Skip to the main content.
Government Programs
Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support

Book GP Demo

Professional Services
Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Risk Assessments
vCISO
Penetration Testing

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.

CONTACT US

Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.

SIGN UP

Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

2 min read

Attackers Don't Break-in. They Log in.

Cybersecurity used to involve a fairly straightforward set of technical controls that kept networks secure and data backed up in the event of a system failure. To do this 10 years ago, IT needed to implement firewalls and antivirus and perform patch management, and data backup. Today, cyberattacks against small businesses rely almost exclusively on tricking employees into giving up credentials or deploying malware.

Today’s malware commonly defeats old-fashioned antivirus, destroys backups, and demands an exorbitant ransom to restore encrypted data that the business literally can’t live without. Attackers use cloud-based email services to perform reconnaissance and trick users into allowing wire transfer fraud to send tens and hundreds of thousands of dollars to irretrievable foreign accounts. 

“It’s not that the attacker is breaking into your network anymore. They’re logging in.”

New call-to-action

As TK Keanini from Cisco said, “It’s not that the attacker is breaking into your network anymore. They’re logging in.”

Solving these new challenges requires more than a set of tools. Human capital (talent) and effective processes must be factored into the equation in order to provide adequate risk management. Talent, in particular, is hard to come by, with an estimated shortage of 3.5 million workers in cybersecurity by 2021

IT departments who attempt to provide adequate cybersecurity risk management without the aid of specialists find out quickly that, while the cybersecurity market is brimming with the latest tools, there’s no talent to be had. Moreover, an efficient and effective process is something that takes a while to develop and mature. 

IT departments  are now looking for outside assistance to address these additional problems and mitigate risk.  Companies understand that they must have effective people, process and tools in order to defend networks today. Given the talent shortage and advanced threats they and their clients face, many realize it’s time to bring in a cybersecurity partner. 

This can be tricky, especially explaining to executives who don’t understand how the cybersecurity landscape has changed over the last few years. It can be  difficult to explain that the four pillars of traditional IT Risk Management (firewalls, anti-virus, patch management, and backup) are no longer enough to mitigate the risk from today’s cybersecurity threats. 

Here are talking points IT Departments can use to help explain to Executives today’s cybersecurity threat landscape:

bullet_Attacker

 

Attackers are now tricking users into doing the hacking for them, and users need to be trained and tested to make sure they aren’t easily fooled into letting hackers into a small business’s network.
   
bullet_Malware

 

Advanced malware can slip past antivirus defenses, and hackers can now “live off the land” to avoid detection.
   
bullet_Email

 

Hackers are very interested in email systems, which contain lots of information about how the business operates, especially how the business sends and receives money. Having Two-factor or Multi-Factor Authentication (MFA) helps tremendously.
   
bullet_Network

 

Once in, hackers spend enough time inside a business’s network to find out where the backups are located, destroy the backups, and then encrypt all of the business’s data before asking for a ransom in Bitcoin that can run between $500,000 and $5,000,000. 
   
bullet_Combat

 

In order to combat these advanced threats, businesses need proactive security controls that require expert cybersecurity professionals.
   
bullet_Cybersecurity

 

Its best practice for IT departments to partner with dedicated cybersecurity services partners to gain access to the right talent and processes necessary to assure protection against these advanced threats.

 

These simple talking points allow IT Departments to explain to their Executives what’s going on with cybersecurity and why the company is partnering with advanced cybersecurity providers like Ingalls Information Security to deliver effective risk management to the clients. 

If you’d like to discuss how Ingalls can help navigate this process, please contact us here. One of our cybersecurity experts will be more than happy to assist you and answer any questions you may have.

A How-to-Guide to Defend Against Phishing Attempts

A How-to-Guide to Defend Against Phishing Attempts

Phishing attacks use email or malicious websites to infect your machine with malware and viruses in order to collect personal and financial...

Read More
A How-to-Guide for Multi-Factor Authentication

A How-to-Guide for Multi-Factor Authentication

Have you noticed how often security breaches, stolen data, and identity theft are consistently front-page news these days? Perhaps you, or someone...

Read More
Cybersecurity While Traveling

Cybersecurity While Traveling

In a world where we are constantly connected, cybersecurity cannot be limited to the home or office. When you’re traveling— whether domestic or...

Read More