March 18, 2020 Cyber Defense Contractors

Our Story

Share with:

Facebook


We increasingly rely on digital devices. Our personal information is not just data, but digital data.  Digital data that is stored on digital devices.  Those devices?  Well, they’re often connected directly to the internet. That’s not going to change.  Devices will increasingly be connected to the internet as IoT continues to take shape.  One example will be your car.  We don’t like the idea of our car being connected to the internet. We’ve been actively monitoring the industry.  We hope to generate security and privacy solutions for our customers before internet connected cars become mainstream.

A secret that those outside of the industry do not know is that the internet was not designed with security in mind.  We’ve been in the industry before the internet boom in 1999.  It’s been a patchwork of devices and people that work to protect networks.  We’ve all fallen victim or know someone or a business that has.  The internet is a breeding ground for cyber criminals and nation states intent on gleaning your personal information.

You hear about a data breach almost every week.  It’s become common place.  Most folks might be alarmed but they move on unchanged.  It’s hard to grasp the scope of a data breach.  Whether it’s happened to your or not you just can’t seem to go down that rabbit hole to realize the full impact.  When it does happen to you it certainly hits closer to home.  Identity theft can be devastating.  If you’ve been exposed, the impact can be great.  The impact can be far reaching.

As a society we obtain products and services for the “convenience” they add to our lives. We purchase devices and software that make our lives easier. Those same devices and that same software is often vulnerable right out of the box.  We’ve seen it firsthand and have had to push vendors to mitigate the vulnerabilities before we added the element to a network.

When connected to the internet, there are hackers beating at your door day in and day out.  You don’t know this because it doesn’t serve ISP’s well to tell you so.  Put a simple sniffer, IDS, or logging firewall on your internet connection and you’ll see the frequency with which this happens.  It’s astounding.  While you might be targeted a few hundred times a day a large enterprise sees hack attempts on the order of two to three hundred thousand times a day.  It’s all taking place in the digital space that wasn’t designed with security in mind.  We’re vulnerable to the same things that the media talks about every day. These are organized rogue hacker groups, nation states, and sometimes a lone wolf.  It’s a modern-day form of war driving that was popular in the 90’s. Their technical capabilities extend far beyond that of the average consumer.  In some cases, their tools are so advanced they can crack a network in mere seconds. If you’re in the Cybersecurity space, you aren’t just aware of the potential, you’ve watched hacks actively taking place.

The reality is that most of you have already been part of a data breach. As is protocol, you were offered free identity theft protection.  Helpful, but it doesn’t solve the problem.  Your information was already leaked. It’s in the hands of an adversary or state actor.  It’s probably posted on the Dark Net.  Unlike identity monitoring companies our goal is to stop the breach before it happens rather than to notify you after it takes place.  Shouldn’t that be the goal?

At Cyber Defense Contractors we provide remedies through products and services available on our eCommerce site.  We categorize these by grade.  We offer consumer grade products to protect your mobile devices, laptop, and self.  We offer business grade services that takes a unified approach to Cybersecurity and Privacy.  We also offer enterprise grade products for the larger mid-market and enterprise customer.

Any one of our CYBERSECURITY AND PRIVACY PRODUCTS can be purchased on our eCommerce website. This can be done regardless of whether you’re subscribed to one of our Cybersecurity services or not.  Pick and choose what you’d like to protect and keep it within your budget.

Not sure which product is right for you and your scenario?  Call us on our HIPAA and HITECH secure Toll-Free line at 1 (888) 238-5049.  We’ll help match you with the product you need.

When visiting our website be sure to check out all that it has to offer.  We are not just an online retail store.  We offer eLearning and forums to discuss the latest security and privacy topics.  We also offer blogs and vlogs where we review products and technologies. We break it down into simple terms the consumer will understand.  We also host events from time to time so be sure to check our events schedule.  Take our free eLearning Courses.  Start with the free “Establishing a Cybersecure Environment” course.  In 1 hour, you’ll learn essential quick and dirty steps you can take right now to secure you and your online presence.  Follow that by our free “Cybersecurity Data Steward Program”.  It covers all the essentials regarding PCI and PII. It’s the entry level course that’s part of our Cyber Defense Contractors Information Security Awareness Training Series. Be sure to take the free Certification after the course.

Our CYBERSECURITY-ONE service is a drop-in replacement for the devices your small business currently depends on.  It protects you and your business from a breach.  Security and privacy aren’t just baked in as a static configuration.  It’s dynamic. Constantly updating as new threats present themselves. 

The Cybersecurity-One service starts with our next generation ROUTER & FIREWALL. It extends to a dedicated connection from your office to ours at Cyber Defense Contractors via a VPN.  We don’t like to use the word Cloud. We’ve been in the industry long enough. We were doing “Cloud” long before it became a marketing term. 

We host a similar set of services that you use every day.  Only ours is without the exposure.  ISP’s provide these services to you and are actively gleaning your information.  Information related to your internet searches.  This is used to target you with ads. Some nation states build profiles of their citizens based off this very same information.  They use the same methods.

Cybersecurity-One provides a unified Cybersecurity and Privacy based infrastructure.  It solves this problem. The problem of your personal information being exposed.  It won’t be exposed to your ISP.  It won’t be exposed to Google. And it won’t be exposed to whomever is listening on the wire.

For example, unless you manually changed it, your DNS is hosted by your ISP.  DNS translates and tracks the domains your operating system looks up.  Those are the websites you visit.  In some cases, this information is monetized and sold.  This allows a business to target their advertising.  Cyber Defense Contractors DNS service eliminates the need for your ISP’s DNS.  We don’t monitor, track or log a single IP address, website visit, or internet search.  If someone wanted to know what you were doing, we’d have nothing to give them.  We also front our DNS servers with a DNS FIREWALL.  This is a service that inspects the website you are visiting.  It prevents you from accessing it if it’s a known malicious site.  The list of malicious sites changes every day.  You’re protected.

We’ve also introduced SECURITY MONITORING as part of our Cybersecurity-One service.  We monitor your devices and network for malicious activity.  We can spot actions that are called Indicators of Compromise (IoC).  These indicators suggest that an actor is actively inside your network.  We work to identify and stop them before any information can be leaked to their servers.  Servers that exist outside your network.

Our Security Monitoring includes ROLLING VULNERABILITY ASSESSMENTS.  What does that mean?  Our servers are actively scanning your network devices, laptops, and computers for known vulnerabilities.  If one is identified, we contact you to begin the process of mitigation.  Depending on the level of risk we may take immediate steps by disconnecting you from the internet and shutting down your Wi-Fi radio’s. 

It’s not a matter of if.  It’s a matter of when. 

That’s why we started this business.  We were part of a data breach and fell victim to several cyber-attacks. Our password was exposed on the Dark Net.  Our Windows desktop was actively being monitored by a third party. They forced the streaming traffic out a neighbors free Wi-Fi hotspot so we wouldn’t notice it on our own network.  We were sent an email from one of the largest companies in the world that contained PII in the subject line.  The subject line is not encrypted. This action was illegal. Worst of all, while using the most popular encrypted messaging app our SMS and MMS messages were being collected and forwarded.  They were being forwarded as MMS messages to an unknown third party.  One look at our monthly bill showing over 50 MMS messages when we had sent none clued us into the hack.  They got around the encryption of the messaging app at the host.  Your encrypted messaging apps can’t protect you in this scenario. 

We took a hard look.  We set out to remedy every weakness that exists in the technology we use every day.  Otherwise, we wouldn’t use it. We went as far as giving up our mobile phone for four years.  A product was eventually developed that protected the mobile phone from the vulnerability that forced us to give it up.  We were back on the grid.  We got along just fine without our mobile phone. However, we were left out of touch.  Connections with our family and friends more than slipped.

It turned out that there weren’t just a few weaknesses we needed to remedy.  It wasn’t just our mobile phone.  There were many.  Some products secured our devices.  This got us part way there.  We then built network-based services that secured our internet activity.  We wanted to protect ourselves from any of those parties that are actively listening and gleaning our information. 

The next thing we knew, we had built the NEXT GENERATION PLATFORM TO SECURE INFRASTRUCTURE. It, by default, was engineered perfectly for the small to medium enterprise.  We did it affordably.  We did it without the heavy costs associated with the offerings the bigger players push.  We saw this as a, sort of, cooperative.   A way for all small businesses to take advantage of the same technologies a large fortune 100 enterprise would enjoy.

It also dawned on us that the network engineers who put the infrastructure into businesses should not be solely network engineers.  They must be Cybersecurity engineers.  Otherwise, you’re missing the most critical component of the implementation.  Smart business owners don’t just say, “great! It works”.  They say, “It works but is it secure?”

We offer FREE AND PAID TRAINING too. Training that brings you in line with the compliance of those fortune 20 companies.  Why is compliance training important?  Nearly 160 breaches take place each month in the Commonwealth of Massachusetts.  Yes.  160.  The true figure is far greater than that because businesses have been known to hide from the reporting process.  Once breached, it must be reported to the Attorney General and the Office of Consumer and Business Affairs.  The first question you will be asked is if you maintain a Written Information Security Program (WISP).  We’ve gone through the entire process, so we know all that is asked.  This is something that has been law for over a decade. The WISP is a document that all large and some mid-market companies maintain.  However, this isn’t just something that only the mid-market and large enterprises are legally required to create.  Whether you’re a business of one employee or a business of 200,000 you must have and maintain a WISP.  All states have enacted this same legal requirement.  Why did they do so?  They realize the potential, the probability, and the general risk.  Part of the WISP is the compliance training that is expected of you and your employees.  Compliance Training that educates you on matters that can help prevent a data breach.  We at Cyber Defense Contractors provide you with the training you need and in the format you prefer.  We can deliver the training either live or online.  This too is priced affordably. The small business can get benefits similar to that of the large enterprise without the heavy cost.

Under our CISO PROGRAM we create your WISP.  We become your outsourced Cybersecurity team.  We generate and maintain a WISP that ensures you are complying with all Federal and State Cybersecurity guidelines.  We also actively enforce what’s in the WISP by visiting your office from time to time to perform simple audits.  This is typically quick discussions with your employees to guide them on the do’s and don’ts.

Also, as part of our CISO Program, in the event of a data breach we act as the point person when reporting it at the state and federal levels. Having a WISP and compliance training can spare you from being penalized with hundreds of thousands of dollars of fines.  Not to mention, the harm that comes from the negative publicity.  Once breached you are required to notify every customer, employee and business partner.  This is typically done by letter.

Cybersecurity starts at the endpoint or host machine.  For this reason, our end-point security starts with a SECURED VERSION OF WINDOWS 10.  We engaged the Center for Internet Security (CIS) and under their instruction implemented their prescriptive guidance for establishing a secure configuration posture for Microsoft Windows. As an additional layer the operating system is under the umbrella of NETWORK ACCESS CONTROL or a NAC.  The NAC ensures that the operating system configuration and applications meet the baseline security requirements of the business.  If it does not, it won’t be allowed on the network.  The NAC server is hosted at Cyber Defense Contractors.

Cyber Defense Contractors didn’t stop there.  Any business that subscribes to our Cybersecurity-One service see’s value add through a free service that ensures business continuity.  Whether your internet is down, or the power is out you still must keep your business moving. That’s when we roll one our MOBILE INTERNET TRUCKS (MIT) to your location.  We provide internet service at 4G and 5G speeds. You can continue to work with your customers and partners.  If the power is down the truck shows up with both a gasoline and electric generator in tow.  If we can’t logistically connect your electrical system to the gasoline powered generator, we move the electric generator directly into your office.  So, we keep your lights on too.  As our business grows so will the fleet of trucks we maintain.

We sell the products and services we use and believe in.  They solve the problems we identified.  They secure you and they offer you privacy.  We put purpose before profits and our offerings are well tested. They were built for us.  We wanted to take what we did and share it with a community of people and businesses all striving to keep their operations both secure and private.

You can be sure that if we’ve tested a product and it doesn’t do the job it doesn’t make it as one of our product offerings. It will not fall under the Cyber Defense Contractors brand.  The only products and services that fall under the brand are effective, trusted, and secure.

Rob Cluett

More than 27 years of experience as a motivated IP Network Engineer in the Telecommunications, Information Technology Services, Plastics, Consumer Goods, and Cybersecurity industries. Expansive technical skill set and knowledge of mainstream and leading edge technologies to deliver a broad range of business enhancing technical solutions. Results driven with a focus on continuous improvement and IT process automation.

Leave a Reply

Your email address will not be published. Required fields are marked *

  • Sign up
Lost your password? Please enter your username or email address. You will receive a link to create a new password via email.
X