Skip to the main content.
Government Programs
Integrated technology, solutions, and services that support rapid innovation within the DoD ecosystem.

CMMC Preparation & Assessment
Cybersecurity Assurance Readiness (CSAR®/RMF Pro)
ATO/RMF Support

Book GP Demo

Professional Services
Expertise in security strategy, incident response readiness, policy development, and risk assessments.

Risk Assessments
vCISO
Penetration Testing

Book ProServ Demo

Digital Forensics & Incident Response
Are You Under Attack?

If you are concerned about a potential threat or are experiencing a breach, contact our 24/7/365 emergency hotline at 888-860-0452.

CONTACT US

Subscribe-to-NetSec-News-v4Subscribe to NetSec News

Sign up to receive our biweekly newsletter that covers what's happening in cybersecurity including news, trends, and thought leadership.

SIGN UP

Ingalls Information Security

At our core, Ingalls is a company that strives to be helpful to our clients while continuously innovating and evolving our technology and solutions. Since 2010, we have been dedicated to building a team and product that can stay steps ahead of threats, attacks, and vulnerabilities in an ever-changing landscape.

Meet The Leadership Team

2 min read

Articles of interest from the week of October 18, 2021

Attack Surface Larger Than Ever As Organizations Shift to Remote and Hybrid Work

With end-users working from anywhere – in some cases using personal devices to access cloud apps and corporate resources – the attack surface is larger than it has ever been. And many IT organizations are struggling to defend it. As the study found: (By Help Net Security) Ingalls: Organizations that are shifting to remote and hybrid need to implement a defense-in-depth approach to cybersecurity to mitigate cyberattacks. Our Managed Detection and Response (MDR) service is designed for advanced detection, threat hunting, anomaly detection, and response guidance utilizing a defense-in-depth approach that monitors and correlates network activity with endpoints, logs, and everything in between.


Why Cyber Security and Regulatory Compliance Are One and the Same

Cyber security and regulatory compliance have long been considered two largely separate issues, but the time has come to break them out of their silos and manage them together. This approach brings many advantages says Maciej Dziergwa. (By Maciej Dziergwa, National Cybersecurity News Today) Ingalls: In matters of security risk and assessment, we believe that risk drives security and security drives compliance. Compliance should never drive security Typically, the only security risks businesses identify are security compliance laws and requirements. Most businesses do not even know if they need to follow these regulations or not because they have not performed their IT security risk assessment. It is vital for a business to identify the IT environment and infrastructure to figure out the vulnerabilities, identify threats and understand the potential capabilities of attackers. Once the risk assessment is done, we can apply effective security controls to mitigate the risk. Compliance reports can then be generated to confirm you are compliant with all regulations.


Supply Chain Attacks Are the Hacker’s New Favourite Weapon. And the Threat Is Getting Bigger

Compromising a business supply chain is a key goal for cyber attackers because by gaining access to a company that provides software or services to many other companies, it's possible to find a potential way into thousands of targets at once. (By Danny Palmer, ZDNet) Ingalls: The conversation around cybersecurity amongst executives and IT professionals must evolve. Cybersecurity encompasses a large ecosystem that requires its own mastery of the discipline, separate from IT administration. Threat actors, whether nation-state sponsored or independent criminal gangs, are exploiting gaps that result from immature and underfunded security postures - and they are growing in sophistication, targeting more critical infrastructure and services at a break-neck pace and critical scale. It is time to see investing smartly and effectively in cybersecurity, and bringing expertise around it to the decision-making table, as an existential imperative. Contact us today to learn more about how we can help secure your company's information in a personalized and efficient way. 

 

83% of Ransomware Victims Paid Ransom: Survey

A new survey of 300 US-based IT decision-makers found that 64% have been victims of a ransomware attack in the last 12 months, and 83% of those attack victims paid the ransom demand. (By Jonathan Greig, ZDNet) Ingalls: Broadly speaking, it’s better to not pay and so if you can, you should avoid doing so, but often this is not a viable option. So what are some of the considerations, when thinking through the Ransomware payment question? To learn more read our blog post, Ransomware, To Pay Or Not To Pay?


What Is Proactive Cybersecurity?

Most organizations take what you might call an active approach to cybersecurity, They’re prepared to do certain things once an attack happens. Or, they take a reactive approach, taking action after an attack is completed. A proactive cybersecurity strategy is about acting before any attack occurs; it’s a good cybersecurity posture of readiness (By Mike Elgan, Security Intelligence) Ingalls: If your business operations were idled for a one-two week period due to a cybersecurity incident, could the business survive? If your business had to explain to regulators, clients, or third-party vendors or partners how it got hacked, could it survive, or would it lead to business failure and shut down? If the answer to either of these two questions is NO, then the business cannot afford to get hacked and must develop a proactive strategy to minimize cybersecurity risk as well as the time necessary to respond and resolve successful attacks. Click here for more details on how to pick a cybersecurity risk management strategy.

Sign Up For Network Security News

Articles of interest from the week of December 12, 2022

Notice of Recent Security Incident - The LastPass Blog LastPass has determined that an unauthorized party, using information obtained in the August...

Read More

Articles of interest from the week of November 14, 2022

New Extortion Scam Threatens To Damage Sites’ Reputation, Leak Data An active extortion scam is targeting website owners and admins worldwide,...

Read More

Articles of interest from the week of November 1, 2021

‘Tis the Season for the Wayward Package Phish The holiday shopping season always means big business for phishers, who tend to find increased success...

Read More