A cyber resilience strategy
“I have used a lot of different security products over the years, and I get approached by a lot of vendors,” says Pedro Nuñez. As president and CEO of New England based MSP IT Management Solutions, Nuñez is always on the lookout for products that go beyond just a traditional security operations center.
That’s what lead him to work with Webroot® Business Endpoint Protection.
“To make any kind of difference, you need a way to mitigate a security incident automatically.” It’s not enough to just monitor his clients’ networks and notify him if there’s a security incident. If that’s all a tool can do, it’s then up to his team to manage every incident manually – even the smallest ones.
And with over 85 clients, Nuñez needs time to focus on the most serious threats. The automation that comes with Webroot and its integration with Blackpoint Cyber means his clients’ endpoints, networks and even IoT devices are monitored for any anomalies. Once something is noticed, there’s no delay in automatically hunting down the threat.
“We effectively save up to 40 help desk hours a week, sometimes more” with the managed detection and response from Webroot.
That means when there’s a persistent attack on a server or when a client falls victim to a phishing attack, he has a head start on tackling the problem.
Protection in practice
Recently one of Nuñez’ clients, a municipality in Massachusetts, was targeted by a hacking group based out of Romania. The municipality was particularly vulnerable because of their old and out-of-date systems.
“The city would have been overrun with ransomware, but we started getting alerts right away from Webroot and Blackpoint,” Nuñez remembers. Since there was no delay in responding to the attack, he was able to get the ransomware under control so it couldn’t take over.
Even though it was a persistent attack, the security controls held up. The incident created thousands of tasks on individual devices, and it took weeks to fully stop. But in the end, the city experienced virtually no downtime. “There are a lot of city systems that can’t afford to go down, so making it through the attack without downtime . . . was a major win,” says Nuñez.
Businesses make their own luck
The next town over was also hit, but their security didn’t hold up. Their data was stolen, and they ended up having to pay a ransom. Smiling, Nuñez says that “The city that was my client can consider themselves lucky. But really, it wasn’t luck.”
His hands-on approach combined with the right tools saved his client from suffering a major incident.
For IT Management Solutions, the next step is end user training. Afterall, Nuñez notes, it no one had clicked the malicious email then the ransomware attack could have been prevented.
Watch Pedro Nuñez, President and CEO of IT Management Solutions, talk about his approach to cybersecurity.