{"id":41584,"date":"2020-09-17T13:38:01","date_gmt":"2020-09-17T20:38:01","guid":{"rendered":"https:\/\/www.enxmag.com\/twii\/?p=41584"},"modified":"2020-09-17T13:38:04","modified_gmt":"2020-09-17T20:38:04","slug":"dealers-travel-an-endless-road-in-providing-security-solutions","status":"publish","type":"post","link":"https:\/\/www.enxmag.com\/twii\/feature-articles\/2020\/09\/dealers-travel-an-endless-road-in-providing-security-solutions\/","title":{"rendered":"Dealers Travel an Endless Road in Providing Security Solutions"},"content":{"rendered":"\n
\"\"<\/figure><\/div>\n\n\n\n

Take a deep breath and relax. Sure, that sounds like a good\nway to de-stress, right, particularly during this ulcer-inducing time. Everyone\njoin in…<\/p>\n\n\n\n

Not so fast, there, security solutions providers.<\/p>\n\n\n\n

OK, so we tease, but the sad reality is that security\ncurrently, formerly, and forever will remain an open-ended proposition,\nperpetually in need of vigilance, updating and modification as cyber threats\ncontinue to evolve and find new ways of infiltrating defenses. Thus, it falls\nupon dealers and the in-house or third-party provider solutions to ensure they\nare maintaining a sophisticated, up-to-date security component.<\/p>\n\n\n\n

\"\"
Keith Adams, Les Olson Company<\/figcaption><\/figure><\/div>\n\n\n\n

Sadly, there is no rest for dealing with the wicked. Just\nask Keith Adams, vice president of IT for Les Olson Company of Salt Lake City,\nwho stresses the need to resist human nature in believing a provider has done\nall that it can do.<\/p>\n\n\n\n

\u201cConstant review of solutions and advancements in the\nindustry are essential,\u201d he said. \u201cWe have to always take the position that\nthere is no guarantee with any product or process. We must strive to\nidentify the gaps in products and procedures as well as new avenues of\nexploit.\u201d<\/p>\n\n\n\n

While there is no true solution that covers all risks, Adams believes that vigilance in bringing best-in-class products and ensuring their proper implementation enables his dealership to remain open to new ideas and systems that will continue to mitigate those risks.<\/p>\n\n\n\n

Constant Vigilance<\/strong><\/p>\n\n\n\n

\"\"
Paul Hager, Gordon Flesch Company<\/figcaption><\/figure><\/div>\n\n\n\n

There is a certain degree of skepticism that is beneficial\nto triggering a defensive mindset. Acknowledging the inevitability of threats\nand exploitations helps keep providers such as Elevity, a Gordon Flesch\nCompany, on its toes. As long as bad guys keep winning somewhere and in some\nfashion, Paul Hager, director of solutions for the dealer, has a duty to\nperform.<\/p>\n\n\n\n

\u201cThreats are always evolving and the bad guys are winning,\u201d he said. \u201cThis demands that best-in-class protection offerings be layered on top of one another so when one is subverted there are additional layers to prevent or alert on breaches.\u00a0A data breach is unfortunately not a matter of if but when for most companies. Time to detection and response are key in stopping attacks.\u201d<\/p>\n\n\n\n

No Time for Complacency<\/strong><\/p>\n\n\n\n

\"\"
Jeff Leder, Impact Networking<\/figcaption><\/figure><\/div>\n\n\n\n

Not to pat the cybersecurity defense community on the back, but threat detection has come a long way from where it was even just a few short years ago. Jeff Leder, director of managed IT security services for Impact Networking of Lake Forest, Illinois, notes that advanced persistent threat (APT) dwell times have decreased, an indication of the maturity of the cybersecurity industry in general. Naturally, quicker detection of an APT is only the beginning of the process, and Impact Networking enhances its game by employing a red team (attacker)\/blue team (defensive) scout team of sorts to ferret out the latest methods employed by bad actors.<\/p>\n\n\n\n

\u201cAs we continue to develop our capabilities for emulating\nattackers, we stay up to date on what are the various tactics and techniques\nthey\u2019re using to break into environments,\u201d Leder said. \u201cWe then compare that\nagainst our control set, our solution set, to ensure that the SOC is able to\nideally block, but at very least, detect that sort of activity within an\nenvironment, so that some form of response can occur.\u201d<\/p>\n\n\n\n

To augment its defense strategy, Impact Networking is also\nconstantly revisiting its toolsets to ensure they are able to detect\/block\nongoing threats. The dealer has swapped out SIEM and end-point protection\nsuites after finding more effective tools on the market.<\/p>\n\n\n\n

\u201cThe cat and mouse game continues, but we continue to evolve\nalong with the threats,\u201d Leder added.<\/p>\n\n\n\n

\"\"
Scott Anderson, Kelley Connect<\/figcaption><\/figure><\/div>\n\n\n\n

According to Scott\nAnderson, senior vice president of IT for Kelley Connect of Kent, Washington, whatever\nplan the solutions provider has in place should be a living and breathing\ncomponent flexible to evolving. \u201cSecurity is not a set it and forget it type of\nsoftware tool\u2014it\u2019s an ongoing and evolving program,\u201d he said. \u201cI think\nthe key is as an IT services provider engaged with a client, it\u2019s something\nyou\u2019re talking about all the time in regular conversation. It has to be front\nof mind, just like the training has to be. That risk reduction program needs to\nbe evolving every month, every quarter.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"

Take a deep breath and relax. Sure, that sounds like a good way to de-stress, right, particularly during this ulcer-inducing time. Everyone join in… Not so fast, there, security solutions providers. OK, so we tease, but the sad reality is that security currently, formerly, and forever will remain an open-ended proposition, perpetually in need of vigilance, updating and modification as cyber threats continue to evolve and find new ways of infiltrating defenses. Thus, it falls upon dealers and the in-house or third-party provider solutions to ensure they are maintaining a sophisticated, up-to-date security component. Sadly, there is no rest for dealing with the wicked. Just ask Keith Adams, vice president of IT for Les Olson Company of Salt Lake City, who stresses the need to resist human nature in believing a provider has done all that it can do. \u201cConstant review of solutions and advancements in the industry are essential,\u201d he said. \u201cWe have to always take the position that there is no guarantee with any product or process. We must strive to identify the gaps in products and procedures as well as new avenues of exploit.\u201d While there is no true solution that covers all risks, Adams believes that vigilance in bringing best-in-class products and ensuring their proper implementation enables his dealership to remain open to new ideas and systems that will continue to mitigate those risks. Constant Vigilance There is a certain degree of skepticism that is beneficial to triggering a defensive mindset. Acknowledging the inevitability of threats and exploitations helps keep providers such as Elevity, a Gordon Flesch Company, on its toes. As long as bad guys keep winning somewhere and in some fashion, Paul Hager, director of solutions for the dealer, has a duty to perform. \u201cThreats are always evolving and the bad guys are winning,\u201d he said. \u201cThis demands that best-in-class protection offerings be layered on top of one another so when one is subverted there are additional layers to prevent or alert on breaches.\u00a0A data breach is unfortunately not a matter of if but when for most companies. Time to detection and response are key in stopping attacks.\u201d No Time for Complacency Not to pat the cybersecurity defense community on the back, but threat detection has come a long way from where it was even just a few short years ago. Jeff Leder, director of managed IT security services for Impact Networking of Lake Forest, Illinois, notes that advanced persistent threat (APT) dwell times have decreased, an indication of the maturity of the cybersecurity industry in general. Naturally, quicker detection of an APT is only the beginning of the process, and Impact Networking enhances its game by employing a red team (attacker)\/blue team (defensive) scout team of sorts to ferret out the latest methods employed by bad actors. \u201cAs we continue to develop our capabilities for emulating attackers, we stay up to date on what are the various tactics and techniques they\u2019re using to break into environments,\u201d Leder said. \u201cWe then compare that against our control set, our solution set, to ensure that the SOC is able to ideally block, but at very least, detect that sort of activity within an environment, so that some form of response can occur.\u201d To augment its defense strategy, Impact Networking is also constantly revisiting its toolsets to ensure they are able to detect\/block ongoing threats. The dealer has swapped out SIEM and end-point protection suites after finding more effective tools on the market. \u201cThe cat and mouse game continues, but we continue to evolve along with the threats,\u201d Leder added. According to Scott Anderson, senior vice president of IT for Kelley Connect of Kent, Washington, whatever plan the solutions provider has in place should be a living and breathing component flexible to evolving. \u201cSecurity is not a set it and forget it type of software tool\u2014it\u2019s an ongoing and evolving program,\u201d he said. \u201cI think the key is as an IT services provider engaged with a client, it\u2019s something you\u2019re talking about all the time in regular conversation. It has to be front of mind, just like the training has to be. That risk reduction program needs to be evolving every month, every quarter.\u201d<\/p>\n","protected":false},"author":166,"featured_media":41585,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1650,82,87,1638],"tags":[2023,764,3785,3528],"_links":{"self":[{"href":"https:\/\/www.enxmag.com\/twii\/wp-json\/wp\/v2\/posts\/41584"}],"collection":[{"href":"https:\/\/www.enxmag.com\/twii\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.enxmag.com\/twii\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.enxmag.com\/twii\/wp-json\/wp\/v2\/users\/166"}],"replies":[{"embeddable":true,"href":"https:\/\/www.enxmag.com\/twii\/wp-json\/wp\/v2\/comments?post=41584"}],"version-history":[{"count":1,"href":"https:\/\/www.enxmag.com\/twii\/wp-json\/wp\/v2\/posts\/41584\/revisions"}],"predecessor-version":[{"id":41586,"href":"https:\/\/www.enxmag.com\/twii\/wp-json\/wp\/v2\/posts\/41584\/revisions\/41586"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.enxmag.com\/twii\/wp-json\/wp\/v2\/media\/41585"}],"wp:attachment":[{"href":"https:\/\/www.enxmag.com\/twii\/wp-json\/wp\/v2\/media?parent=41584"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.enxmag.com\/twii\/wp-json\/wp\/v2\/categories?post=41584"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.enxmag.com\/twii\/wp-json\/wp\/v2\/tags?post=41584"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}