In both our personal and professional lives, the saying “You are who you surround yourself with” holds significant weight. This concept extends beyond human relationships into the realm of vendors and service providers we choose to work with. This includes our ISP, major line of business applications, and those who support your cybersecurity stack. In the constantly evolving field of cybersecurity, you must have trusted and thoroughly vetted vendors. Exploring the far-reaching consequences of these decisions underscores why BLOKWORX assumes a leadership role in meticulous vetting processes, placing a premium on diversity within our security services stack.

Your ISP Matters

Have you ever stopped to consider why one network might be $200 and the same connection speed is $100 from a different carrier? It’s really the underlying technology that makes the difference. This is particularly evident in four areas.
  • Resiliency: Some ISPs will say they have resiliency and redundancy built in, but you learn after the fact that that really only applies to portions of their network, and of course it’s not the low-cost portion.
  • SLAs and Support Time: Did you buy business class or broadband connection? Business class will have SLAs around uptime and time to restore, as well as extended support hours. Broadband on the other hand likely limits support to during business hours, and doesn’t prioritize outages for repair.
  • Designed for Self-Defense: Can the network withstand DDOS attacks? For how long? Is it built to survive extended attacks?
  • Content Filtering: How strict is the carrier on what content/traffic it allows on the network? In Brian Krebs book, Spam Nation, he calls out Hurricane Electric for facilitating spam kings flooding people’s inboxes from Russian sources because they were one of the main culprit’s ISP partners. Immediately after he called this to the attention of Hurricane Electric, they cut ties; however, think about the collateral damage if you were a fellow Hurricane Electric customer likely impacted via blacklisting and spam reports. Just as in life, with an ISP, you become who you associate with whether you’re trying to or not.
Now, let’s take it a little bit closer to the end user with a look at a recent attack affecting Microsoft.

Is Microsoft a Security Company?

As reported by SecurityWeek, Russian government hackers successfully pilfered email data from senior executives, heightening concerns about the security of the digital ecosystem we navigate daily. Anyone that has a Microsoft-affiliated email address was also potentially impacted from an email deliverability and blacklist perspective. Beyond that, it’s extremely concerning that the company behind the operating system that runs over 1.4 billion of the world’s computers was breached in this way to begin with.

Now, we’re not telling you to abandon Microsoft (as we write this on Windows PCs), but perhaps you should reconsider if you’re utilizing Windows Defender as a core tenet of your cybersecurity stack. A prominent tech industry player fell victim to cyberattacks, reinforcing the notion that the security of your digital infrastructure is only as robust as the weakest link. Vendor selection, diversity, and layering are a pivotal aspect of your cybersecurity strategy.

What Does this Have to do with BLOKWORX?

BLOKWORX recognizes the critical importance of thorough vetting, committing to a comprehensive process to align with top-tier vendors while maintaining accountability. We pledge a commitment to security over any particular vendor This plays out in:

  • Our quarterly vetting process of new vendors to the cybersecurity space
  • Our daily testing of our tools in sandboxes and firing ranges,
  • Our consistent push to drive our vendor partners forward to best meet our Partners needs.

This is also why you’ve seen the latest addition to our core products adding EDR to MAED and adding CDR to SCUD. While MAED and SCUD alone are strong protectors that have served our community extremely well for several years, we’ve recognized that the threats are continuously evolving and our offerings need to evolve with them. The strong prevention bases of our flagship products remain unchanged, but the added layers enhance the protection, and our actionability in keeping you safe.

Selecting vendors transcends a one-size-fits-all approach. It demands thoughtful consideration of the upstream and downstream impacts of each decision. In the cybersecurity landscape, your organization becomes intricately linked with the strengths and weaknesses of your chosen vendors. Choosing a service provider is akin to deciding between a Hyundai and a Porsche – both vehicles but with significant differences in performance, reputation, and features.

You Are Who You Surround Yourself With

Defending livelihoods in the digital age necessitates a holistic approach to cybersecurity. The choices we make in selecting vendors not only affect our immediate operations but also shape our overall resilience to cyber threats. By embracing diversification, conducting thorough vetting, and prioritizing cybersecurity, organizations can fortify their digital infrastructure against potential breaches, contributing to a more secure and interconnected digital ecosystem. In the world of cybersecurity, it is paramount to remember that you truly are who you surround yourself with.