[Boston] Cybersecurity Lunch Cruise
Join AccessIT Group and our technology partners for our floating Cybersecurity Symposium aboard the Seaport Elite on Thursday, August 15, 2024. During the cruise, enjoy fresh shucked oysters and lobster lunch buffet and meet one on one with industry leaders during our manufacturer expo. While aboard, pull up a seat to hear our presentation on “Generative AI in Cybersecurity,” covering the latest threats and defenses, and earn a certificate for 3 CPE credits. If you are interested in attending this event, email: events@accessitgroup.com for more information.
Preparing for the Worst: Building Cyber Resilience with AccessIT Group
Cyberthreats are relentless and constantly changing, clearly showing that every organization must be prepared for the worst. CISOs face high pressure to develop and implement effective incident response (IR) and business continuity (BC) plans that minimize damage and keep critical operations running during crises. This is where AccessIT Group stands out as your trusted partner. With a unique approach that combines deep expertise with customized solutions, AccessIT Group helps cybersecurity professionals build strong, proactive strategies that not only respond to incidents quickly but also ensure business resilience and long-term recovery. In this blog, we’ll explore how AccessIT Group’s distinctive approach supports cybersecurity professionals in preparing for cyberincidents and maintaining business continuity when it matters most. How AccessIT Group Strengthens Incident Response 1. Customized Incident Response Planning AccessIT Group collaborates closely with your security leaders to develop and continually improve incident response plans tailored to your organization’s specific risks and priorities. Our specialists create detailed playbooks for various scenarios, including ransomware, data breaches, and insider threats, ensuring you’re prepared for any situation. 2. Advanced Threat Detection and Monitoring We assist you in deploying and integrating advanced security tools such as SIEM, EDR, and threat intelligence platforms. 3. Security Awareness and Training Programs Human error continues to be a top cause of breaches. AccessIT Group provides thorough security awareness training and simulated phishing campaigns designed to help your workforce identify and report potential threats, enhancing your human firewall. 4. Incident Simulation and Tabletop Exercises We conduct realistic incident simulations and tabletop exercises that evaluate and improve your team’s response skills. These sessions involve cross-functional stakeholders, including legal, communications, and leadership, to strengthen coordination and build confidence during crises. 5. Vendor and Regulatory Coordination AccessIT Group helps you manage relationships with law enforcement, regulators, and third-party vendors, ensuring your incident response remains compliant and well-organized throughout every phase. How AccessIT Group Enhances Business Continuity 1. Business Impact Analysis and Prioritization Our consultants work with you to perform comprehensive Business Impact Analyses (BIA), pinpointing critical processes and systems and establishing Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO) that align with your business goals. 2. Resilient Infrastructure Solutions AccessIT Group can help you design and implement resilient infrastructure strategies, including automated backup solutions and geographically distributed architectures to reduce risks from localized disruptions. 3. Comprehensive Business Continuity Planning We develop comprehensive, actionable business continuity plans that encompass all key functions and scenarios. Our team also helps regularly test these plans through drills and exercises to ensure preparedness and ongoing improvement. 4. Integrated Incident Response and Continuity Management AccessIT Group helps unify your IR and BC efforts, creating seamless workflows that enable smooth transitions from incident containment to business restoration, minimizing downtime and operational impact. 5. Regulatory Compliance Support We ensure that your business continuity practices comply with industry standards and regulatory requirements, such as ISO 22301 and NIST guidelines, thereby reducing compliance risks and enhancing audit readiness. Why Partner with AccessIT Group? Expertise: Our team has decades of combined experience in cybersecurity, incident response, and business continuity across various industries. Tailored Solutions: We recognize that each organization is unique and provide customized strategies that align with your risk profile and business goals. Proactive Partnership: At AccessIT Group, we believe in staying ahead. We help you anticipate threats and build resilience before they happen. Our proactive approach ensures that your organization remains ready and protected. Comprehensive Support: From initial planning and training, AccessIT Group provides a full suite of services. We support you every step of the way, making sure your organization is fully prepared and resilient against cyberthreats. Trusted Advisor: Our open communication and teamwork make us a dependable extension of your security team. Conclusion Preparing for the worst is no longer optional; it’s crucial. With AccessIT Group supporting you, cybersecurity professionals gain a strong partner in creating and implementing incident response and business continuity plans that safeguard your organization’s assets, reputation, and future. Ready to boost your defenses and ensure operational resilience? Contact AccessIT Group today to learn how we can tailor our expertise and solutions to meet your specific needs. Chad Barr, C|CISO | CISSP | CCSP | CISA | CDPSE | QSA | ASV Director of Governance, Risk & Compliance | Risk Advisory Services
[Philadelphia] Cybersecurity Lunch Cruise
Join AccessIT Group and our business partners for an afternoon on the water during our annual Cybersecurity Symposium aboard the Spirit of Philadelphia. Cruise the Delaware River with us on Thursday, July 24, 2025 while meeting one-on-one with our industry leading technology partners during our floating manufacturer expo. While aboard, pull up a seat to hear our presentation on “Zero Trust: Lessons from the Front Lines of Real-World Deployments,” and earn a certificate for 3 CPE credits. If you are interested in attending this event, email: events@accessitgroup.com for more information.
Building Resilience: Strategies for Managing Vendor Cybersecurity Risks
Today, organizations no longer operate in isolation. Supply chains are intricate, data is shared more freely than ever, and third-party vendors play integral roles across every business function. However, this increased reliance also brings a pressing threat: vendor cybersecurity risk, a challenge that demands immediate attention. High-profile breaches often originating from compromised third parties have exposed sensitive data, disrupted operations, and inflicted reputational damage on companies of all sizes. The stark reality is that if your vendors aren’t secure, neither are you, and the consequences can be severe. So, how can organizations build resilience and manage vendor cybersecurity risks effectively? Understanding the Scope of the Problem Vendor cybersecurity risk refers to the potential for third-party providers, such as software vendors, cloud service providers, contractors, and partners, to become entry points for cyber threats. Attackers often target vendors with weaker security postures, using them as stepping stones to access their primary targets. According to a 2024 study, over 53% of organizations experienced a data breach caused by a third party in the past two years. This underscores the need for a proactive and structured approach to third-party risk management, a crucial aspect of organizational preparedness. Create a Comprehensive Vendor Inventory Before you can manage third-party risk, you must understand your vendor ecosystem. This includes: Identifying all third-party vendors with access to your systems or data. Categorizing vendors by criticality and data sensitivity. Mapping data flows to understand what information is shared and where it resides. Implement a Robust Vendor Risk Assessment Framework A consistent, risk-based framework should be applied throughout the vendor lifecycle: Pre-contract due diligence: Evaluate security policies, controls, and past incidents. Security questionnaires & audits: Use industry-standard tools like the SIG (Standardized Information Gathering) or CAIQ (Cloud Security Alliance) to assess practices. Risk scoring: Assign risk levels (low, medium, high) based on access levels, data types, and regulatory impact. Key areas to evaluate include: Network and data security Incident response capabilities Compliance with standards (ISO 27001, SOC 2, NIST, etc.) Cyber insurance coverage Include Security Clauses in Contracts Security must be embedded into vendor contracts, not just implied. This includes: Defined security requirements (e.g., encryption, MFA, vulnerability management) Right to audit clauses Incident notification timeframes Data breach liability and indemnification Termination rights if minimum security standards aren’t met Monitor Continuously, Not Just at Onboarding Cyber risk is dynamic. A vendor deemed “secure” last year may now be vulnerable due to changes in infrastructure, personnel, or new threats. Continuous monitoring tools can help detect: Changes in external threat exposure (e.g., from threat intelligence feeds) Leaked credentials or dark web chatter Breaches or legal violations Establish an Incident Response Plan Involving Vendors Vendors should be part of your incident response (IR) strategy. Ensure: IR roles and responsibilities are defined for both parties. Communication protocols are in place for breach disclosures. Vendors can provide logs and collaborate during investigations. Conduct tabletop exercises that simulate third-party breaches to test readiness. Foster a Culture of Shared Responsibility Cybersecurity is not just a technical problem; it’s a business imperative. Vendors should understand that security is a condition of doing business, not a nice-to-have. Consider: Providing vendors with training or access to your security best practices Encouraging alignment with security frameworks like NIST CSF or CIS Controls Building long-term partnerships based on trust and transparency Use Technology to Scale Your Program Manual processes don’t scale well as vendor ecosystems grow. Leverage third-party risk management (TPRM) platforms to: Automate assessments Track remediation efforts Maintain vendor documentation Ensure compliance with regulatory mandates like GDPR, HIPAA, or CMMC Conclusion: Resilience Is a Team Sport Managing vendor cybersecurity risks isn’t just about protecting your perimeter; it’s about understanding and reinforcing the entire digital ecosystem in which you operate. By building strong relationships, conducting thorough assessments, and monitoring continuously, organizations can reduce their attack surface and respond to threats with confidence. Cyber resilience isn’t achieved overnight. But with the right strategy, tools, and mindset, you can protect your organization without compromising on the partnerships that drive your business forward. How can the AccessIT Group help you? AccessIT’s vCISO and Risk Advisory services support mature oversight and governance by helping to define strategic and operational roles, embed risk frameworks, strengthen contract controls (including breach notification timing), and monitor vendor compliance over time Altogether, this holistic framework—assess, evaluate, comply, build, and maintain—empowers organizations not just to detect and fix vendor-related risks, but to proactively govern and recover from supply-chain disruptions, bolstering cyber resilience. By: John August Otte – Senior Cybersecurity Consultant – C|CISO | CISSP | CISM | CISA
[Annapolis, MD] Cybersecurity Lunch Cruise with Blue Angels Flyover
Join AccessIT Group and our technology partners for our Blue Angels Lunch Cruise and floating cybersecurity symposium aboard the Catherine Marie on Wednesday, May 21, 2025. Catch the thrilling spectacle of the Blue Angels soaring over Annapolis while networking with top cybersecurity professionals. Don’t miss this chance to mingle with our top partners. This is an invite-only networking event for IT and cybersecurity professionals in the DMV area. If you are interested in attending this event, email: events@accessitgroup.com for more information or reach out to your AccessIT Group representative.
Securing the Supply Chain: A CISO’s Guide to Managing Risks from Third Parties
Today’s interconnected digital world reveals that an organization’s cybersecurity depends on its most vulnerable element, which often exists outside company walls. Third-party vendors, together with suppliers, contractors, and partners, create complex dependencies that attackers regularly target because of existing vulnerabilities. The CISO, as the leader of the organization’s cybersecurity efforts, now plays a crucial role in supply chain risk management. This role represents both mandatory compliance and essential enterprise resilience needs. The New Face of Supply Chain Threats Recent attacks on zero-day vulnerabilities within popular software components have joined the SolarWinds and MOVEit incidents. Threat actors have modified their attack methods by launching attacks against third parties with weaker security defenses to gain entry into better-protected organizations. The evolving nature of threats requires organizations to move their risk management beyond traditional perimeter defense toward more extensive proactive security measures. The rise of Anything as a Service (XaaS) and open-source components, together with supply network globalization, makes third-party risk management more difficult. Every enterprise today depends on hundreds to thousands of external partners who get access to sensitive information and system resources and code repositories. Key Challenges in Third-Party Risk Management CISOs encounter various ongoing obstacles when implementing supply chain protection measures. 1. Many organizations fail to obtain complete information about their third-party relationships and the specific data access rights their entities possess. 2. Vendor assessment procedures are frequently manual and isolated. They are restricted to initial onboarding phases without follow-up assessments for evolving risk profiles. 3. The changing threat environment introduces complex assessment challenges because of AI-based phishing attacks, deepfake impersonations, and state-sponsored cyberattacks. The regulatory framework has become more demanding because of NIS2 (the Network and Information Systems Directive II), GDPR (the General Data Protection Regulation), and the SEC’s new cybersecurity disclosure requirements which enforce enhanced monitoring and reporting of third-party security risks. A CISO’s Playbook: Strategies for Securing the Supply Chain CISOs need to incorporate cybersecurity into vendor management life cycles, which include vendor selection and onboarding, followed by continuous observation and vendor termination. The following strategic pillars will direct this transformation process: 1. The company needs to implement a Third-Party Risk Management (TPRM) framework. The TPRM program should contain formalized procedures that include: The framework should classify vendors into two risk groups (critical and non-critical). The security questionnaires follow the standards of NIST, ISO 27001, and SOC 2. The TPRM program should integrate with procurement and legal operational workflows. 2. Continuous Monitoring and Threat Intelligence Point-in-time assessments are no longer sufficient. Continuous monitoring tools and cyber threat intelligence feeds should be used to: Detect signs of vendor compromise Determine if there is shadow IT or unauthorized connections present. Real-time vulnerability management is required to detect new vulnerabilities. 3. Zero Trust Architecture (ZTA) Third-party access requires the implementation of Zero Trust principles. Every user should receive the minimal permissions needed for their role. Implement micro-segmentation Monitor all network traffic and user behavior analytics (UBA) 4. Contractual and Legal Safeguards The vendor agreements need to incorporate the following elements: Vendors must meet both cybersecurity standards and data protection regulations. Breach notification timelines Right to audit clauses The terms need to be checked and revised at regular intervals to match current security threats, together with emerging regulations. 5. Vendor Incident Response Integration Third parties need to integrate into your organization’s incident response procedures. This includes: Clear communication channels Shared escalation paths Joint tabletop exercises The collaboration during a crisis shortens the response period while minimizing potential damage. 6. Culture and Training Cyber risk is not just a technical issue. The procurement department, legal staff, compliance experts, and business personnel need training to identify and report third-party risks. All individuals who make decisions about vendors should receive cybersecurity training. The Road Ahead Supply chain security is not a future concern, but a pressing issue for boardrooms today. As digital ecosystems expand and attackers become more sophisticated, regulatory oversight intensifies. The CISO’s role is to create a risk-oriented environment that treats third-party security as a business necessity. Call to Action Your organization needs to establish preparedness for the upcoming supply chain cyber threat. It also needs to assess its third-party risk management program at this moment. Your vendor ecosystem requires a complete audit, as your organization should invest in monitoring tools and adopt NIST CSF 2.0 and ISO/IEC 27036 frameworks. Implementing proactive security measures in your supply chain is not just a response to a potential breach, but a way to reveal and address vulnerabilities before they become a problem. Remember, the best defense is a proactive offense. Remember, you’re not alone in this. AccessIT Group’s team of cybersecurity experts is here to offer consultation services, helping you establish robust TPRM programs and modernize your cybersecurity strategies. We provide customized consultations based on your industry needs and risk exposure profile, ensuring you have the support you need. By: John August Otte – Senior Cybersecurity Consultant – C|CISO | CISSP | CISM | CISA
Webinar: 3 Security Projects CISOs Should Consider for 2020
AccessIT Group Partners with LogRhythm to Offer Unlimited Data Plan for SIEM
AccessIT Group Partners with LogRhythm to Offer Unlimited Data Plan for SIEM KING OF PRUSSIA, PA, – October 16, 2019 – AccessIT Group is now offering an unlimited data plan for SIEM through its partnership with LogRhythm. The reality is that big data volumes are growing exponentially. To stay within budget, CISOs are being forced to make difficult and risky decisions about which data they choose to protect—and not protect. LogRhythm introduced its unlimited data plan precisely because it believes CISOs shouldn’t be forced to restrict the amount of the data and what they protect. Not only does LogRhythm’s unlimited data plan allow CISOs to free themselves of these restrictions, it also lets them do so at a predictable price point, thus greatly lowering the risk of unprotected data. With the LogRhythm True Unlimited Data Plan, customers can have peace of mind knowing that they can add additional data sources to achieve complete visibility, implement new use cases, and scale as they grow — no tiers, fine print, or contract surprises. “With unprotected data responsible for 3.2 billion breached records annually, LogRhythm’s model means our customers no longer have to sacrifice security because of cost,” said Joe Luciano, CEO, AccessIT Group. “The unlimited data plan for LogRhythm’s XDR Stack makes it easy for organizations to get the appropriate level of security they need at a single consistent cost, no matter how much data they have in their environment. This offering represents a tremendous step forward in the fight against cyber threats.” Organizations that select LogRhythm will pay one price—and only one price—for their entire contract, enabling them to protect all their data, users, and systems, even if those numbers increase throughout the year, and even if their deployment architecture changes. “2019 is set to be the worst year ever for data breaches, but how many of this year’s incidents could have been prevented if organizations had the ability to ingest and protect all of their data?” said Mark Logan, CEO, LogRhythm. “That’s why we created the industry’s first truly unlimited data plan for SIEM. With LogRhythm, CISOs no longer have to sacrifice security because of cost. Instead, they can now monitor and protect all their data while still staying well within their budget.” The LogRhythm NextGen SIEM Platform combines patented machine-based analytics, user and entity behavior analytics (UEBA), network detection and response (NDR), and security orchestration, automation, and response (SOAR) in a single, unified architecture, delivered from the cloud or as an on-prem solution. The platform strengthens the maturity of security operations by better aligning a customer’s technology, team, and processes. About LogRhythm LogRhythm is a world leader in NextGen SIEM, empowering thousands of enterprises on six continents to measurably reduce cyber and operational risk by rapidly detecting, responding to and neutralizing damaging cyberthreats. The LogRhythm NextGen SIEM Platform combines advanced security analytics; user and entity behavior analytics (UEBA); network detection and response (NDR); and security orchestration, automation, and response (SOAR) in a single end-to-end solution. LogRhythm’s technology serves as the foundation for the world’s most modern enterprise security operations centers (SOCs), helping customers successfully secure their cloud, physical, and virtual infrastructures for both IT and OT environments. Built for security professionals by security professionals, the LogRhythm NextGen SIEM Platform has won countless customer and industry accolades. For more information, visit www.logrhythm.com. About AccessIT Group AccessIT Group is the premier Value Added Reseller of cybersecurity products and services on the East Coast. We create customized cybersecurity solutions, providing assessment, compliance, design and implementation expertise. AccessIT Group services both regional and global companies with enterprise level products and services and our engineers maintain the highest level of certification for the products and services we provide. Partnering with only select manufacturers, we offer best-of-breed solutions for your security projects. For more information, visit www.accessitgroup.com.
AccessIT Group Announces New VP of Sales
AccessIT Group, an industry-leading cybersecurity firm, is pleased to welcome and announce the appointment of Robert Reilly as the new Vice President of Sales. Reporting to Joseph Luciano (CEO), Robert will be assuming responsibility for the AccessIT Group sales organization. As the VP of Sales, Robert will align the sales organization around the company’s go-to-market strategy and growth opportunity. “We are enthusiastic about Bob coming on board,” said Joe Luciano, Chief Executive Officer of AccessIT Group. “His years of experience and his network in the cybersecurity market space will be another asset to add to AccessIT Group’s very skilled team.” Robert brings more than 10 years of cybersecurity sales and leadership experience to AccessIT Group. Most recently he served as Director of Sales for ePlus and, prior to that, helped grow sales at both Akibia and IGX Global. In Robert’s former roles, he focused on helping the companies by understanding their organizational goals, strategies and objectives and executing on go to market strategies, talent acquisition and expansion into new markets, both domestic and international. Impressively, during his time at IGX, Robert helped grow revenue 30-50% year-over-year, which in turn led to the acquisition of IGX by ePlus in 2015. Robert joined AccessIT Group on June 3rd. Joseph Luciano, CEO and current VP of Sales, will begin to shift his focus solely to his responsibilities as CEO. AccessIT Group is looking forward to Robert’s contribution to the growth an expansion of the company.
SSL Inspection – What’s in your network?
The web is being encrypted at blinding speed as more and more websites are moving to HTTPS. Today more than 70% of all internet traffic is encrypted, helping to keep our data and private information secure. Studies suggest this number will increase to more than 80% by the end of the year; but, is a “secure” website a “safe” website? Encryption does not necessarily mean that content is safe. Threat research shows that 68% of malware uses encryption to hide in the network and one third of malware uses encryption to access and infect the target. How could this affect you? If you are not performing SSL inspection or if SSL inspection is implemented improperly, your network security tools are only inspecting 30% of the traffic across your network. This alone is concerning; not to mention, for every malicious event detected by your security tools there are statistically twice as many hidden in SSL/TLS encrypted traffic. Here are a few risks involving SSL/TLS encryption. SSL encryption is used to hide dangerous content such as viruses, spyware and other malware. Attackers build their own websites with SSL encryption concealing activity within the infected host. Attackers inject their malicious content into well-known and trusted SSL-enabled sites. SSL can be used to hide data leakage, such as the transmission of sensitive or proprietary information. Revealing the hidden traffic AccessIT Group uses SSL inspection to gain visibility into the hidden traffic within your network and identify, classify, and inspect the packets for threats. The process is simple and can be performed by a variety of products like firewalls, Web Gateways, Application security and packet brokers. With a trusted root CA certificate and some extra computing power, you can decrypt the traffic, have it inspected, then re-encrypted before sending it on its way. Next, we need to examine inbound and outbound traffic. Traditionally inbound traffic could be inspected by an Application Delivery Controller (ADC) and this method is widely used by many organizations as setup is straight forward and involves managing certificates you already own and use. Outbound traffic becomes more challenging as you now must proxy the outbound SSL request and pretend to be the destination to the user and the user to the destination. Challenges of SSL inspection Decrypting and re-encrypting traffic is computationally intensive and many inspection tools are simply unable to decrypt at scale. Overall security appliances suffer a performance decrease of 80% when SSL inspection is enabled. This leads to oversizing a product for your network to handle the extra workload. Every tool that needs to inspect the traffic must be oversized as well as increasing the latency while decrypting and re-encrypting the traffic. If that’s not bad enough, the National Cybersecurity and Communications Integration Center published Technical Alert TA17-075A reporting that 58% of the devices used for SSL decryption have severe vulnerabilities. Many inspection devices do not properly verify the certificate chain of the server before re-encrypting the data, allowing for data intercept; and even more fail to forward certificate chain errors to the client, leaving the client blind about the authenticity of the server. Now, with the newer TLS 1.3 being release and adopted by websites, older SSL inspection devices can no longer perform properly. TLS 1.3 is a fundamental change in the way HTTPS encryption is handled and Perfect Forward Secrecy (PFS) relies upon the Ephemeral Diffie-Hellman key exchange protocol generating a one-time key for each session. This means that since the exchange of static keys has been removed, passive mode decryption is no longer possible. Where to decrypt traffic A few years ago, the Next Generation Firewalls and Web Proxy devices were leading the charge to introduce SSL inspection for outbound traffic while ADC’s continued to offer SSL Proxy capabilities for inbound traffic. With increased threats and a growing concern for security, the implementation of multiple security tools has given rise to visibility platforms that can process traffic either inline or from a tap. With their sheer compute and traffic handling capability, these devices can not only direct, route or hand off traffic to security appliances, but they can perform SSL decryption and re-encryption services for those same devices decreasing latency and complexity. Managing SSL encryption processes from a single platform simplifies the complexity of the process, as well as making it easier to implement new security tools to have visibility of that traffic. So, tell me, what’s in your network? With encrypted traffic increasing at approximately 15% per year and currently approaching 80% of enterprise traffic, it is imperative that security organizations gain visibility into their own forgotten network – the dark space where encryption, once viewed as the best thing for web browsing, is being exploited and used to infiltrate and infect our networks. To ensure the continual protection of your network, embrace the changing technology, rather than employ an “if it’s not broke don’t fix it” approach. AccessIT can help you evaluate your SSL inspection tools so that your network is not at risk and your team can rest assured the traffic passing through is safe.