On November 7th, the MTSi team was joined by several customers and a few new faces to discuss cyber resilience, play Top Golf and enjoy a barbecue lunch with some fried chicken on the side. If you haven’t tried Top Golf yet, we highly recommend it. The folks at Top Golf have reinvented golf, making a video game with automatic scoring out of a game that is difficult and often frustrating. It’s no surprise that the event is a hit with avid golfers guests, but the real surprise is how much fun our non-golfing guests have knocking over the towers during a game of Angry Birds. If you missed this one, we’ll have another event in spring 2025.
This time around, Matt Scully from Kaseya joined us to talk about Cyber Resilience. He opened with a contrast between the City of Florence and Alliance Packaging, who were both hit by the same ransomware gang.
The City of Florence was warned by Krebs On Security that their credentials were on the Dark Web. The city thought they had the situation under control, but their response turned out to be inadequate. Twelve days later they were hit by Ransomware and the city was down for 30 days and forced to pay $330,000 to recover.
The same threat actors found Alliance Packaging in the city’s files. Despite having a much smaller budget, Alliance Packaging had a business continuity plan in place. Because they were prepared to respond to an attack, when they were hit by the same ransomware, they were down for only 20 minutes and did not have to pay anything to the threat actors.
Matt went on to discuss a number of other attacks including Providence Public Schools, just one of the local school systems in our area to be hit in the last two years.
One of the key takeaways was Matt’s discussion about the NIST framework. Many firms are focused on the Protect tab of the diagram above. His suggestion is a more balanced approach, employing tools to help your firm detect threats rapidly, developing policies and procedures for an effective response, and deploying business continuity tools to help you recover from a disaster. By embracing the whole framework, rather than focusing on one or two aspects, firms can develop a robust and cyber resilient defense.
The number one takeaway from the event was that firms should evaluate the tools in their cybersecurity toolkit. In some cases, that means working with an MSP to look for tools performing the same function and also for areas that are lacking coverage. A quick check-up could put your firm on the road to cyber resilience, avoiding weeks of costly downtime and reputational damage.
Reach out to our sales team to learn more about a balanced approach to cybersecurity, or just to get on our list for our next great Top Golf event!