Steve Soukup, Chief Revenue Officer
It’s 4 a.m. PST, Sunday, and Price Beazley, CTO of Village Bank and Trust, wakes up to a phone call from one of the CISOs of DefenseStorm—a cloud-based cybersecurity and cyber compliance company—apprising him of a Russian cyberattack that happened recently. A hacker tried to infiltrate one of the Village Bank’s systems, but DefenseStorm nipped the attack in the bud. DefenseStorm not only enabled the bank with an automated framework to meet its regulatory requirements but also helped in assessing the risks and prioritizing necessary actions to mitigate them. Unlike other solutions that provide stale cybersecurity incidence reports, DefenseStorm is generations ahead with its real-time anomaly detection capabilities.
At a time when banks and credit unions have turned into high-value targets for cybercriminals—with millions of cyber incidents reported every day—DefenseStorm is standing up to the challenge, empowering banks with a specialized cybersecurity and cyber compliance platform, DefenseStorm GRID. The platform is designed as a bundled offering that comprises software and services. “Enabled with cutting-edge cybersecurity and automated cyber compliance features, the cloud-based platform is offered to banks in a co-managed security service model,” says Steve Soukup, Chief Revenue Officer of DefenseStorm. These capabilities allow banks to remain one step ahead of the cyber attackers and be accountable to their customers, examiners and Board. “At a time when companies are moving away from adopting point solutions for cybersecurity due to lack of expertise in optimizing their performance, our bundled offering uniquely fits the bill in the banking industry,” adds Soukup.
Bad actors look to exploit the chinks in the bank’s armor to create maximum damage. They often aim to take over the non-critical systems of a bank before making their way to the crown jewels in the institution. Those jewels are the personal account holder information and funds that banks keep for their account holders. DefenseStorm GRID tackles these sophisticated attacks comprehensively. The platform ingests a huge amount of data, both from critical and non-critical systems, in the cloud for analytics. The insights generated help banks make informed decisions to address cyber risks.
Traditionally banks collect security data logs, but they lack actionable intelligence to filter false positives. Alert fatigue sets in and apathy and volume prevent security teams from paying attention to the sea of alerts they face daily. For instance, People have become immune to hearing car alarms to the point of ignoring them. However, they still response expeditiously to fire alarms when they go off.
Our unique subscription-based services approach resonates with our clients as we replace the need for heavy investment on rigid black box software and cybersecurity experts with a nimble and intuitive all-in-one package
Pattern Scout is a functionality in the platform that detects anomalies based on location, time, and even user behavior, and prioritizes them to find and neutralize the threats immediately. Alert Derivatives is another feature that allows multiple alerts to be combined in a unique way to discover the threats that are hidden deep into the bank’s network.
Unlike typical banking technology implementations that take several months or even a year, DefenseStorm’s GRID can be implemented in four weeks. The first week is dedicated to the documentation of the devices, equipment, technology, and the network. In the second week, DefenseStorm begins the data ingestion process (into its DefenseStorm GRID platform). During this week, the client’s teams are trained on site on security, compliance, and reporting. Week three and four are mainly focused on enabling collaboration between banks’ IT teams and DefenseStorm’s SOC teams in defining escalation paths, designing interaction models, and preparing clients to respond swiftly during threat incidences. With three security operations centers (SOCs) in Georgia, Washington, and North Carolina, DefenseStorm’s SOC teams ensure 24/7 security incident response. The teams track alerts, false positives, and triage threats via DefenseStorm GRID.
With DefenseStorm, banks no longer need to go in search of cybersecurity experts (who are already scant, always in high demand, and therefore expensive to afford.) The company’s TRAC team acts as a force multiplier for their clients, acting as an extension of their team to combat this dynamic. DefenseStorm also offers onTRAC Advantage subscriptions to further fill the talent gap existing in the cybersecurity arena. The program comprises Active Defense, Active Compliance, and Virtual CISO (vCISO) subscriptions. Through Active Defense, banks’ employees improve their vulnerability management skills by undergoing social engineering and security awareness training regularly. Active Compliance equips teams with knowledge on designing compliance reports and optimizing cybersecurity controls and policy enforcement and monitoring. Incident response planning and participation allows banks to build and test incident response and business continuity plans with their Board or executive team. DefenseStorm’s vCISO offering provides a security expert who can partner with clients’ internal teams and deliver CISO-level strategic guidance, planning, and execution oversight. “Our unique subscription-based services approach resonates with our clients as we replace the need for heavy investment on rigid black box software and cybersecurity experts with a nimble and intuitive all-in-one package,” says Soukup.
Passionate about educating banks on cybersecurity trends and best practices, DefenseStorm has been building strong relationships in the banking industry. The company also plans to continue enhancing its monitoring and fraud prevention programs to root out the increasingly sophisticated and targeted cyberattacks.