As the COVID-19 pandemic has affected the world, most organizations have been forced to make transitions to remote workforce and a more intense focus on serving clients through digital channels. This has today led to the rapid surge in demand for digital capabilities, products, and services. The digital response to the COVID-19 crisis has also created new security vulnerabilities. Attackers seek to exploit the gaps opened when telecommuting employees utilize insecure devices and networks. Threat actors also use known attack techniques to exploit people’s COVID-19-related fears. For example, Google tallied more than 18 million malware and phishing emails related to the novel coronavirus on its service each day in April. It also reported identifying more than a dozen government- backed groups using COVID-19 themes for these attempts .
THETA432 led by CEO M. Michael Mitamais helping its clientele and their remote work forces operate seamlessly with their cutting-edge security solutions. Mitama founded THETA432 to fill the gap in the MSSP space where clients are oversold on solutions that only address part of the problem. “At THETA432 we build scalable cyber defense strategies utilizing our own technology and processes. With this we can shrink the usability gap to get our clients up and running in very little time. POCs, meetings and emails that create measurable time gaps are reduced so that our clients see value from the beginning,” says Mitama.THETA432TM is a cybersecurity firm that provides 24/7/365 managed prevention, detection, response, Hybrid SOC, cyber defense monitoring services with dynamically defined defense (3DTM), a unique process developed over time to effectively address cyber defense challenges.
THETA432 seeks to help both Mexican and US companies protect their networks and overall information from cyber threats. They make sure companies have what it takes to keep their systems protected and offer additional training to their employees to further recognize attacks. “We are tool agnostic because we feel experience and knowledge supersedes a tool-centric approach, so we can use our tools or adapt to yours. Additionally, we customize our service according to our clients’ needs; no network is the same, and every threshold is different,” adds Mitama.
A Tool Agnostic Solution
The THETA432 provides tool agnostic, platform independent, cyber defense playbooks and procedures for making clients network defensible and visible. “Being that THETA432 is tool agnostic we are able to utilize any tools to provide coverage in analysis. We identify tools that have a low utilization rate and bring the utilization into the 80-percentile range and then develop playbooks for the inhouse analysts to follow and assist in maturing,” says Mitama. “If the client does not have the appropriate tools in place, we can assist them with our software and incorporate that into the service so that there are no technology gaps in their cyber defense strategy.”
He adds, “We have gone beyond the typical MDR service provider and provide managed, prevention, detection, and response. We now provide Attack simulations, Virtualized Attacks, Penetration Testing and Disaster Recovery Services from ransomware. “
With the pandemic and the lockdown, there is one thing that has had the maximum impact on everyone’s psyche: working from home. Outside the controlled environment of offices lined with secure networks, finding the right security software for businesses was simple. With remote working being the new normal, cybercrime poses a great threat to organizations and business continuity.
Mitama says that amidst the pandemic, a large portion of the economic meltdown arises from cybercrime. “Cybercrime has existed even before the pandemic and economic meltdown, but right now, we could say companies are becoming more vulnerable and attractive for attackers because of the new work from home strategy most are implementing. With employees taking their work devices out of their company’s perimeters, security efforts, like firewalls, no longer guarantee the security of their data, making breaches and cyberattacks ever more prone. To this we could also add the lack of awareness many companies have, thinking they will not be a target is more common than imagined.”
An Upgrade Needed
The cybersecurity landscape is due for a much-needed upgrade. “The cyber security landscape has proven that we will live in a borderless technology society which will cause deeper security issues that transcend current security controls, strategies, and budgets. The depth of new attacks will begin to bring networks to their knees, compromise and breach will be far more prevalent and having a strategy such as 3D Dynamically Defined Defense will be the bridge to the future of countering these attacks and intrusions.”
But what are some challenges that modern day businesses must acknowledge and prepare to fight? Both, the business model and the current status of the business play a huge role in determining the pain points and therefore the plan of action.
“No network is the same and every threshold is different, so we could not generalize on the challenges, but we could advise companies to strengthen their security effort. Maybe we could delete the space between this paragraph and the next one that starts with,” says Mitama. “Learning about the threats, they are exposed to will allow them to see and understand the best ways to prevent an attack. We could always provide an assessment to see what your current gaps are, show you how to prevent unnecessary risks and offer monitoring services to provide greater security.”
The question that arises is what are some necessary precautions that every business must take to avoid cybercrime? According to Mitama, “Companies could start by establishing confidentiality and digital management rules, strengthening credentials and data access, updating software, apps and devices, applying encryption to email, guarding passwords and vulnerable information, having a response plan ready to be executed if something happens, not opening unknown or suspicious links, backing up their data, using firewalls and antivirus and training employees on possible threats, so they know what to do in different scenarios.”
He adds, “Implementing attack simulators is also a great option, and it is something we offer. It’s not an overnight achievement but knowing who clicked when and how will allow you to understand how to act when an attack occurs and create a strategy to prevent it from happening in real life.”
Towards the Future
THETA432 was fortunate enough to assist in building stronger more resilient cyber defense processes and procedures for Fortune 500’s such as Mattel. Automating and reducing the false positive noise significantly while building efficiencies, THETA432 was very proud of the work we accomplished and continues to stand to this day. The Cyber Security team at Mattel was awesome to work with and bridging teams was an amazing experience. “As with all our clients we build out their cyber defense capability and make it more efficient. This means that Analyst fatigue is reduced, turnover is reduced, attacks our reduced or rendered useless,” says Mitama. “We continuously strive for improvements and cycle the knowledge back into the security stack to allow analysts to address more of the signal and ignore the noise.”
Mitama advices leaders today to become resilient and never give up, drive through challenges, overcome obstacles and destroy barriers. “Fundamentally, Cyber Security is a very competitive space and there will be major competition so buckle up and know the ride will be long and bumpy but if you forge forward with ambition and determination you will overcome and persevere in any adversity,” he adds.
THETA432 will be unleashing A.R.C. (Advanced Response Capability) which is an EDR that they provide as part of their services. THETA432 is all set to scale their product, Advanced Virtual Attacks (THETA432 A.V.A.) “With this product and service, we can simulate attacks, virtualize phishing campaigns with the ability to redirect end users to a learning management system, so they can learn about phishing emails. Among other things with AVA we can emulate various APT groups to identify gaps in the MITRE ATT&CK framework and assist our clients in hardening these areas from being exploited,” says Mitama. THETA432 DRX backs up the end user’s work product in the event of a ransomware attack. “The software is aware of anomalous behavior and this behavior is sent to our SOC team for evaluation and identification.”
Mitama notes that today an advanced plan of action needs an in-depth analysis of a wide range of parameters. “The pandemic has added quite a few to the equation and complicated it. Clearly, organizations who have favored the principle of “talent knows no geographic and time zone boundaries” are the first to excel.”