Here at Eze Castle Integration, we take great pride in listening to our clients and the market as a whole. We follow a security-first approach in delivering complete cloud solutions complemented by the support of our award-winning global helpdesk, which operates 24x7x365. Whether using the public cloud, private cloud or a hybrid cloud approach, Eze Castle Integration excels in providing best-in-class solutions that address a firm’s specific needs.
Across the dark web underworld criminals are buying and selling stolen user credentials, including email addresses, usernames and passwords, to access high value (i.e. executive and privileged user) accounts. Once in a system, criminals steal financial assets, uncover trade secrets and exploit other vulnerabilities. To stop this threat, firms must monitor the Dark Web and respond.
Enter Eze Dark Web Monitoring, a cost-efficient deterrent to ATO activities. Eze Dark Web Monitoring provides early detection, alerting clients when credentials are discovered and forcing users to reset passwords.
“Cybersecurity threats rank as some of the greatest risks facing the industry today with companies of all sizes under attack. At Eze Castle Integration, protecting clients is our mission. We follow a security first approach to IT and deliver fully managed security solutions, such as Eze Dark Web Monitoring, to fortify our client environments – whether they reside in a public cloud, private cloud or on-premise,” said Steve Schoener, Chief Technology Officer at Eze Castle Integration.
In the fast-paced, volatile world of financial services, constantly maintaining normal business operations is crucial – even in the event of an unexpected disaster. Even just a few moments of downtime could be extremely costly, so it is essential that firms implement sound business continuity procedures.
Since we frequently work with our clients on developing comprehensive business continuity plans (BCPs), we feel it is important to review and test our own BCP procedures on a regular basis to ensure they will meet our most current business needs in the event of a disaster. To this end, one of our certified business continuity professionals recently conducted a BCP table top exercise with our management team here at Eze Castle. After this successful meeting, we thought it would be valuable to share some insights on the BCP table top exercise process with our readers to spotlight the importance of this activity.
Did you know that the global average cost of a data breach is $3.86 million? Or, that the average cost incurred for each record of lost or stolen sensitive and confidential information has increased by almost five (5) percent since 2017? A recent study found that breaches are only getting bigger; and I think we have the evolving sophisticated cyber threats that continue to surface.
A report by leading global researcher, Gartner, found that 91% of all cyber attacks start with phishing. This reinforces the argument that human error is perhaps the weakest link in the security chain of any organization. In our most recent webinar, we illustrate the value of investing time and money to make employees your strongest security asset.
Social Engineering: The art of manipulating people so they give up confidential information
Phishing: Typically through email, but can also be via telephone or other communications where a user is tricked into browsing a malicious URL designed to appear like a site they trust, or provided with other fabricated content such as an attachment containing malware
Continue reading for a recap of the webinar.
If you live in an area that often receives snow, you know and expect what the winter season will bring: disruption, delays, cancellations, and closures of roads, busses, trains, boats and subways that transport people to and from work. With this in mind, you should also be prepared for something more such as power outages, force evacuations, impact deliveries, and state travel ban.
In today’s article, we will take a look at some tips to help mitigate, prepare, respond, and recover during the winter weather.
With the new year now upon us, what better time to create your 2019 resolutions for your firm's IT strategy! As we know, the threat landscape is constantly evolving, cloud computing has gained momentum and is now widely accepted in the investment management industry, and new technologies and trends are emerging to support firms with their IT and operational needs.
Continue reading for Eze Castle Integration's recommendations for IT resolutions for 2019:
1.) Create a Cybersecurity Incident Response Plan
As the experts in the industry say, it's not if, but when, a cybersecurity incident will occur. According to a recent report by TechCrunch, cyber attacks are set to spike again in 2019, meaning firms need to continue to stay on top of cybersecurity best practices, utilizing layers of security to protect sensitive data, of course, have a Cybersecurity Incident Response Plan. This includes creating an Incident Response Team consisting of members throughout different departments in the organization, and mapping out the steps to take before, during and after a security incident.
Building on this, developing a Written Information Security Plan, or a WISP, is critical to securing your information, but also required if your firm is registered with the SEC. Having documentation of your firm's plan and systems in place to protect personal information and sensitive company information can help mitigate threats and risk against and protect the integrity, confidentiality, and availability of your firm's data.
3.) Create a comprehensive employee security training program
If you don't have an employee training program, it is critical that you create one in 2019. If you already have an existing employee training program, you must periodically audit this program, ensuring it is both effective and current. Having a managed phishing and training program is an effective way to train employees on how to spot and report phishing and social engineering attempts. These simulated phishing attacks against your employees provide real-time and interactive training.
Despite the recent strides by the financial industry towards improving cybersecurity policies and safeguards, studies reveal that a less-heralded group is responsible for the majority of successful cyber-attacks. Flying under the radar and opening the malware floodgates with one click of a spoof email are employees ill-informed of cyber threats and potential risks.
Unbeknownst to the employee, upon release of their mouse they have guided hacktivists into his or her company’s network, exposing business critical information, financial records, and passwords. But that’s just the beginning. The quantity and severity of subsequent damages are limitless, but so are the opportunities for improvement in the firm’s case.
Having a strong technology infrastructure in place is the backbone to any successful business. It helps firms to ensure uptime, unlock maximum operating efficiency and be risk-averse. A ‘strong’ infrastructure model is futureproof. It’s capable of responding quickly and effectively to any new opportunities and threats in the ever-evolving landscape that businesses operate in. Firms today are encouraged to evaluate their existing IT, and to think about shifting from a traditional, sluggish and inflexible structure to a more fluid model.
Keep reading for three key considerations to help your business achieve a futureproof stance.
In any relationship, when things are good, they’re usually pretty good. And when things are bad, sometimes they are really bad. There may come a point when you need to evaluate whether you’re still a good fit together.
Just like with a romantic relationship, your firm’s connection to a service provider (especially an infrastructure/cloud provider you rely on daily) should be strong enough to withstand a few hiccups and healthy enough to warrant open communication at all times. In some cases, it might be clear that you’re in a good place and moving forward together, but sometimes there are sure signs it’s time to call it quits.
Here are a few of those signs:
1. Your provider’s service levels are not up to snuff.
Maybe you recently experienced a major service outage or find that you not-so-conveniently have to work around confusing and interrupting maintenance schedules during work hours. You’re constantly frustrated and don’t feel like you are receiving the level of support that was agreed to – both verbally and as part of your Service Level Agreement (SLA).
Your SLA should clearly indicate the uptime standard (e.g. 99.995% availability) as well as repercussions to any breaches in the contract (for example, service credits) and associated RPOs if disaster recovery is involved
Outsourcing in the Alternative Investment Management Industry: Navigating Cyber, Legal and Operational Risks + Webinar Replay
Investment firms are increasingly drawn to outsourcing to manage complex technology and operational requirements. And, of course, with this evolution comes a range of considerations. In a recent webinar, Eze Castle Integration’s Executive Director, Dean Hill, and, Lawrence Brown, Information, Communications and Technology Partner at law firm Simmons & Simmons, explored the cyber, legal and operational risks for firms looking to outsource.
Watch the full webinar replay here.