other systems, looking for anomalous activity that could be indicative of a security incident or compromise.
Provide periodic updates as to cybersecurity legal requirements, as these evolve through changes in law and regulatory guidance.
Our Penetration Testing methodology seeks to uncover vulnerabilities residing in IT systems, applications or network components and attempts to exploit them to obtain access to sensitive information.
Our security consultants are skilled at identifying weaknesses that others (except cyber thieves) overlook. Our staff are continuously updating their skills, learning new ways to evade controls in modern networks. We take the time to understand each of the in- scope components and their role in the overall system and custom tailor our approach to each environment we assess.
A penetration test should ideally be conducted by every organization on an annual basis. It is a very thorough; usually taking 2-3 days to complete over an elapsed period of one week. At the conclusion of a penetration test, any areas of defence that need to be reinforced will be identified and reported to you.
You might have top-of-line Cyber security, but if you don’t have policies documenting your practices, you’ll be significantly disadvantaged. Your Cyber security policies form the core of your Cyber security program, as they are the basis for employee training and the baseline for updates as Cyber security standards evolve, and – perhaps most importantly – provide evidence to regulators that you have a documented Cyber security program in place should the need ever arise.
As part of its suite of Cyber Security services, Fasken and Starport will document your Cyber security program, and will update same as your Cyber security program is updated.
Your people are at the front line in the cyber- war. The most pervasive threats, including Phishing and Ransomware, target users to breach your security defences.
Statistics and studies around the Internet paint a grim picture:
Starport’s CyberLearn on-line portal provides users with Security Awareness Training that breaks down key security concepts and threats into plain English and real-world stories, so anyone can understand and know how to manage cyber-threats.
With its modular design, Starport’s CyberLearn presents each topic on a self-contained basis. New modules are added as new threats and subject matter areas emerge. The current topics available in CyberLearn include;
MANAGED SECURITY SERVICES PROVIDER
Managed security services is a systematic approach that Starport has designed in order to manage an organization’s security needs.
Under Starport’s watch, we oversee your network and information systems security. Our services are centred around functions that include round-the-clock monitoring and management of intrusion detection systems and firewalls, overseeing patch management and upgrades, performing security assessments and security audits, and responding to emergencies.
Starport combines its rigorous procedures, with products that are available from a number of vendors to help organize and guide the procedures involved. This diverts the burden of performing the chores manually, which can be considerable, away from administrators.
STARPORT MSSP CREDENTIALS
As a leading provider of MSSP services, Starport has been selected to present and convey this critical subject matter to members of the GTA financial community. Starport has a primer regarding security that it delivers to business executives in a format that is clear, non technical and easy to understand.