“You need to have an action plan for cyber incident response”, with Jason Remilard and Sanford Wilk

You need to have an action plan for cyber incident response. It sounds complicated, but it’s not. Think of it as knowing when to apply a bandage to a small wound versus rushing to the emergency room for major chest pains. You should have a professionally written plan in place to mitigate loss if you […]

Thrive invites voices from many spheres to share their perspectives on our Community platform. Community stories are not commissioned by our editorial team, and opinions expressed by Community contributors do not reflect the opinions of Thrive or its employees. More information on our Community guidelines is available here.

You need to have an action plan for cyber incident response. It sounds complicated, but it’s not. Think of it as knowing when to apply a bandage to a small wound versus rushing to the emergency room for major chest pains. You should have a professionally written plan in place to mitigate loss if you lack an onsite cybersecurity professional. It’s part of the cost of doing business in our current environment.

As a part of our series about “5 Things You Need To Know To Tighten Up Your Company’s Approach to Data Privacy and Cybersecurity”, I had the pleasure of interviewing Sanford Wilk.

Sanford has been working in professional IT roles for over 20 years. His positions have included everything from product management to CTO. He currently is the COO of DIGIGUARD CYBERSECURITY based in Manhattan. DIGIGUARD specializes in strictly SMB cyber protection and defense.

Thank you so much for joining us in this interview series! Before we dig in, our readers would like to get to know you. Can you tell us a bit about how you grew up?

I grew up in the generation before the creation of the internet. If I needed to do research for a school assignment, a trip to the library was required. My first computer was a Radio Shack’s TRS-80 when I was in my early teens. I am a geek at heart but still maintain old-school values and skepticism.

Is there a particular story that inspired you to pursue a career in cybersecurity? We’d love to hear it.

It wasn’t a single experience that motivated me to move towards working within a cybersecurity company. They approached me for my lengthy tech background and my business training (MBA in the ’90s from Tulane). When the offer was made, I had already seen countless breaches of business data throughout both small and large organizations. My own personal information had been stolen during the infamous Equifax breach and that incident just added fuel to my burning frustration.

Can you share the most interesting story that happened to you since you began this fascinating career?

The formation of DIGIGUARD CYBERSECURITY by its founding members is probably the most interesting story that I can share. When we got together to decide the product line and service goals for launching the organization, we noticed a huge gap in the market. None of the competitors were focusing strictly on small business. In fact — the competitors were doing everything in their power to avoid them. In the eyes of vast majority of cybersecurity teams, a small business lacked funds and potential longevity. We felt that the opposite was true. Sure, most SMB owners and managers do not understand cyber risks but that was our sweet spot. We understand small business and can always find ways to work within limited budgets while companies expand and grow. That organic formation of DIGIGUARD was the most complex and most interesting story of my entire IT career. It was the culmination of decades of business IT exposure and research.

Are you working on any exciting new projects now? How do you think that will help people?

We just finished our initial rollout of our WFH (Work From Home) product line. It gives SMB owners and managers the capacity to offer their WFH employees the same high level of cybersecurity that has been strictly reserved for large organizations in the past. We found cost effective, affordable solutions for SMB’s to secure, protect and even monitor employee performance. We even launched a 24/7 live phone help desk that is wholly US-based as part of the package. Cost is no longer a barrier for effective cybersecurity protection for the small businesses that utilize this product line. They get the same level of protection typically reserved for large companies. I am excited about the product and feel that it couldn’t come at a better time since most employees are working remotely due to COVID.

What advice would you give to your colleagues to help them to thrive and not “burn out”?

Steady as she goes. Keep your focus on the charted course and don’t get flustered by politics. Science and fact will prevail and it’s your job to repel hostile invaders. Focus on that idiom and ignore the noise. There’s a (cyber)war going on and only you can keep your client’s information safe.

Ok super. Thank you for all that. Let’s now shift to the main focus of our interview. The Cybersecurity industry, as it is today, is such an exciting arena. What are the 3 things that most excite you about the Cybersecurity industry? Can you explain?

I am happy that the cybersecurity industry is getting more recognition in the press. This excites me because most business owners and managers leave cybersecurity out of budgets and even thought processes. Entrepreneurs haven’t considered attacks such as ransomware extortion or data theft as a critical issue in the past. It’s hard enough to focus on competitors, product quality and profitability these days. The concept of protecting company and customer data has never been at the forefront of business management thinking. The more emphasis placed on cyber protection by the media, the harder it will be for cyber criminals to breach any organization. It’s a discussion that is finally starting to become a mainstream topic.

Looking ahead to the near future, are there critical threats on the horizon that you think companies need to start preparing for?

Do you have a story from your experience about a cybersecurity breach that you helped fix or stop? What were the main takeaways from that story?

We recently had a medical office that experienced a forced breach (hack) and subsequent ransomware demand of 30,000 dollars. The cyber blackmailers insisted that they be paid in cryptocurrency and there is no way to assure that the attacker will release our client’s information. Like most extortion schemes, ransomware usually isn’t the end of parasitic behavior. Even if the black hatter releases the death grip on the business files, they are likely to come back for more. We offer ransomware mitigation services and we will try to negotiate with the attacker, but we still maintain the stance that blackmailers should not receive ransom. In the end, our client was able to unlock their financial and patient medical files, but the lesson here was one of economics. If the client would have considered preventive measures before the attack, the financial loss would have been totally eliminated. It’s a real irony that this happened to a small medical group that promotes prophylactic prevention to its patients yet wouldn’t heed their own advice.

What are the main cybersecurity tools that you use on a frequent basis? For the benefit of our readers can you briefly explain what they do?

Our solutions are customized to each particular client and their individual needs. There is no standardized prevention or treatment solution. We use a combination of individual components that are also independently tailored to the business. We do not recommend off-the-shelf solutions without professional cybersecurity advice, guidance and consistent monitoring.

How does someone who doesn’t have a large team deal with this? How would you articulate when a company can suffice with “over the counter”software, and when they need to move to a contract with a cybersecurity agency, or hire their own Chief Information Security Officer?

DIGIGUARD CYBERSECURITY was formulated around the elimination of this dilemma. Our entire business model is based on the creation of affordable and scalable solutions that grow with the SMB. All of our clients receive the benefit of an outsourced US-based CISO from the first day they sign with us. It’s our standard.

As you know, breaches or hacks can occur even for those who are best prepared, and no one will be aware of it for a while. Are there 3 or 4 signs that a lay person can see or look for that might indicate that something might be “amiss”?

Symptoms of breaches include strange and unfamiliar messages appearing on user screens, unusual firewall activity (IP traffic to/from Russia, for instance), or multiple failed logins. You can also look out for spear phishing, a phenomenon typically pointed at decision makers and specially designed to look legitimate. We have developed specific training for entrepreneurs so they can learn how to differentiate spear phishing from legitimate emails.

After a company is made aware of a data or security breach, what are the most important things they should do to protect themselves further, as well as protect their customers?

There is no standardized approach to penetrations or breaches, since each cybersecurity incident is unique in some way, shape or form. We always recommend that you contact a qualified cybersecurity professional if you suspect a breach or notice unusual activity within your IT. Only an experienced cybersecurity professional will know which threat is real or what symptoms are false positives. Do not rely on hunches, guesses, assumptions or the internet to diagnose a cybersecurity threat. Even the smallest overlooked symptom can lead to large losses.

How have recent privacy measures like The California Consumer Privacy Act (CCPA), CPRA GDPR and other related laws affected your business? How do you think they might affect business in general?

All of these new regulations deal predominately with privacy. We do not currently address privacy or security of websites unless they collect individual data or transmit it to our clients. An example of that is HIPAA privacy, which we do incorporate into our solutions. We also do not currently address how or if our clientele sells or volitionally transfers information. We specialize in keeping client information protected and safe. Privacy violations that are not malicious (and the result of outside attacks) are not addressed under our product line.

What are the most common data security and cybersecurity mistakes you have seen companies make?

The number one mistake is lack of protection. Most SMB’s start their conversation with DIGIGIGUARD SECURITY lacking even basic virus protection or simple firewall security. The second largest mistake is the lack of employee training. Since most SMB’s lack an internal IT professional, employee training and support rarely exists. The vast majority of breaches that we see on a daily basis start with SMB employees not understanding simple, basic email hygiene. After a security evaluation is complete, we immediately discuss employee training with management. It is a huge priority for us. Once again, it is an example of that old cliché about an ounce of prevention. And employees enjoy the training since phishing and other scams also infect their personal email. Our employee cybersecurity training reaches into all aspects of modern IT communications — not just work.

Since the COVID19 Pandemic began and companies have become more dispersed, have you seen an uptick in cybersecurity or privacy errors? Can you explain?

Please see a great article that interviews a member of our team: https://www.insurancebusinessmag.com/us/news/cyber/fbi-sees-a-400-increase-in-reports-of-cyberattacks-since-the-start-of-the-pandemic-231939.aspx

If you seek a specific quote from me on this topic, I am happy to requote any portion of what Harvey said in his interview.

Ok, thank you. Here is the main question of our interview. What are the “5 Things Every Company Needs To Know To Tighten Up Its Approach to Data Privacy and Cybersecurity” and why? (Please share a story or example for each.)

  1. Every business, no matter how small, needs to understand their risk. A cybersecurity-trained (tested/qualified) professional should evaluate the business’s current IT usage and potential growth. If the business doesn’t get evaluated, the entrepreneur cannot understand their risk. Everything we do starts with an evaluation.
  2. Training is paramount. Employees are the mechanism by which most breaches occur. A knowledgeable employee that has had proctored training is significantly less likely to open the door on malicious activity. Not training your employees will ultimately result in a horror story with grave losses to productivity and revenue.
  3. All businesses in all market sectors need their own individually tailored cybersecurity policy that is uniquely crafted to the organization. A solid set of rules will close the unsecured doors and windows that outside criminals typically use for entry.
  4. You need to have an action plan for cyber incident response. It sounds complicated, but it’s not. Think of it as knowing when to apply a bandage to a small wound versus rushing to the emergency room for major chest pains. You should have a professionally written plan in place to mitigate loss if you lack an onsite cybersecurity professional. It’s part of the cost of doing business in our current environment.
  5. Every organization needs ongoing maintenance and support for their business IT infrastructure. Putting a solid cybersecurity solution in place offers no real value if you do not update and maintain that solution. You also need to consider your growth. When DIGIGUARD CYBERSECURITY reevaluates a client on a regular basis, we look towards their future — not just their past. A well-trained and experienced cybersecurity professional is there for more that just emergency response. They earn their weight financially by anticipating problems before they happen.

You are a person of enormous influence. If you could inspire a movement that would bring the most amount of good to the most amount of people, what would that be? You never know what your idea can trigger. 🙂 (Think, simple, fast, effective and something everyone can do!)

As you might have noticed by my answers, we are a BIG promoter of knowledge. Advocacy is the only way to truly eliminate cybercrime. Your article(s) are already an indicator that education movement. I am simply a knowledgebase. 🙂

How can our readers further follow your work online? www.digiguardsecurity.com

This was very inspiring and informative. Thank you so much for the time you spent with this interview!

You might also like...


“Establish a security program”, With Jason Remillard and Stuart Lerner

by Jason Remillard

Lisa Easterly of the San Diego Cyber Center of Excellence (CCOE): “Say thank you”

by Tyler Gallagher

James Campbell of Cado Security: “Always be prepared for a breach”

by Tyler Gallagher
We use cookies on our site to give you the best experience possible. By continuing to browse the site, you agree to this use. For more information on how we use cookies, see our Privacy Policy.