Wednesday, July 22, 2020

The perfect CyberSecurity companion to your network's firewall...

Security is not about point solutions, it is about protection in depth.

There are new types of threats every day. Firewalls are essentialManaged Endpoint Security from ControlScan goes above and beyond.

Introducing MDR Essential from ControlScan.  

By combining MDR Essential with a firewall, you can replace traditional anti-virus and anti-malware software while adding 24x7x365 monitoring.

With MDR Essential from ControScan, you get:
  • Next Generation Anti-Virus/Anti-Malware/Anti-Ransomware
    • Backed by industry leading threat intelligence from Crowdstrike
    • All aspects of Policies, Whitelisting/Blacklisting, and Threat Intelligence management handled by ControlScan's Security Operations Center (SOC) team
    • Traditional Hash or Pattern based detection PLUS Behavioral Threat Detection through Artificial Intelligence and Machine Learning
    • Immediate Protection (No lead-up/training time.)
  • Incident Response
    • Up to 40 hours per month of hands-on incident response activities
      • Automated Response Actions do not count towards the 40 hours.
        • (95% of incidents are handled by automated response with Analyst oversight.)
      • Incident Response Hours Usage Includes:
        • Investigation of Potentially Malicious files or executables to determine Indicators of Attack or Compromise
        • Removal and Cleanup of Persistence mechanisms if necessary
        • Custom Requests
All this for $3.50 per Windows/MacOS/Linux endpoint per month!

Contact me today to learn more.

ControlScan MDR. Because, this:

Read the article HERE.

Learn how ControlScan Managed Detection and Response (MDR) can help HERE.

Also, don't be Dave....

Monday, July 20, 2020

Affordable Data Security? Yes, it’s true.

Does cybersecurity protection make it to the top 10 on your priority list? If you’re like most businesses, you recognize that data security is important, but you don’t know where to start. And besides, if you found a solution, how would you even implement it, and what would you do if you were alerted of a threat?

We work with thousands of small and mid-sized businesses just like yours, and we’re here to tell you that smart, affordable security is possible.

Introducing MDR Essential from ControlScan

Managed Detection and Response (MDR) Essential was designed for the SMB. It provides managed endpoint security to prevent, detect and respond to advanced threats—including ransomware. (Don’t know what an endpoint is? No problem. Examples of endpoints include laptops, desktops and servers.)

Think of MDR Essential as antivirus on steroids. It’s smart, and it blocks threats that traditional antivirus is unable to recognize. Even better, our team of security experts manages the solution for you, so you don’t lose sleep at night.

If you’d like to learn more, check out our website or give me a call at (404) 435-7376. I’m available to help answer any questions and walk you through best practices for securing your business.

Cybercrime isn’t going away. Let’s make sure you’re protected.

Friday, July 17, 2020

Joe’s Shelter-in-Place Book Club

March 13th - ???

3.13.20:  My 2020 New Year’s Resolution was simply to “Read more. Eat less.”  By the end of February, I could report that my reality was exactly the opposite. :-(

Enter “social distancing” and its harsher cousin, “self-isolation”.  While arguably making it harder to “eat less”, it has given me the kick-start I needed to “read more”.

In this space, I will update the list of books as I finish them...
  1. Thanks a Lot, Mr. Kibblewhite: My Story - by Roger Daltrey
  2. The Gulag Archipelago, 1918-1956 : Volume 1- by Aleksandr Isaevich Solzhenitsyn
  3. Political Tribes: Group Instinct and the Fate of Nations - by Amy Chua
  4. To Save a City: The Berlin Airlift, 1948-1949 - by Roger G. Miller
  5. The Who: 50 Years - The Official History - by Ben Marshall with Pete Townshend and Roger Daltrey
  6. One Day in the Life of Ivan Denisovich: A Novel - by Aleksandr Isaevich Solzhenitsyn
  7. The Ox: The Authorized Biography of The Who's John Entwistle - by Paul Rees
  8. Great Society: A New History - by Amity Shlaes
  9. Talking to Strangers: What We Should Know About the People We Don't - by Malcolm Gladwell
  10. The Political Theory of the American Founding: Natural Rights, Public Policy, and the Moral Conditions of Freedom - by Thomas G. West
  11. How Innovation Works: Serendipity, Energy, and the Saving of Time - by Matt Ridley
  12. Aristotle's Revenge:  The Metaphysical Foundations of Physical and Biological Science - by Edward Feser
  13. Taboo: 10 Facts You Can't Talk About - by Wilfred Reilly
6.25.20 Update:  Well, we are well over three months into this whole COVID-19 thing.  While I still long for the day that I can attend a professional or college sporting event, or sit indoors at a restaurant or bar and be served, things are loosening up a bit.  My family and I recently got back from the beach.  My son's baseball team is starting to play tournaments again. Not normal, to be sure - but getting better.

So, for the purposes of this "book club", when does it end?  Well, as I mentioned originally, "Read more" was to be half of my New Year's Resolution.  So, I'm trying to keep the reading going ad infinitum.  But, I've decided that this published diary will end on the date that my two sons go back to full-time, in-person classes at their respective schools.

That seems logical since I chose the March 13th date because it was the date in-person classes were cancelled. As of this writing, plans have not been finalized in our school district; but, one option is a "middle ground" of a half-and-half hybrid between in-class and in-home learning.  THIS WILL NOT COUNT!  I will only consider this odyssey to be over when they are back at school full time!  (I think the parents out there can sympathize.)

7.17.20 Update:  Now reading concurrently...
  1. Coolidge - by Amity Shlaes
  2. The Truth about College Admission:  A Family Guide to Getting In and Staying Together - by Brennan Barnard and Rick Clark
  3. Liberty:  Life, Billy, and the Pursuit of Happiness - by Liberty DeVitto

Monday, July 13, 2020

What is a QIR?

Does your company use a Qualified Integrator and Reseller, or QIR? You’re likely here because you’ve been asked that question on your PCI Self-Assessment Questionnaire and you have no idea what in the world a QIR is! ControlScan is here to help. By the end of the video below, you’ll know what a QIR is, why you need one, and how to make sure your business is using one.

Check out ControlScan's blog, PCI Compliance Guide, to learn more.

Monday, July 6, 2020

P2PE for Merchants: How to Leverage Point-to-Point Encryption for Stronger Payment Security and Simplified PCI Compliance [WEBINAR] Thursday, July 23, 2020 | 2:00 PM ET

For retailers, balancing the costs and benefits of investing in the latest payment security technologies is a real struggle. However, point-to-point encryption (P2PE) is an example of payment technology that shouldn’t be delayed, as it has significant business benefit.

A baseline understanding of point-to-point encryption (P2PE) helps decision makers confidently select and implement the solution that meets their business requirements. It also protects the business from data breach and greatly simplifies its PCI assessment.

This live webinar is based upon the recently released ControlScan “Terminal Encryption for Security and PCI Compliance: What Every Retailer Must Know about P2PE" white paper and is presented by the paper’s author, Sam Pfanstiel. Attend and you will learn:
  • The important connection between terminal encryption, security and PCI compliance;
  • How to get up and running with a P2PE solution provider; and
  • Steps for assessing your listed or non-listed encryption solution.

Click HERE to reserve your spot today.

Wednesday, July 1, 2020

Security with a Purpose Podcast

ControlScan's Security with a Purpose is an information security podcast that takes an in-depth look at the various aspects of securing an organization.

Get tips, tricks and best practices from ControlScan experts to move purposefully toward stronger security and simplified compliance. Interviews by Jeff Wilder, Director of Risk & Compliance Management, ControlScan.

Check it out and subscribe today!

Apple Podcasts   |   Google Podcasts   |   Spotify   |   Stitcher

Tuesday, June 30, 2020

The more cybersecurity tools an enterprise deploys, the less effective their defense is.

That's according to IBM's fifth annual Cyber Resilient Organization Report. Research suggests that, although cybersecurity investment and planning are increasing steadily, the actual effectiveness of a company's defense is not.
Why? Too many tools and increased complexity.

Contact me today to learn how ControlScan can reverse this trend for you with our Managed Detection and Response (MDR) service.  With ControlScan MDR, you essentially hire us to function as your threat detection and response team!  We provide 24/7/365 protection with our advanced software, artificial intelligence, and our security analysts in our Security Operation Center. 

For a monthly or annual fee, ControlScan MDR provides:
  • Managed next-generation anti-virus/anti-malware
  • Managed threat intelligence
  • Endpoint detection
  • Incident response
  • Log event collection and correlation (Managed SIEM)
  • Proactive threat hunting
  • File integrity monitoring
  • SaaS threat monitoring (Cloud IaaS and PaaS)
  • Log data retention
Reduce the complexity.  Reduce to cost.
Increase the protection.  ControlScan MDR.

Thursday, June 25, 2020

Tuesday, June 23, 2020

Is it time for your annual penetration test?

Your company's networks are being probed, prodded and possibly attacked countless times every day. Unless you're monitoring your logs, you're likely unaware all this activity is taking place. Awareness is a critical element of an effective defense.

Are you aware of your security shortcomings?

A Network and Application Layer Penetration Test simulates a real-world attack against your network infrastructure and information systems in order to see how far an attacker would actually be able to progress within your cardholder data environment. In short, penetration tests expose holes in your defense. It's also a requirement of PCI compliance.

Do you need a Pen Test?

If you think you may need a pen test — or aren't sure — contact me today! I'd be happy to answer any questions you have. In the meantime, ControlScan subject matter experts have put together helpful information:

  • Learn about penetration tests in this blog post by industry expert Chris Bucolo;
  • Read how SaaS company QuickSilk confirmed their security posture through a ControlScan penetration test; and
  • Watch this to learn how to select the right penetration testing service company.

Sunday, June 21, 2020

ControlScan Threat Detection and Compliance Platforms Win 2020 Fortress Cyber Security Awards

Dual awards recognize MSSP’s efforts to help secure businesses’ data and electronic assets.

ATLANTA, June 17, 2020 (GLOBE NEWSWIRE) -- ControlScan, a leader in managed security services specializing in compliance, detection and response, has been recognized by Business Intelligence Group with two 2020 Fortress Cyber Security Awards. The ControlScan Cyphon and ControlScan SecureEdge platforms were awarded in the medium-sized-company division for threat intelligence and compliance, respectively.

According to Business Intelligence Group, the annual Fortress Cyber Security Awards are part of an industry awards program that seeks to “identify and reward the world’s leading companies and products that are working to keep our data and electronic assets safe among a growing threat from hackers.”

“ControlScan is thrilled to be honored with not one, but two Fortress Cyber Security Awards,” said Mark Carl, CEO, ControlScan. “These awards reflect the hard work our team puts forth to deliver enterprise-grade security and compliance solutions to small and mid-sized businesses.”

Threat Detection Award winner ControlScan Cyphon is a hybrid threat management platform that powers the ControlScan Managed Detection and Response (MDR) service. Used exclusively by trained ControlScan SOC analysts and threat detection experts, the Cyphon platform includes advanced endpoint detection and powerful SIEM capabilities for unmatched security threat prevention, detection and response.

Because ControlScan fully manages and maintains Cyphon with a cloud based MDR deployment, no additional on-premise hardware or resources are necessary for the customer to get up and running quickly. Using the Cyphon platform, ControlScan not only performs threat detection and investigation, but also active response to stop threats in their tracks, along with removal of malware or threats inside the systems.

“Today’s SIEM market overwhelmingly relies upon companies that will either implement and manage the technology internally or implement internally but then outsource its management via SOC-as-a-Service,” Carl said. “The ControlScan Cyphon platform saves these companies the capital expenditures and headaches associated with an in-house SIEM deployment.”

Recognized for its ability to help other businesses and brands solve compliance, ControlScan SecureEdge is a next-generation Payment Card Industry (PCI) compliance program management platform that gives merchant service providers more visibility and control of their PCI risk along with a simplified, streamlined user experience for merchants. SecureEdge is delivered through the cloud and provides a single point of access to the compliance validation tools and corresponding security services that ensure authentic compliance.

“We are so proud to name ControlScan as a winner in the 2020 Fortress Cyber Security Awards program,” said Maria Jimenez, Chief Nominations Officer, Business Intelligence Group. “As our society continues to evolve and become more reliant on networks and data, companies like ControlScan are critical at providing the protection and trust consumers demand.”

To learn more about ControlScan and its solutions for cybersecurity and compliance, please visit For more information about the annual Fortress Cyber Security Awards, please visit

About ControlScan                                                 
ControlScan managed security and compliance solutions help secure IT networks and protect payment card data. Thousands of businesses throughout the U.S. and Canada partner with us for easy, cost-effective access to the expertise, technologies and services that keep cyber criminals and data thieves at bay. With highly credentialed cybersecurity and compliance experts; 24x7 managed detection and response; managed UTM firewall services; ASV vulnerability scanning; security penetration testing; PCI compliance programs and validation services; QSA and HIPAA assessments; and more, we’ve got your back. For more information visit
Press Contact:
Stacey Holleran
Director, Corporate Communications

How Convenience Store Retailer Weigel's Achieved Continuous Threat Prevention with ControlScan Managed Detection and Response (MDR)

ControlScan MDR Adds Critical Expertise, Manpower to Weigel’s Threat Detection and Response

Since 2009, Weigel's has looked to ControlScan to protect its critical operating systems and sensitive customer data. Learn about how ControlScan MDR is helping Weigel's HERE.

Saturday, June 13, 2020

Managed Endpoint Security from ControlScan

Stop advanced threats from infiltrating your systems.

As technology continues to advance, so does malware. Today’s advanced cybersecurity threats are bypassing traditional antivirus technology. Malware creators are becoming more innovative, creative and better funded. The proliferation of online accounts, integrated applications and devices allows multiple points for malware to enter a network and introduce even more challenges for IT administrators.

The Essential Solution for Endpoint Security

The ControlScan MDR Essential service provides the necessary next-generation endpoint protection for businesses to address today’s challenges in protecting valuable assets. Through the service, managed endpoint security helps prevent, detect and respond to advanced threats—including ransomware—by leveraging live threat data to identify as well as block and remove threats that traditional antivirus is unable to recognize.

Key benefits of the ControlScan MDR Essential Service

Using the power of real-time threat detection with constant threat feed updates, the ControlScan MDR Essential solution helps stop advanced threats from infiltrating your systems.

  • ControlScan has your back:  Our innovative endpoint software is managed and deployed by your team and then backed by the ControlScan Security Operations Center (SOC). 24x7x365 support provides assistance with managing and maintaining the security and protection of your assets. Each of your servers, desktops and laptops remain secure, because the ControlScan security operations specialists are available to assist your team with issues or questions at any time.
  • Reduced operating costs:  A breakdown in security can bring employee productivity to a halt, and this downtime can significantly impact your bottom line. Malware can attack multiple endpoints at once, taking weeks to exterminate, but with the ControlScan MDR Essential service, you can keep the gears of your business in motion and your valuable assets protected.
  • Next-gen innovative security solution:  In order to secure your organization, you need an additional layer of protection to help thwart targeted attacks and advanced persistent threats. The ControlScan MDR Essential service provides this additional layer of protection using innovative, best-in-class technology that delivers prevention and remediation through advanced artificial intelligence, behavioral monitoring, and the most advanced threat detection capabilities.
  • An agile security solution:  ControlScan MDR Essential offers protection for any size organization or IT environment. Moreover, our solution can grow and scale with your business.
  • Robust and comprehensive reporting:  You won’t feel in the dark or worry if your endpoint solution is deployed correctly. We provide real-time, self-service dashboards showing the deployments of your solution, along with proactive alerting if assets within your organization stop reporting for extended periods of time.
  • Baked-in compliance:  In order to achieve and maintain compliance with certain security and privacy standards, companies must actively manage antivirus and malware prevention systems and prove that the solutions are operational and up to date. The ControlScan MDR Essential service helps your business specifically comply with PCI DSS and HIPAA antivirus and host-based intrusion prevention requirements.

Why You Need the ControlScan MDR Essential Service

ControlScan takes a revolutionary approach to endpoint protection. It begins with a fully managed solution that is maintained by the award-winning ControlScan Security Operations team to actively detect and prevent security threats across your systems. Then, it extends beyond threat detection and prevention to include active response to threats, thereby quickly taking action to stop and clean up threats identified in your systems. 

By correlating threat indicators, the ControlScan MDR Essential service blocks system and application exploits, potentially unwanted apps, ransomware, and malicious code from negatively impacting your endpoints.

Core features include:
  • Antivirus and Anti-malware protection
  • Advanced Machine Learning exploit prevention
  • Ransomware detection and prevention
  • Advanced threat indicators of attack identification
  • In depth threat details and root cause analysis
  • Remediation and malware removal support

Ready to see how the ControlScan MDR Essential service can make your business more secure? Contact me today or schedule a call with me here.

Wednesday, June 10, 2020

Friday, June 5, 2020

The Future of Ransomware 2.0 Attacks

A great article from Forbes this morning:

From the article:  
Continually Monitor Your SaaS
Use a third-party provider to monitor your SaaS environment 24/7. The provider can identify new ransomware attacks in real time, remediate them, alert you immediately and provide an advanced incident response plan.
Managed Detection and Response can do just that.