How does Secuvant help me make money with cyber security?
Information security can help enable your customers and employees be more efficient, and increase trust to do business with your company. There are ways Secuvant can help your customers get access to information quicker, more securely and have a better experience that will increase repeat business. It has been shown that customers pick providers that they trust. By using security as a marketing tool you can increase the likelihood of customers doing business with you. We can also help you better use tools like Single Sign On and strong authentication to improve customer satisfaction. We can protect the money you do make from mistakes, misuse and malice. There are other ways too, depending on your market and strategies.
Secuvant is independent, what does that mean?
Secuvant does not sell any software or products. We act as your security department focused on your needs and requirements. In fact we have a service that is called virtual CISO that allows you to have the security expertise on staff without the high cost of hiring someone full time. We work for you, and evaluate your security vendors and investments. We don't try and sell you software and hardware like other firms.
What is the secuvant maturity model?
Secuvant has created a model where we can score your security posture on a scale from 0 to 5 based on risks to your business. I identify the gaps in your security posture and programs and then create a comprehensive security program that can improve your security while enabling your business. It is unique in that we focus on enabling your business, not just locking things down. The more secure you are, the more efficient your business processes are and the lower the costs of security becomes.
What type of scanning do you do for free?
For qualified customers we will scan 5-10 different devices (Windows, Linux, Mac, iPhone, iPad, Android) at no cost. This consists of two scans, one for security that shows vulnerabilities on the device and the second that will identify vulnerable data like credit card and social security numbers. There is no hardware to install, nothing to plug into your network, and we can do this 100% remotely. It only takes about an hour and the results are impressive.
How does Secuvant help lower my risks?
Secuvant has a very formal process based on industry standards like ISO and CoBit that will identify your risks and gaps. These risks are then mapped to the way we can address them, including mitigation, assignment and acceptance. We act as your security department, and manage these risks with our 24x7 Security Virtual Security Operations Center (SOC) that includes complete intrusion detection and incident response to reduce risks. We have a very unique maturity model that we create a comprehensive security program that manages new and changing risks as well.
We don’t have any critical data, so if we get hacked it is no big deal. Why use you?
Information security is only one part of an overall security program. It is an important part but not the only thing you should be considering. You have other risks and liabilities including preventing mistakes, misuse by insider threats, malicious attacks that can compromise your systems just to use them to attack a partner, customer or even other employees. Your liability goes far beyond just the data. There are issues to protect your financial systems, employee confidential information, intellectual property and other areas of due diligence including government required compliance and procedures. Another major concern is disaster recovery and business continuance that can prepare you if a major event happens. Can your company survive if your computers are down for a week? A month? What if your building is damaged beyond repair? These areas are part of the business enablement focus that Secuvant provides.
We already have an IT service provider, and they do security, so why do we need Secuvant?
Most IT managed service providers are focused only on the ‘break/fix’ part of IT, installing desktops, fixing machines when they break and updating software. While this is a great service it is not security, even if includes end-point protection like anti-virus software. In fact, we COMPLIMENT your IT managed provider with our solutions. Secuvant is independent, so we don’t conflict with their business. An IT generalist is good for your IT service, whereas Secuvant does security only. We do things they do not like vulnerability management, scanning, intrusion detection, log collection, event management and alerts and we have a complete 24x7 Security Operation Center (SOC) watching your security. It is an excellent compliment to the service you are already getting from your IT provider.
We already have IT employees so aren't we already covered?
I am sure your IT people are a great asset to your company, and are needed. But just like in other professions there are specialists that bring a deeper level of understanding and expertise. Information Security takes a very specialized skill set that most IT Generalist do not provide simply because it is a full time endeavor above and beyond just IT. Secuvant will compliment your IT team the same way a specialist Dr. compliments your primary care physician. We have the capabilities, tools and knowledge of over 100 years of experience that is no longer a nice to have. A dedicated Information Security practice is now required for all businesses, large and small.
What do you do about Compliance like PCI, HIPAA and others?
Compliance is a key part of security, but as the saying goes, “compliance is not security.” Secuvant uses industry standards, including compliance requirements, to determine both your baseline status today and in development of your security program. It is critical that your policies, procedures and governance all follow guidelines that allow your company to prosper and comply with the law. We will help you manage these programs, comply to their requirements and manage any auditing and reporting requirements you need.
We are too small to have any security problems, right?
No. Hacking and cyber threats are increasing daily and no business is immune, regardless of size. Tricks and tools have become so easy to use to hack into a company that all businesses are targets. Until now, enterprise grade security was only for those who could afford it. This is why Secuvant was founded, to provide this high quality, world-class security solutions to small a medium businesses at a much lower price point. You have security holes. 60% of all hacks are to companies with less than 100 employees, and 44% of small businesses have been hacked. (Verizon breach report, 2014). So, small businesses actually need to have MORE security than big business, not less.
What services does Secuvant offer?
Secuvant is an independent provider of managed cyber security solutions, with a focus on Business enablement, (not just lock down). Please see all of our available services on our website, but this includes:
- Complete Managed 24x7 Security Operation Center (SOC)
- Vulnerability Scanning
- Cyber Security Gap Analysis
- Network and systems scanning and assessments
- Penetration testing
- Cyber Security Maturity Modeling
- Security Business Impact Analysis (SBIA)
- Vendor evaluations / RFP response and evaluations
- Virtual Chief Information Officer
- Security Consulting
What is Secuvant Managed Security Service?
Secuvant can provide complete end-to-end security services, including a team of experts, to watch your security for a fraction of the cost of hiring even one person. Secuvant will proactively mange your security for all your devices (servers, routers, switches, firewalls, IDS, etc.) using our cloud based Elastic Security Operations Center (eSOC). We can see real-time threats, prevent vulnerabilities, scan your endpoints and give you complete visibility into your security posture and programs. We can respond to security incidents, provide consulting to you and your staff regarding issues and questions, and with our managed service you don’t have to buy any tools! We bring it all to the table in a complete finished service, ready to create a complete program to secure and enable your business.
Do you do Intrusion Detection (IDS)?
Yes. Secuvant can provide reactive and proactive scanning along with real-time Intrusion detection on our network and systems with our cloud based eSOC (elastic Security Operations Center) technology. We can send alerts to our team and respond accordingly to any threats that are discovered. We can also manage any IDS systems you already have in place. Since Secuvant is an independent security provider we will not sell you an IDS, but we are happy to recommend any hardware that will fit into you organization that you purchase from your favorite vendor.
Why do I need Secuvant if I already have a firewall?
Security is about having multiple-layers and a firewall provides a critical layer, but it is only one of many areas that you need to consider. Secuvant can show you the gaps you may have in your security, where your security baseline is today and create a comprehensive security program to get your business at the optimal level of security and cost. A firewall is a great start, now let’s take security further to enable your business.
I have my own IDS and Firewall, why should I consider your services?
That is great, and a necessary piece to security, but there is much more that needs to be done to protect your business. Secuvant is an independent security firm so we will work with any and all investments you have already made into securing your environment, including IDS, Firewalls, routers, switches, servers, end-point protection and more. Secuvant’s complete security solutions will make sure you have everything you need to fill the gaps that you need covered.
What is the Gap Analysis you provide?
Secuvant has a very well defined methodology that covers over 100 areas of cyber security for small and medium businesses. These areas are based on industry standards and governance requirements that are applicable to your market. We use both quantifiable and qualified information to find the gaps in your current posture. We use a combination of scanning tools, workshops and our own modeling to find and address gaps that will enable your business to address risks. Using this model we identify all known risks, and give you recommendations on how to address them. You then make business decisions on where you want to take your strategy, with our help. The Gap analysis will be used to create a comprehensive security program customized to your business.
Do you have a security assessments to find out where we are today?
Yes. Secuvant has a very well defined methodology that covers over 100 areas of cyber security for small and medium businesses. These areas are based on industry standards and governance requirements that are applicable to your market. We use a combination of scanning tools, workshops and our own modeling to find and address gaps that will enable your business to address risks. Using this model we identify all known risks, and give you recommendations on how to address them. We also can provide penetration testing, network and systems scanning and recommend external auditors that may help with your governance requirements.
Why is Secuvant different from other MSSPs?
Simply put, we take Cyber Security from an business ENABLEMENT point of view, not a lock down and prevent angle. We start with Business drivers and processes, and map your security strategy to your business needs, not the other way around. Other MSSPs simply take a technology approach, selling you software and hardware that just adds complexity instead of enabling you do to business more effectively. We want you to make more money, save money and reduce risks. We know business and security, the ultimate combination.
We just had an audit, so do we need Secuvant?
Yes, even more so now that you know what the audit findings are that you need to address. Audits are a good idea, both internal and external, when it comes to cyber security. However, they are just informational and you must take action on the findings. This is where Secuvant can help. We can address risks identified in the audit, help you plan for future requirements, improve your governance and compliance response, and create an ongoing cyber security program to proactively address future audits.
How much do Secuvant services cost?
Less than you think, and less than doing security yourself. Secuvant has created a way to deliver enterprise class cyber security for a small business price. This includes everything from our managed security offerings to our consulting services. We can create a monthly program that brings an entire team at your disposal for much less than it would cost to hire even one new security expert full time, saving you time and money.
What tools do you use to manage our security?
Secuvant uses a combination of industry standards, state of the art cyber security tools for scanning, testing, and management along with unique intellectual property that only we can deliver. We have partnerships with world class providers like Trusted Metrics and can also manage the technology you already have an investment it, saving you time and money.
When you say enable business, what does that mean?
Traditionally cyber security has had two sides of the equation: increase security or increase usability. These opposing sides have been at odds in the past, so that if you increase security you lock down the ability to be productive. And if you decrease security and increase usability you may leave your business open to risks. Secuvant has found a way to enable you business at the same time you increase security and decrease your risks. We do this by taking the requirements from your business first, including employees, customers, partners and we incorporate methods and models that allow to apply security standards and objectives that increase their effectiveness. This is a unique approach that turns cyber security from a cost center to an enabler and revenue producer. We can show you how we do this for your business anytime.