Maintain Security

Vigilance all year long

Call (832) 730-2850 to get started.

Staying secure takes vigilance. It requires a commitment from leadership, attentiveness from IT personnel, awareness from every employee and contractor who accesses your network and access to competent cybersecurity professionals. This may sound overwhelming but staying secure is very possible and very manageable - and it doesn't have to cost a lot. You just need a plan that is right for your business.  

PLAN - PRICE

Description

Scheduled Vulnerability Scanning

(Cost dependent upon scope)

5% DISCOUNT for BIG I Members! 

Who should purchase more than 1 scan a year?

Non-exempt entities are required to conduct continuous monitoring OR bi-annual Vulnerability Assessments AND an annual Penetration Test (see text from the regulation below). Even larger Limited Exempt entities would benefit from bi-annual Risk Assessments. Get on the schedule and know that we have your back all year long.

Section 500.05 Penetration Testing and Vulnerability Assessments.

The cybersecurity program for each Covered Entity shall include monitoring and testing, developed in accordance with the Covered Entity’s Risk Assessment, designed to assess the effectiveness of the Covered Entity’s cybersecurity program. The monitoring and testing shall include continuous monitoring or periodic Penetration Testing and vulnerability assessments. Absent effective continuous monitoring, or other systems to detect, on an ongoing basis, changes in Information Systems that may create or indicate vulnerabilities, Covered Entities shall conduct:

(a) annual Penetration Testing of the Covered Entity’s Information Systems determined each given year based on relevant identified risks in accordance with the Risk Assessment; and

(b) bi-annual vulnerability assessments, including any systematic scans or reviews of Information Systems reasonably designed to identify publicly known cybersecurity vulnerabilities in the Covered Entity’s Information Systems based on the Risk Assessment.

Why should I schedule more than 1 scan a year?

Risk Assessments, Vulnerability Assessments and Penetration Tests capture the state of your environment at a point in time. While they are essential components of a cybersecurity program, there is a risk that vulnerabilities evolve after these tests are completed and the new/updated controls are put in place.

How do vulnerabilities evolve? New cyber-threats emerge frequently - attacks that take advantage of vulnerabilities before software or hardware vendors issue fixes are called "zero-day" exploits. Without the proper system in place, you may not detect such attacks. Further, your business is not stagnant - over time your IT people add new systems, people cycle in and out and configuration changes are made. Any of these scenarios can introduce vulnerabilities, albeit unintentionally. 

PLAN - PRICE

Description

Managed IT

Services 

(Cost dependent upon options selected)

5% DISCOUNT for BIG I Members!

What is Managed IT?

Managed IT Services are enterprise-class IT support for any-sized business, from managing your company workstations and firewalls to a fully managed IT support model and everything in between. These type of services are frequently customized to your needs. See our Managed IT Services site for details.

Some of the things we do:

  • Anti-malware/Anti-virus/Ransomware Solutions
  • Desktop Support Services
  • Microsoft Office 365 Management and Monitoring
  • Patch Management
  • Reporting
  • Remote Help Desk capabilities
  • Network Server Solutions
  • Network Hardware and Software Audits
  • Backup, Recovery, and Archiving
  • Cloud Solutions
Who should purchase Managed IT?

Any business that lacks the resources to effectively manage its information systems (workstations, servers, network, firewall, email, phones, etc.) or wants to bring more expertise to bear for less than it would cost to hire the same talent. One of the greatest benefits of Managed IT Services is continuous patch management, or the real-time, continuous updating of systems with the latest security patches issued by manufacturers. A disciplined patch management plan will help to harden your defenses against exploits that open the door for devastating attacks, such as ransomware.

Cyber Awareness

Training

Free in portal

5% DISCOUNT on custom training for BIG I Members!

What is it?

Cyber Awareness Training is the process of educating your employees about common or emerging threats, best practices regarding computer security and really any topic that helps protect your information systems. Since humans (e.g. your employees) are typically the weak link any security chain, Cyber Awareness Training should not be ignored. In fact, on July 29, 2019 several government entities issues a joint statement that detailed "Three Steps to Resilience Against Ransomware." One of those steps is quoted below:

"Reinforce Basic Cybersecurity Awareness and Education

Ransomware attacks often require the human element to succeed. Refresh employee training on recognizing cyber threats, phishing and suspicious links – the most common vectors for ransomware attacks. Remind employees of how to report incidents to appropriate IT staff in a timely manner, which should include out-of-band communication paths."

Source: US-CERT.GOV

Who is it for?

In our opinion, it's for everyone. The NY State Cybersecurity Regulation requires cybersecurity awareness training for Non-Exempt entities only (see text below). This is a mistake. An employee at an insurance agency that qualified for a Limited Exemption is as likely to fall victim to a phishing or spear phishing attack as an employee at a Non-Exempt entity. As a business owner, you must consider the risk of untrained/unaware employees, whether you employe 2 or 20 people. As a customer, you will have access to content in our online portal that serves as cybersecurity awareness training. We can also create customized training or webinars for you on specific topics.

Section 500.14 Training and Monitoring.

(b) provide regular cybersecurity awareness training for all personnel that is updated to reflect risks identified by the Covered Entity in its Risk Assessment.

PLAN - PRICE

Description

Customized Cybersecurity Program

(Cost dependent upon scope)

5% DISCOUNT for BIG I Members!


Why would I want a customized cybersecurity program?

While there are similarities from insurance agency to insurance agency, each business is different and each business owner has a different take on risk. For example, an agency with 5 offices, 5 firewalls and 5 file servers and 25 employees will have different cybersecurity and IT needs than a single office agency that just uses cloud storage. Maybe two agencies of similar size and infrastructure use different systems and software? The process of building a customized solution for your business doesn't necessarily mean added cost - in fact, it could be less. It does mean that we need to get to know you and your business. Ready when you are.

CONTACT US

832-251-6600 | 855-524-9778
LCG, LLC
11767 Katy Freeway, Suite 515
Houston, TX 77079

Privacy Policy
Sitemap

WHY CHOOSE LCG?

Our Clients hire us because we provide honest advice, excellent customer service, and winning solutions based on experience. The best way to find out how we can help you is to call us.

Copyright 2008-2019. LCG Discovery Experts, LLC d/b/a LCG, LLC. All Rights Reserved