Contact Us Today! (626) 606-8594

Vista Computing Blog

Category Archives: Blog

Vulnerability Assessments are Required as part of your Cybersecurity Program

Vulnerability Assessments are required as part of your Cybersecurity Program.  Vulnerability Assessments are similar to regular checkups when you visit your doctor on a periodic basis and are part of the upkeep of a good Cybersecurity Program.  At Vista Computing LLC we call this Cybersecurity Hygiene.

Read more ...

Build a Comprehensive Bring Your Own Device Policy

Bring Your Own Device, or BYOD, is a wonderful alternative to a business investing in high-end workstations. On one hand, it can save your business thousands of dollars by having your employees bring their own devices to the workplace. On the other, it could expose your network to untold risks. How can you strike a balance between the two and help your business prosper?

Read more ...

Benefits of a virtual Chief Information Security Officer (vCISO)

Benefits of a virtual Chief Information Security Officer (vCISO)

vCISO Vista Computing LLCA Chief Information Security Officer (CISO), is a vital component of an organization’s business strategy. These personnel help the enterprise formulate their cybersecurity strategies. A CISO ensures that all necessary measures have been taken, monitors cybersecurity awareness throughout the enterprise, and proactively creates defensive plans for when, or if an attack or an incident takes place.  If an attack or an incident has already taken place then the CISO would handle the necessary responsibilities in addressing the incident.

The role of the CISO in large organizations is usually occupied by a senior-level executive. These enterprises have large resources to accommodate these roles, however, many companies don’t have the kind of resources required to employ someone with enough expertise to fill the CISO role. This is as a result of the fact that any individual that will assume the role should have enough expertise in information security and also business operations, therefore, having such an individual at that senior position could be very expensive.  This is true for small and medium-sized businesses where they do not have the budget to employ a full-time cybersecurity leader.  Small and medium-sized businesses are the largest targets for hackers because the hackers know that these businesses do not have the necessary cybersecurity measure in place which makes it much easier to hack.

To solve the problem of not being able to employ a full-time CISO Vista Computing LLC has created a service offering to address the gap.  An alternative to having an internal full-time CISO is acquiring the services of a virtual Cybersecurity Information Security Officer (vCISO).  A virtual CISO (vCISO) performs the same function as an internal full-time CISO, however, they are not employed permanently by the organization but acquired as a service from an external cybersecurity team or organization such as Vista Computing LLC.

The following key areas are the benefits of having a vCISO as part of team within small and medium-sized businesses:

  • vCISO Provides Access to a Team of Experts

In the traditional method, where the Chief Information Security Officer is employed by the organization, a majority of the time this rests only on the knowledge and expertise of the internal CISO which is then applied in running the cybersecurity strategies.  This lends itself to limitations.  A vCISO on the other hand as part of a vCISO-as-a-service has access to a team of other virtual security experts that specialize in different aspects of information security. This ensures there is a wide knowledge base to draw from, which makes a vCISO a valuable and viable asset at handling the enterprise’s cybersecurity needs.

  • vCISO ensures the organization is “Up-to-Date” on Information Security Threats

In the Cybersecurity world, threats are constantly evolving.  According to various industry studies, there are over 100,000+ new threats that evolve everyday as attackers always try to find new ways to exploit system vulnerabilities.  With a vCISO where you have a team of information security experts, it is likely to find someone with the expertise that is required to identify and counter a specific type of zero-day threat.

  • vCISO offers Extensive Monitoring of the Organization’s Cybersecurity Needs

Virtual CISO services involves a team of expert. This means they can spend more time and resources monitoring the organization than an internal CISO could ever do.  Also, having more individuals with a wide range of expertise is invaluable as it they can easily spot information security incidents that would otherwise go undetected.

  • vCISO Costs Less compared to Hiring Internally

When an individual is hired as a full-time CISO internally, the organization has to pay a large salary, benefits, insurance, training, bonuses and so forth.  Let’s face it, small and medium-sized companies cannot afford an expensive full-time permanent CISO as part of the organization.  These costs are generally much higher when compared to the cost of acquiring the services of a vCISO.  Using the services of a vCISO, the small and medium-sized organizations only pay the cybersecurity service provider a set fee that covers the whole package. This keeps costs low while still benefiting from the services of a wider range of cybersecurity experts.

The vCISO service offerings at Vista Computing LLC is based on different blocks of hours purchased by an organization needing this valuable service.  We will consult with you to come up with a fair, sensible, and practical solution for your cybersecurity needs.

The Premier Cybersecurity Event in Southern California is the ISSA-LA Summit XI

Annenberg Community Beach House

May 2019 will be an exciting time for IT and Information Security Professionals as they will be gathering at the Annenberg Community Beach House.  The ISSA-LA Summit XI will begin on Tuesday, May 14th and end on Friday, May 17th of 2019.

So who’s going to be there?  Attendees will be from all over the place and will be comprised of so many different IT and Information Security Practitioners, Executives, Leaders, Analysts, and Hobbyists.

Why should you attend?  This is a great opportunity to learn from the experts!  It is a great opportunity to meet and greet and exchange ideas and solutions with the community.

Annenberg ISSA LA Summit XI Beach View

What should I expect to see?  You will have the option to attend various informational talks.  You will have a chance to learn by attending workshops.  You will also have the chance to just walk around take in the sun and hang out at the beach with nice people discussing all types of topics.

So where is the ISSA-LA Summit XI being held?  It is being held at the Annenberg Community Beach House.  For more information about the ISSA-LA Summit XI, pricing information, logistics, and to register then please visit the ISSA-LA Summit XI Website.

Vista Computing LLC will be visiting the ISSA-LA Summit to meet up with friends and colleagues and to discuss some business strategies.

Thank you kindly and see all of of you there!

Regards,

The Team at Vista Computing LLC

A Simple Methodology for Conducting Network Vulnerability Assessments

There are various methodologies out there when it comes to conducting a network vulnerability assessment.  But in all fairness they’re all pretty much similar in the fact that they contain various steps in the process and these steps may consist more or less of 7 main phases and can be used in conducting assessments for small and medium sized businesses (SMBs).  We follow the following methodology within our practice at https://www.vistacomputing.com.  For SMBs you can follow these simple steps: 

1.  Kick-off engagement meeting

2.  Discovery

3.  Investigation

4.  Verification

5.  Exploitation

6.  Reporting

7.  Remediation

Detailed Information regarding the above steps:

1.  Kick-off engagement meeting

The kick-off engagement meeting is for initial meet and greet with the client to find out more about what the client is trying to accomplish and deals with administrative tasks.

    a.  Identify the business drivers

    b.  Identify and engage the stake-holders

    c.  Set expectations and priorities

    d.  Acquire authorizations from the client

    e.  Validate and verify client subnets and host IPs

2.  Discovery

The discovery phase consists of technical tasks associated with finding out information about the client through the IP Addresses given by the client.  This is the scope of the engagement.  Typically the discovery phase includes finding out which hosts respond to ICMP echo requests, basic TCP Port Probes, DNS lookups and reverse-lookups.

3.  Investigation

The investigation phase is a deeper inspection of the hosts that are within scope for the engagement.  This is a technical task using various products to conduct vulnerability scans against the IPs.  We use a combination of open-source and commercial tools to carry on these tasks.

4.  Verification

The verification phase is a manual task where the reports of the investigation reports are manually verified for false-positives.  This is a phase for conducting clean-up tasks of the investigation report.  We usually call this the quality assurance phase where we make sure we’re delivering something that’s valid.

5.  Exploitation

The exploitation phase is a technical task to try and break into a system through the vulnerabilities found in the investigation report and/or the discovery phase.  If it is discovered that a critical and/or high risk vulnerability is found, seek approval from the stake-holders to conduct exploitation.  Not all engagements require the exploitation phase.  This is always optional.

6.  Reporting

Reporting is an important key factor when conducting the simple network vulnerability assessment for a client.  It is a common best practice to keep records of each step of the process through screen shots, notes, and various documentation efforts.  The report is primarily for the client to have a representation of where they are in terms of network security and how vulnerable they are.  The report will also include all vulnerabilities discovered as well as the remediation steps.  The final report is a PDF.

7.  Remediation

The remediation phase is for plugging the holes in the client’s network.  The remediation phase is a list of tasks to be completed in order to get rid of the vulnerabilities and to mitigate the risks.  This is also an optional task and we would need to discuss it with the client.

A VERY IMPORTANT DISCLAIMER:

All vulnerability assessments and penetration testing efforts are point in time tests.  So while we are conducting a vulnerability assessment you have to remember that it is a point in time test because a few minutes after a test is completed there could be a change to the system that we just scanned.