Assimilated Asylum Technology Group

06/21/2018

Assimimated Asylum along with our sister company Encari, LLC are exploring what it would take to bring affordable cybersecurity products along with managed security services to small and mid size businesses.

How often do you worry about cybersecurity as a small business owner? These are a few of the items we can assist with. Relax and schedule your evaluation today.

04/13/2018

Assimilated Asylum Technology Group, LLC would like to announce that we have now aquired Encari, LLC. Encari, LLC has a long history of providing compliance services to the utility industry which makes us a good match to Asylum's cyber security related vision.

We are excited to see where this journey takes us and what lies ahead and we expect GREAT things from both groups as this unfolds.

www.assimilatedasylum.com
www.encari.co (going through a redesign, so stay patient)

Assimilated Asylum a Cybersecurity and Compliance service in relation to Critical Infrastructure, Building Automation and other systems and environments.

05/20/2017

So by now everyone has heard of the WannaCry or WCry ransomware variant. While I'm sure you already know what ransomware is, it's form of malicious software that holds your computer and hence your data hostage until you pay up (ransom).

To date most ransomware has targeted the healthcare industry and this variant is no different although it did escape its bounds and infect other devices with a total of over 300,000 worldwide. Thus think of ransomware infecting "Critical Infrastructure" well it can and has just remember when BART (train system) in the Bay Area was infected by another ransomware months back.

For the novice this is where I give you a few tips and for the IT guys out there this is the reason a proper education program for end users is vital along with a strong security program which takes into account patch application, vulnerability mitigation, proper backups, system hardening and much more

I understand for small business owners and the novice users, IT items can be daunting but no matter how small you are find a trusted IT provider. These guys keep your infrastructure going whether it's patching, backups or ensuring your not victim of a hack, because did you know that the average mean time to detection is 18 months. (That is potentially 18 months of the Russian mob stealing your customers data).

Give us a call today for a free evaluation of your Small to Mid size business and we will help you make sense of it all for you!!!

03/24/2017

I saw this article in my Inbox, and my first question was, I want to know the 4% that actually think attacks will not increase. While this is more of a marketing piece for the companies who are quoted it is still "odd" to think there is some truth to this.

That said, when we talk IIoT we have to remind ourselves to think outside our own sectors of Energy, Water, etc. and think of Industrial Environments as a whole, When is the last time someone assessed the cybersecurity ICS/OT or IIoT components of a company that stamps car doors for auto makers or a company that manufactures fire hydrants, they all use ICS/OT components which if compromised could have a cyber-physical impact

Mar. 14, 2017 - A new study finds 96 per cent of IT security professionals expect an increase in cybersecurity attacks on the Industrial Internet...

02/20/2017

Assimilated Asylum traditionally has concentrated on what we refer to as Critical Infrastructure, which are the systems that run the power grid (Generation, Transmission and Distribution), Oil/Gas Systems, Transportation and basically the items that we depend on in our daily life that go in noticed and unsecured.

That said, Assimilated Asylum will be opening a division that will concentrate on the Small and Medium based Businesses Market that find themselves in unique situations where they feel they have been overlooked in terms of Cybersecurity or even Compromised by and Adversary and that their customer's data is in jeopardy. We are a complete Cybersecurity company, we evaluate the complete design of your environment and offer cost effective solutions to ensure that you and your customer data remains secure.

Traditional Antivirus only protects against 45% of malware that is actually circulating the Internet, did you know that most small business firewalls if they have one are configured to let everything leave even customer data headed to Russia.

Hit me up today for a free evaluation of your small business and what you can do to protect your environment regardless if you an Auto Body Shop, Attorneys Firm or a Small Doctor's Office, we have you covered! . Wes Stewart

02/13/2017

Good Article. worth a quick read; Information isn't Intelligence.

There are many contextual details that differentiate cyber threat information from threat intelligence. In the realm of intelligence, context is...

02/01/2017

For my friends who are constantly on the lookout for IoCs to feed your SIEM, IDS, etc. New toys if haven't already: https://goo.gl/1rTQn3

With the number of attacks that we are facing today, defenders are looking for more and more IOC’s (“Indicator of Compromise) to feed their...

01/31/2017

Pretty good article for those beggining their voyage into Indicators of Compromise when correctly utilizing SIEM.

http://ow.ly/RqYJ308xcKS

SOC/SIEM - Indicator Of Attack(IoAs) - A Detailed Explanation, security incident and event management security operation indicator of attack

01/18/2017

I know the story is about six weeks old but, I love it when they refer to 'your city’s Methuselah-age infrastructure', because its right on. I know I preach on it a lot but a lot of what we consider ICS/SCADA. etc. we have essentially lost or forgotten about over the years.

Well now that we want increasing amounts of data out of these system we find ourselves in precarious situations you see because while we can certainly retrofit something that 'bolts on' to the existing infrastructure this would most certainly result in an increased attack surface, so then we are left with replacing which isn't a bad idea but then are we going to manage it properly.

But many transit systems can barely keep trains running, let alone fund security upgrades.

01/18/2017

While there have been some improvements in some business sectors the issue actually goes much deeper than with not training individual employees, when executives are also blind.

I recently had a conversation around HIPAA with a physician who head up two practices who seriously thought he was protected from a breach due to the fact that he had a firewall in place, when I proceeded to describe "defense in depth" and that the firewall was only a piece to an overall puzzle, he thought I had lost it.

I described spearphishing and how these type attacks are best served by awareness training but it goes to show you unless you start at the top of the pyramid, the bottom is vulnerable

Rules aren't really rules if breaking them has no consequences.

01/17/2017

Ex-US National Security Official Clarke: Regulation Key To Protecting ICS/SCADA From Cyberattacks: So what does everyone think of this? I have to ask, because many still complain about NERC CIP, but we have to admit it made a critical infrastructure industry think about Cybersecurity, regardless if cybersecurity professionals think its enough or not.

So if we are going to place required cybersecurity standards upon one critical infrastructure sector why should they not be developed for other critical infrastructur (e.g. water/wastewater, gas/oil or transportation)? We at least know at this point it will require the respective industry to take a look at their environment

Richard Clarke proposes a Y2K-style approach to beefing up security for critical infrastructure.

01/17/2017

In response to the Service Message Block vulnerabilities released yesterday, if you weren't practicing this already.

In response to public reporting of a potential Server Message Block (SMB) vulnerability, US-CERT is providing known best practices related to SMB....