Cybersecurity
Cybersecurity is top-of-mind for virtually all organizations. Preemptively evaluating Cybersecurity risk exposure at the enterprise level is critical. This is more than just an IT concern. Every day in the news there are stories about companies being breached by nation states, hacktivists, organized crime, insiders and competitors.
Let the IT Security experts at JC Jones help your organization improve its overall Cybersecurity posture and control cyber risks.
Do You Know Where Your IT Risks Are?
Companies must evolve to address changing technologies, such as mobility, unstructured data, social media, and cloud computing that expand the network edge, and the attack surface adversaries could exploit.
JC Jones Cybersecurity Services
Governance and Risk Assessments
Design and evaluate the structure and oversight of the entity’s Cybersecurity risk management program and common security framework.
Cybersecurity Controls
Design and evaluate the processes and controls that managed Cybersecurity risk exposures, including system security settings, policy and standards reviews, IT general controls, and mobile computing.
Cyber Health Check
One-off or periodic health check against critical cybersecurity controls for companies that don’t want to incur the expense and labor requirements required for a more exhaustive framework like NIST or ISO.
Regulatory and Compliance
Assist client to assess corporate cyber disclosure compliance structures, processes and controls against leading practices.
Attack and Penetration Assessments
Assessment of Company’s perimeter and systems in an attempt to proactively breach vulnerabilities to identify gaps for remediation.
Sustainable Cyber Defenses
Cybersecurity is a business issue that exceeds the boundaries of IT and needs to be managed with as much discipline as financial risk.
JC Jones is a premier business partner helping companies realize the value of Cybersecurity by:
- Identifying the real risks, the most important information and the threat exposure
- Protect what matters most through strategy and processes balancing existing and emerging threats
- Optimize for business performance, aligning security needs across the organization and balancing security spend
- Sustain an enterprise program, establishing good governance and security practices and measuring performance
By 2020 there will be 200 billion connected devices around the world. Any connected device, from mobile devices to smart homes to connected factories, are vulnerable to cyber attack and must be protected and monitored.
Existing Cybersecurity Threats (a limited list)
Social and Email Phishing
Target: Individual Users
Purpose: Use fake social profiles and email addresses to build trust and/or gather pre-attack intelligence
Malware, Zero-Day and Botnets
Target: Endpoint systems and servers
Purpose: Obtain access to systems, create backdoors, and establish command-and-control over large network of devices
Passwords and Configs
Target: Endpoint Systems and Servers
Purpose: Initial penetration, expansion of reach and escalation of privileges
Distributed Denial of Service
Target: Network and application infrastructure
Purpose: Cause operational disruption and create a diversion for other attacks
Smart and Mobile Hacking
Target: Smart devices, mobile devices and embedded services
Purpose: Gain access to user data through vulnerable mobile OS and apps via this new attack surface and entry point to enterprise networks
SQL¹ Injection
Target: Database servers
Purpose: Obtain sensitive account and user credentials, and steal sensitive data.
Data Analytics and IT Services: Areas of Expertise
Interim IT Management
Data Analytics
IT Systems Selection and Implementation
Cybersecurity
