Bret Padres, CEO
Cyber threats are growing as the world becomes increasingly digital and interconnected, with network intrusions and major data breaches now occurring on a daily basis. While most enterprises are aware of the need to create an optimal security infrastructure that will blunt these attacks and protect their operations and sensitive data, they also face challenges in developing and maintaining the deep understanding of cybersecurity techniques that is required to stay ahead of increasingly sophisticated threat actors and ever-evolving security-related technologies and approaches. Accordingly, many organizations are turning to outside specialists whose stock-in-trade is to help them improve their digital security posture, manage the risks and threats associated with cybercrime, and when necessary, respond to cyberattacks and minimize their damage.
One consulting firm that is growing rapidly in this environment is The Crypsis Group. The company’s seasoned team of nearly 100 cybersecurity experts is on a mission to create a safer online world by providing its clients with the highest quality incident response, risk management, and digital forensics services.
Crypsis consultants respond to all manner of incidents including ransomware, business email compromise, web server compromise, credit card scraping, and state sponsored intrusions.
In many cases, the company is introduced to a client that is in the throes of dealing with a cyberattacks. When that happens, says Crypsis CEO, Bret Padres, “our objective is to respond quickly and verify that the attack has occurred, identify how it happened, eliminate the threat, and then apply a layer of sustainable threat protection solutions to prevent further intrusions.”
There is a lot we can do to build a more effective cybersecurity program for clients and thereby reduce opportunities for a cybercriminal or other threat actor to gain access to a network
Because time is of the essence and the client is typically under a great deal of stress, Crypsis has developed a system that enables its experts to immediately and remotely collect the client’s data, analyze it to evaluate the attack, and take prompt actions to stop the attack and eliminate the intruder from the network. Once that is accomplished, the firm works with the client to develop a strategy for shoring up its cybersecurity infrastructure.
Ideally, however, the company strives to serve its clients before an incident occurs. “Our experts will examine and study clients’ working environment and security posture, with an eye toward determining how they can harden their defenses against cyberattacks and better manage their overall cyber risk,” says Padres. “There is a lot we can do for clients to help them build a more effective cybersecurity program and thereby reduce opportunities for a cybercriminal or other threat actor to gain access to a network.”
In addition to battling threat actors from the far corners of the so-called “dark web,” Crypsis experts are often called in to investigate insider threat cases, typically involving employees exploiting their authorized access to steal intellectual property or cause damage to company systems and information. In one recent case, Crypsis was approached by a company that suspected an ex-employee had stolen proprietary data and was going to sell it to a competitor. The Crypsis consultants analyzed the ex-employee’s laptop and discovered that they had transferred a huge amount of data to their own cloud account. Using this as evidence, the client obtained a judge’s restraining order to prevent the data from reaching its competitor.
Crypsis has many such client success stories to tell, having handled 650 data breach cases in 2018 alone and expecting to address more than a thousand cases this year—in addition to expanding its cyber risk management consulting practice— as it continues to add to its team of expert consultants.