How MDS’ “C3RES” Solution Can Address the RaaS  Epidemic  

Written By: Ashley Pusey, J.D., Privacy, Legal & Compliance Lead, Maureen Data Systems and Chris Arndt, Security Principal Lead, Maureen Data Systems

We often look at privacy and security as two separate pillars—when, in reality, they are very much inter-connected.  An organization cannot have privacy without thoughtful security measures in place. As ransomware and cyber-attacks continue to make the headlines of mainstream media, organizations should proactively approach smart Privacy Policy with strong Security Hygiene.  As discussed in our blog post, Ransomware as a Service: The Service that Indiscriminately Attacks, the Kaseya breach was a prime example that demonstrates how hackers can customize their extortion demands based on the size of an organization and their anticipated windfall.

So, how does an organization take a proactive approach to security and privacy? By discovering its weaknesses! It is prudent for an organization to find its vulnerabilities BEFORE a nefarious actor does. Not only will this demonstrate best practice, but it may serve as evidence of good faith efforts, which is particularly important for publicly traded companies.

At MDS, we recently deployed services to address these very issues.  As indicated in the diagram below, our Continuous Comprehensive Cybersecurity Risk Evaluation Services (C3RES, pronounced “CERES or “series”), provides a comprehensive risk assessment, identifying the vulnerabilities in an organization, including upstream and downstream vendors in a supply chain.  Through our C3RES, MDS can assess any enterprise within a client’s supply chain.  Our C3RES will provide our customers leverage over their vendor relationships to influence negotiations and risk management. 

By identifying the vulnerabilities within an organization, MDS can provide solutions to mitigate cyber threats and improve your organization’s overall cybersecurity score report.

The graphic below – Figure 1, as part of the MDS C3RES, is a key component of what you can get from our service.  The RANSOMWARE SUSCEPTIBILITY INDEX is an indicator of how likely your external facing infrastructure is seen by an adversary to be compromised by Ransomware.  We look at your organization that way, and gain recon and even competitive intel.  The DATA BREACH INDEX is how likely you are to be breached, based on key supporting factors that our service uncovers, and what could be found in that breach, for example, see figure 2.

Figure 1

Figure 2

Figure 3

Powered by Black Kite.

 

Disclaimer: The diagrams above are for demonstrative purpose only. In no way does MDS affirm or warrant that a customer will generate the same C3RES report as indicated above. Each vulnerability assessment, as well as MDS’s recommendations, is subject to vary and/or change depending on the customer. 

The material and information provided in Maureen Data Systems (“MDS”) Content are for general information only and should not, in any respect, be relied on as professional advice. The MDS Content shall be construed as author-based content and commentary. Accordingly, no warranties or other guarantees are offered as to the quality of the opinions, commentary or anything else appearing in such MDS Content. MDS expressly reserves the right to delete stories at its and their sole discretion.

 

“An organization cannot have privacy without thoughtful security measures in place. “

 

Reach out to an MDS expert now and we will get back to you shortly!

Share This