Skip to main content
All Posts By

Paradyn

Compliance is key in the world of data

Paul Casey, chief operations officer at Paradyn: ‘We need to make sure and constantly verify that we’re still allowing the right people access to the right areas and no more and no less than that.’

 

Four years have passed since GDPR came into play and from it both challenges and the knowledge facing privacy are increasing

It’s easy to forget the panic surrounding GDPR before its introduction in May 2018, which forced organisations to treat data with the seriousness and care it deserves.

Four years later, its influence has been greatly felt in how businesses deal with data and their responsibilities, much to the point where data breaches and fines regularly appear in the news.

“What it’s done is it put the concept of personal information to the forefront of every business owner’s mind,” Paul Casey, chief operations officer at Paradyn, said. “You should be thinking about it early in the process; it should be in the initial planning phases.”

“There’s probably more of a focus on data protection with cases appearing in the news. At least once a month, there’s some new headline and that is solidifying that this is the standard and it’s here to stay.”

Casey brings up an interesting point that while GDPR has been around since 2018, the pandemic happening two years later changed the landscape.

With all workers moving off-premises and many likely staying that way into the future, either as fully remote or a hybrid model, data protection is now more complex than before. Now the onus is on protecting data in different locations like the cloud.

“If they’re working from home, there’s so much between where they are and your organisation’s data,” he said. “You have to make sure you can verify it’s the right person from the right location getting to the data and not somebody else in-between.”

It’s why practices like zero trust – which requires all users to be authenticated, authorised and continuously validated for security before being granted or keeping access to data, no matter where they are in an organisation’s network – are becoming so popular. The boundaries separating organisations and access have disappeared completely.

“A lot of organisations are putting in the components of a zero-trust architecture without having that as a strategic end goal,” he said. “They did that to cover the risk of employees at home, verifying that it’s still that person.”

“We need to make sure we put those divisions in place and the previous IT infrastructure idea of the corporate networks being your castle where everyone inside is safe and trusted and everyone outside are the bad guys, that’s long gone.

“We need to consider people behind the walls as much as those outside it are working for the bad guys and we need to make sure and constantly verify that we’re still allowing the right people access to the right areas and no more and no less than that.”

Focusing on ensuring all of these things are covered is more difficult when considering the global skills shortage in cybersecurity. Having a dedicated team in-house is a luxury only major multinationals can afford, so for most organisations, outsourcing security is the only way.

It’s why services like Paradyn SOC and SIEM are growing in popularity, but as Casey mentions, many don’t know where to start.

The good news is that there are cybersecurity frameworks to base your protections on, such as ISO 27001. They can help break down your responsibilities and requirements into more manageable chunks so you can assess where your blind spots are.

“When you look at it from a holistic, big picture side, it gives an IT manager or director of IT a roadmap on what to do,” he said. “It’s all measured out, there are milestones, KPIs, and they can show that the organisation’s security posture is going in the right direction.”

“If you’re not operating on one of these frameworks, it ends up being piecemeal and you won’t be aware of the gaps in these projects you’re running.”

The benefit of that framework and measuring it is that you have something tangible to show those at board level about the effects of your security measures. By presenting it in a way that they understand, it makes it easier to show how vital security is to the organisation.

There is further scope for encouragement with the EU organisation ENISA (the European Union Agency for Cybersecurity), which is trialling certification for cloud products ensuring that they’re up to a certain standard.

Similar to the standard ISO 27001 provides, it will give further confidence that organisations are treating data with the protection and care it deserves and is expected to come into play in 2023.

“It’s good to see this evolution because they’ve seen we’re missing a spot there,” Casey said. “They said, what can we do to validate and express confidence in these cloud environments, where all of our data is held at the moment?”

“If you look at cybersecurity budgets – and it isn’t necessarily an IT function, it’s an organisational function – there’s a big portion of that which relies on IT doing what it needs to do to protect where the data is.”

“They’ve almost all come together in a line to emphasise organisations’ responsibilities to protect the data. Whether it’s on-premise or in the cloud, paper or digital, personal data or additional bits, you protect it with the same best practices.”

Click here to discuss your GDPR requirements in more detail.

Taking Security to the next level with visibility a key element

Fergal Meehan – Head of Government relations at Paradyn

 

As attack surfaces evolve and change thanks to a new way of working, new security frameworks like SASE are rising to the challenge.

With the development of the past few years, as remote working is now part and parcel of many businesses, tracking everything you need to protect is a greater challenge than ever. With the average worker using multiple devices to log into the same accounts, there’s a greater impetus to track what’s on the network.

That means the attack surface for the average company is now more expansive than ever and requires the approach to education, technology and policies to be updated and expanded. Not to mention other concerns as highlighted by Fergal Meehan, head of Government relations at Paradyn.

“The tools and technology are out there, but it’s knowing how to position it, remediate concerns and figure it out in a cost-effective manner,” he said.

It’s why security frameworks like SASE (Secure Access Service Edge), which was originally coined by Gartner in 2019, are coming to the fore. In layman’s terms, SASE brings all security and connectivity tools and technology together into one single cloud-delivered solution.

Tools like DNS security, machine learning, data analytics and cloud-driven firewalls are all built into the same system, allowing you to connect users and deliver technology solutions that keep them secure.

Meehan sums up the benefits as allowing flexibility, reducing costs and enabling new digital business scenarios. In short, IT managers can adapt and tailor it around the everyday demands that a business and its departments have.

“We’re in an era where every business unit in an organisation survives on IT,” he added. “SASE works off the zero trust model and brings elements like full-content inspection, allowing you to integrate with your SASE solution.”

The critical component throughout all of this is visibility. As Meehan mentions, you can have all the technology solutions in the world, but if you don’t know what you’re protecting or see what’s covered, they’re not going to be effective.

Zero trust is where this process starts and creating an itinerary of devices connected to the network, your IT architecture, and similar assets is the first step to knowing what to protect.

With SASE, you can see everything with full identity awareness. Regardless of where a person is logging in, you have the relevant information needed for your business to stay safe, including what applications they’re using.

That visibility also brings an unintended benefit that is important to good security posture: reporting. Whether it’s daily, weekly, bi-weekly, monthly or in-between, having reports gives your company an extra level of awareness that can only benefit them in the long run.

This heightened awareness is beneficial, but it’s only good if you have the necessary measures to mitigate an attack, something companies can tend to forget about until a zero-day exploit happens.

“The technology is there to monitor so you’re aware of your inventory and where it’s at with updates, but it’s getting that reporting back down to the desk of the person responsible,” he said.

“Once you normalise that, it brings another checkpoint where you can decide to move from quarterly patch management to bi-weekly because these updates made you aware of what’s required.”

While protection is important, giving the business the necessary breathing space to operate in is also required.

For most IT managers, the challenge is finding the middle ground between protection and accessibility, and the good news is that more tasks like patch management are automated, taking away much of the regular heavy lifting.

Having all these security measures is pointless unless you have a suitable mitigation strategy, with back-ups being a key element of this strategy. Paradyn itself practice this through its service Vault365, which leverages the cloud to back up an organisation’s Office 365 infrastructure. As long as you’re aware that you need to protect the data in the cloud, you will have peace of mind.

Taking such measures isn’t just for convenience; it also meets compliance and data protection requirements. Showing your work goes a long way to reassuring auditors, stakeholders and customers that you’re handling data responsibly.

“At the end of the day, it’s to get to a point where all you need is an executive report saying these tasks are successfully completed, that you’re now in this state, and you can tick these boxes around compliance and data protection,” Meehan said.

Click here to discuss your security requirements in more detail.

Paradyn invests €500,000 in new Vault365 backup service

Cillian McCarthy, CEO, Paradyn and Pat Downing, Commercial Director, Vault365

Vault365 is a brand-new backup solution for data stored on premise and in cloud applications, including Microsoft 365

Paradyn, one of Ireland’s leading cybersecurity service providers, is today announcing it has invested €500,000 in the launch of Vault365, a brand-new all-in-one backup, ransomware and data protection solution for data stored on premise and in cloud applications, including Microsoft 365. The solution has been designed to enable the fastest data restore in the industry.

The company forecasts revenues of €750,000 in 2023 following the launch and is creating five new jobs over the next 18 months. Initially available for Irish-based customers, Vault365 plans to roll out their backup services in the UK within the next six months.

As Office 365 will only retain data for up to 90 days, Vault365 securely backs up and eliminates the risk of data loss on Exchange Online, SharePoint Online, OneDrive for Business and Microsoft Teams. The easily-managed solution, which includes a Backup-as-a-Service (BaaS) option, also protects physical servers, virtual servers, cloud and Software-as-a-Service (SaaS) applications such as Salesforce. Businesses can leverage powerful search tools, fast and flexible recovery, and export options to perform eDiscovery across their entire backup environment.

All data is securely hosted at Vault365’s Irish-based data centres. This ensures local access to data if needed and minimal downtime in the event of an incident, with speedy disaster recovery enabled. Should any incident occur, including a ransomware attack, customers can quickly recover data with the fastest data restore in the industry. Customers also have control over their own data with secure and easy-to-use portal access.

Vault365 is hiring in the areas of sales and support to meet customer demand for increased data backup and security in an ever-evolving IT landscape. The company will be engaging with customers across private and public sectors.

Businesses can avail of a 30-day free trial of backup for Office365 following the launch of the new service.

Cillian McCarthy, CEO, Paradyn: “Proactively protecting data has never been more important in a world where security risks are higher than ever. We are one of a few Irish companies offering this service, which we’re launching to meet customers’ increasing backup and security needs for their mission critical data, regardless of where it is.. There is a common misconception that backup is included with Microsoft, and a solution like this is crucial for businesses to avoid irreparable loss or theft of their Office 365 data.

“Our engineers are experts in their fields, and Vault365 enables business continuity which, in turn, offers peace of mind to customers. We are also excited to make the solution available to our UK customers within the next six months. With Vault365, data is always protected and accessible in today’s uncertain technology landscape.”

Click here to discuss your backup requirements in more detail.

First things first in security

Paradyn COO – Paul Casey

Cyber crime as a service is the new reality, and businesses need to fight back with better defences. They can start by getting back to basics.

Remote working. Previously unknown exploits. Phishing. Smishing. Ransomware. Compliance. It’s a cliché to call the internet the Wild West, perhaps even an insult to the denizens of the old West, but the reality is that businesses today are under extreme pressure to ward off cyber attacks.

Businesses know this, but the question is: do they know how to respond to it?

“There is, I think, a recognition that the threat landscape has changed,” Paul Casey, chief operations officer at network IT and service management solutions company Paradyn, said. Legislation has had an impact, of course, notably the EU’s general data protection regulation (GDPR), which has lit a fire under companies that hold or process customers’ personal data.

“Following on from the likes of GDPR there is a lot more compliance among medium and small enterprises. Of course, large pharma, banking and governments were already used to a level of compliance,” he said.

Casey said that one of the important aspects of GDPR was that companies had to not only do the right thing, but demonstrate good faith. Insurers, too, want to see the right policies in place, otherwise they may adjust rates or even remove cover. “Even from an insurance perspective, businesses are looking to demonstrate that they’ve done the right thing,” he said.

Clearly, then, the pressure is on. There are methodologies out there, though, that can help, notably from the Centre for Internet Security (CIS) and National Institute of Standards and Technology (NIST), adherence to which can give businesses confidence that they are doing things right.

“Were doing a lot with CIS controls. There’s another one, NIST, and there’s also ISO 27001. They all work in similar ways: what they do is allow an organisation to examine and understand everything they do.” Casey said that adherence to these standards led to what he called ‘security hygiene’. “Cyber security hygiene is like personal hygiene: you will be more prone to infection if you are not looking after hygiene,” he said.

Despite the whirlwind of change, businesses have a responsibility to themselves and to their customers, one that is increasingly present in law. “The boundaries have all moved, but the fact is you still have to control things. You need to find out where you’re doing well and where you’re not and work from there,” he said. “That’s where the frameworks come in.”

The goal is a different way of thinking about security, one that means stepping back from saying ‘right, I need another box with lights on it’ and instead looking at the data, systems and network that run a business. ‘It’s really not about putting another box in,” he said.

In fact, businesses often trip up on basic measures including things such as patching and updates. The threat from this seemingly trivial fault is very real indeed and businesses may find they are entirely exposed as a result, especially as so-called ‘zero day’, or novel, exploits are on the rise. “The Chrome browser has had 12 zero day exploits this year alone,” said Casey.

In any case, businesses need to get the basics right before they can move on to more complex measures. As a result, auditing processes is at the top of Paradyn’s list of crucial steps to take in the fight to protect its clients from online criminals.

“If your processes aren’t right, if your users aren’t being trained, and your users on-boarded and off-boarded correctly, then there is a problem. These are things that organisations need to think about and it requires a formalised approach,” he said.

Casey said he is not arguing there is no requirement for new technology, however.

“There are next generation tools with the capability to mitigate against new threats, but if those tools are not implemented in the right way you’re not going to get maximum benefits or, if it’s particularly badly done, you’re leaving yourself open,” he said.

Paradyn also helps to produce reports for internal teams or for businesses own cyber security teams, helping to ease the burden on often already stretched IT staff. “Keeping on top of everything that is changing – the Windows 11 rollout, all of your ongoing projects – is a difficult job as it stands,” Casey said.

But keeping on top of things is essential. A recent report in trade newspaper Computing indicated that it is not only legitimate businesses that are leaning on service providers: strange as it sounds, hackers are now offering criminal gangs ‘exploit as a service’. As a result, the only possible response is to seek external help to fight off the growing threat.

“There’s a massive demand for security services,” Casey said. Little wonder.

Click here to discuss your cybersecurity requirements in more detail.

Paradyn and Cisco DUO deliver highest levels of protection

Paul Casey, chief operations officer and Cillian McCarthy, chief executive officer, Paradyn

Paul Casey, chief operations officer and Cillian McCarthy, chief executive officer, Paradyn

Best-in-class Multi-Factor Authentication protects businesses against 99 per cent of automated cyberattacks

A data breach will turn your entire organisation’s online life upside down. Even with reasonable password policies in place, people are still the weakest link in the security chain. Social engineering can convince even the most intelligent people to enter their credentials on a phishing site or give them up over the phone. The solution is Multi-factor Authentication (MFA). Paradyn has collaborated with Cisco to provide Cisco DUO, which verifies user identity and device health at every login attempt, providing trusted access to your applications and proactively reducing the risk of a data breach.

Here are four key ways in which Cisco DUO can keep your organisation secure:

Establish user trust: verify the identity of all users before granting access to corporate applications and resources
Gain visibility into devices: get detailed insight into every type of device accessing your applications, across every platform
Establish device trust: check the security posture and verify trust of all devices, corporate and personally owned, accessing your
applications
Enable secure access to all apps: give your users a secure and consistent login experience to on-premises and cloud applications

MFA will provide your business with over 99 per cent protection against automated cyber-attacks. Cisco DUO is not only an MFA authentication solution, but will begin your journey to a complete zero trust security model that starts with a secure workforce.

“Multi-factor authentication enables IT administrators to rest much easier, knowing that they have deployed a security strategy that protects the company’s platforms and users alike, thus reducing complexity while ensuring access and boosting the flexibility of remote workers”, Cillian McCarthy, chief executive of Paradyn, said.

Paradyn is a leading provider of IT security and consultancy services in Ireland, offering a comprehensive, best-in-class suite of security services to monitor, protect and defend customers against today’s cyber security threats. Through its partnership with Cisco DUO, it provides businesses with a secure remote working environment.

 

Click here to discuss in more detail.

Paradyn and Veeam keep National Concert Hall’s show on the road

National Concert Hall Dublin

Cybersecurity experts implement watertight system for the high-profile venue

Paradyn is one of Ireland’s leading cybersecurity service providers, with a security-first approach to implementation, monitoring and ongoing support. Its team of highly trained network and security consultants deliver best-in-class advice and support, enabling customers to reduce their cyber risk and focus on delivering their core business activities.

As the trusted technology partner of the National Concert Hall, Paradyn has delivered a secure Veeam data backup, storage, and
disaster recovery solution to protect the venue’s Microsoft365 data.

Robust backup and recovery solution

Having recently rolled out Microsoft365 (including Office365) to its entire IT user base, the National Concert Hall required robust backup and recovery for this new deployment. Paradyn designed and implemented a tailored Veeam 365 Backup solution which backs up data for Mail, SharePoint, and Exchange Online.

All National Concert Hall’s M365 data is securely hosted at Paradyn’s data centres through Veeam’s technology, meaning no downtime in the event of an incident, enabling speedy disaster recover and eliminating data loss. Furthermore, the venue has access to a self-service portal where it can carry out information recovery and restores, in cases of accidental or malicious
deletion.

“Having previously worked with Paradyn, we knew we could trust them to deliver on a resilient M365 backup solution”, said Philip Deacon, IT manager at the National Concert Hall. “Hosting a busy programme of events each year with multiple clients, we are confident that company and customer information is secure with backup and disaster recovery in one, so that our business can continue uninterrupted.”

“Veeam is like having an internal backup team and this solution enables us to provide proactive, real-time monitoring to the National Concert Hall,” said Cillian McCarthy, chief executive officer of Paradyn. “It’s not widely known that M365 doesn’t come with backup, which is why a solution such as this is essential for businesses. We have created a secure environment which
enables business continuity and protects against ransomware in a challenging IT landscape.”

Click here to discuss your backup and DR requirements in more detail.

Proactively Managing Security Risks in an Evolving IT Landscape

The last year has changed the way we see and understand the world. It has proven that technology can be a game changer for economies, governments, enterprises, and people.

In today’s IT landscape, it has never been more important to stay ahead of the curve, and organisations are increasingly looking for support from managed IT service providers (MSP). An MSP can proactively monitor your IT infrastructure for updates or potential threats, seamlessly fill in-house skills gaps, and provide support to remote workers.

As remote and hybrid working is being implemented widely, it is important to understand how these new work practices could dramatically increase organisations’ exposure to cyberthreats. In the wake of numerous high-profile breaches and rapid digital transformation amid the COVID-19 pandemic, organisations across industries are looking to increase investments in security measures. According to a 2020 PwC survey, more than half (55%) of technology and security executives plan to increase security budgets in 2021. Now is the time to create a resilient cyber security programme that can help your business stay safe and protect your confidential data.

Given the rapidly changing technology landscape and increasing number of cyber threats, hiring an MSP can help businesses remain agile, control costs, quickly respond to competitive opportunities, get ahead of potential threats, and align IT with evolving business objectives.

In this blog we highlight the top five benefits of working with a MSP:

1. Increased transparency while working remotely

Due to the reduced accessibility and visibility that comes with remote working, more often than not, internal IT teams do not have the capacity to keep up with the latest cybersecurity concerns, such as firewall management, endpoint protection, malware updates, and advanced threat prevention. This is where an MSP specialising in security comes in. They can proactively monitor advanced threats and offer incident response and event investigation services to easily manage security and IT risks while working from home. This provides more transparency and prevents enterprise-wide intrusions.

They can also enhance endpoint security by enabling server security, patch updates, firewalls, and installing software against viruses. If data is compromised, it can lead to irreparable losses and damage brand reputation. Therefore, it is vital to have a secure connection and end-to-end transparency of all the devices being used for work purposes.

2. Improved cybersecurity

An MSP can take a lot of work off your hands when it comes to detecting and addressing vulnerabilities by using a more proactive approach and anticipating potential threats, especially for targeted cyberattacks.
Another added benefit – they are available (up to 24 hours a day in some cases) to take calls and resolve issues on the go, no matter where you are located.
Some MSPs, including Paradyn, can provide advanced cybersecurity offerings such as CIS Controls, to provide highly integrated approaches to security there. CIS Critical Security Controls are a globally recognised recommended set of actions for cyber defence that provide specific and actionable ways to stop today’s most pervasive and dangerous attacks.

3. Helps with compliance

Most industries are becoming increasingly regulated, particularly in terms of safeguarding customer data. It can be difficult to implement cyber security plans that also ensure compliance. If your cybersecurity infrastructure does not adhere to new and updated compliance terms, you might find yourself in breach of those regulations. Again, your MSP can come to the rescue as they stay on top of such changes in the industry, providing expertise and systems to help your company meet the various regulations, such as GDPR compliance,.

4. Access to the latest developments in the IT industry

MSPs are equipped with the latest knowledge and skills required to solve IT issues. They are highly trained and accredited, are aware of evolving trends and closely monitor the cybersecurity landscape. As a result, they can provide your business with the proactive support and systems your business needs. Additionally, as subject matter experts, they are capable of providing the best advice relating to your IT needs and safeguarding your data.

5. Peace of mind for businesses
Using a managed IT service provider can give businesses the time to focus on what they do best – running their business – and in turn, free up staff to focus on their core roles. Internal IT teams can use their time to extend services and innovate, rather than having to deal with added strain.

Additionally, as more organisations choose to stay remote or adopt hybrid models, business owners have the reassurance that their data and devices are protected by a dedicated team.

While the past year has posed a number of challenges, it also gave rise to new business opportunities and expedited developments in cybersecurity. In 2020, Paradyn launched its TotalView Operations Centre in response to the significant increase in malicious threats being faced by businesses during COVID-19.

This new facility has increased Paradyn’s managed service capability and is helping Irish private and public sector organisations to remain secure against an increasing volume of cyber threats. It also enables proactive monitoring of the potential cyber threats associated with remote working. This includes the overview of mobile device management solutions, which ensures that staff working from home can only access company networks through authorised and secure devices.

The TotalView Operations Centre gives organisations a 360-degree view of their network through Security Information and Event Management (SIEM) modules. Simply put, it helps with real-time visibility across the organisations information security systems. It also provides endpoint patching – a process of distributing and applying updates to software. These patches are often necessary to correct vulnerabilities in the software. To add to these features, the TotalView Operations Centre can also provide a broad set of integrated functionalities within a single platform with Security Orchestration, Automation and Response (SOAR). The end goal of using a SOAR platform is to improve the efficiency of physical and digital security operations. Ultimately, this level of integration and always-on monitoring system helps organisations get the most value of their cybersecurity investments.

Paradyn’s managed security services can provide a holistic view of your business environment, no matter how simple or complex it is. Why not contact us today to find out how we can improve your operational security while reducing costs.

Click here to contact us today to to discuss your security from Paradyn

The Security Process with Paul Casey – Paradyn COO

Paul Casey, chief operations officer, Paradyn: ‘A lot of cybersecurity is about getting the boring stuff right’

As anyone in the industry will tell you, there is more to cybersecurity than simply information technology: human factors are the main vector for attack, and, in the world today, the technology is the business.

 

Paul Casey, chief operations officer at Paradyn, said that with its security service practice, the goal is to help its clients with a holistic and best-practice framework to secure business assets and resources.

The bulk of Paradyn’s clients are in the government and enterprise sectors, both areas in which cybersecurity has shot up the agenda of management.

“From an IT or cybersecurity point of view, they tend to be more sophisticated than a mom-and-pop shop on the corner and would tend to have some level of internal IT, whether it’s focused on infrastructure or even has some focus on cybersecurity,” he said.

The company works with its clients to understand the business, where and how it is exposed to threats and then from there develop a strategy for keeping things secure.

Even organisations at this level where security has never been skimped on have had to learn lessons of late. And it is a tale that will be familiar to just about everyone.

“The last 18 months have put the focus on cybersecurity so much. Working practices have changed. Previously, most organisations had everyone inside the castle. Yes, you had some remote workers on the road, but generally you had a lot of control. Then a switch was flicked,” he said.

With the shift to remote work, new opportunities were created not only for businesses to move online and workers to consider relocating, but also for criminals seeking to profit from confusion and uncertainty.

The organised crime aspect of cyberattacks is what is truly different from the past, when hackers worked for bragging rights or simply to be a nuisance.

“Cybercrime is a business and a lot more money is involved [than before]. You can contract and hire ransomware organisations and split the profits. Frankly, it has been commodified,” Casey said.

The rational response to this world of professionalised crime is to accept the arms race is going on and to respond with equally professional countermeasures, he said. However, this requires more than throwing resources at the problem. Instead, the first step is to understand the risk.

“Obviously everybody is worried about ransomware, but it’s at the end of the process. It’s what happens after someone has given away credentials, clicked on something they shouldn’t have or something hasn’t been patched. We’re looking to take a step back and take a deep look at the business.

“It’s easy to get caught up in thinking ‘there’s a shiny firewall I need to buy’ or ‘I can get this software, but, ultimately, cybersecurity is a much wider thing. It’s about company culture, it’s about leadership, and it’s about business processes. A lot of cybersecurity is about getting the boring stuff right,” he said.

Casey recommends businesses look at the Center for Internet Security’s list of Controls, version eight of which is now available free online.

“CIS Controls is a set of best practices, and it forms part of what we use to identify, develop, validate, promote and sustain best practice solutions for cyber defence,” he said.

Paradyn uses a three-stage ‘gap analysis framework’ derived from the CIS Controls, during which it reviews clients’ IT infrastructure estate in order to chart the gaps in not only systems, but also processes and policies.

Casey said that the question of people and processes was too often ignored: “You do need the server guys, you do need the firewall people, but you also need to get the business processes right.”

Of course, with remote working the question of processes becomes even more urgent.

“If you look back ten years ago, what were you securing? You had on-premise users and an on-premise e-mail server, and possibly an on-premise database server. Now you have cloud to manage, possibly multiple ones, plus people all over the place, then the CEO comes down and says they want Outlook Anywhere or Office 365,” he said.

From inventory and control of hardware and software assets up to penetration testing, the right controls help protect organisations, and they also enable compliance with measures such as GDPR.

GDPR, though, is not the be all and end all of data, and issues such as intellectual property should be in the frame.

“GDPR is good, as it brought great emphasis on data, [however], the thing that I talk to companies about is that GDPR is concerned about PII [personally identifying information], but there’s more to data than PII. A lot of organisations put a lot of work into GDPR compliance, but it stops there,” Casey said.

“Cybersecurity is not just three things, it’s a thousand small things,” he said.

Click here to discuss your security requirements in more detail.

Paradyn secures €2.8 million in managed IT security deals with local authorities across Ireland

Paul Casey, Chief Operations Officer, Paradyn, and Cillian McCarthy, CEO, Paradyn

Paul Casey, Chief Operations Officer, Paradyn, and Cillian McCarthy, CEO, Paradyn

 

Paradyn has completed 14 security deals with local authorities worth €2.8 million in the past year

Paradyn, Ireland’s only end-to-end IT and communications service provider, today announces that it has won €2.8 million in new IT security contracts with local authorities across Ireland over the past year. With an increased need for comprehensive cybersecurity protection for local authority staff and citizens accessing online public services, Paradyn has secured new and enhanced contracts with 14 local authorities across Ireland.

The provider has seen a significant increase in demand for services such as managed firewall, security event monitoring and alerting, integrated network and endpoint security, and security operation centre (SOC) as-a-service.

Paradyn has also launched a new service based on CIS Critical Security Controls, which allows them to deliver a recommended set of actions for improved cyber defence for local authorities that are based on global best practice guidelines. Five local authorities have signed up for this service with combined deal values of over €150K.

The new and enhanced security offerings from Paradyn has helped to allow secure remote working for local authority staff, vastly improved email and web defence, provided proactive and reactive support for IT problems, reduced cyber-attacks, and enhanced protection of citizen data.

By leveraging Paradyn’s expertise in the area of managed IT services, local authorities have also been able to free up their time to focus on key administration and governance tasks, thus allowing them to provide better and more efficient services to citizens. It also mitigates security risks and reduces network downtime, meaning employees and citizens availing of public IT services, such as library or council office Wi-Fi hotspots, can enjoy a safe and secure user experience.

Last year, Paradyn designed and built a Security Operations Centre in Cork to actively monitor, alert and remediate security threats for customers in real-time. Additionally, it also established a TotalView Centre as a response to the significant increase in malicious threats being faced by Irish organisations during the pandemic, particularly with the shift to remote working.

Cillian McCarthy, CEO, Paradyn, said: “It’s reassuring to see that so many local authorities across Ireland are investing in proactive and integrated security defences to protect their systems, data and people. With remote working and online self-service options for the public becoming so important over the past 12 months, local authorities understood that they needed to considerably improve the security protection they offer both staff and citizens.

“We’re delighted that so many local authorities have turned to Paradyn to gain a more proactive and holistic approach to cybersecurity., particularly for CIS Controls which allows them to benchmark their security capabilities against global best practices.

“Over the years we have worked with many local authorities across Ireland, we value their partnerships and always deliver services that match their evolving needs. Our specialist expertise allows us to deliver high-quality managed security services, especially as we face increased security challenges due to changing ways of working and the move to online public services.”

Click here to discuss this project or any other Paradyn projects in more detail.