Connecticut Information Security
is a full-service cyber security firm

We specialize in mitigating security risks, protecting networks, aligning organizations with security standards, and educating workforce members on security-related topics and tools.

Learn more about us
image01

Top Issues from Top Experts

Get in touch with today's top security topics from
the experts in the field.

Visit our blog now
image01

Are You Exposed?

Need help evaluating your security risks?
We are here to help.

Contact us now
image01

CTInfoSec has extensive experience
performing security assessments

We work in a variety of industries, including insurance, financial services, mobile applications, healthcare, online services, manufacturing, utilities, real estate, business services and more.

Find out more
image01

THE BLOG

  • Sep 15, 2022
    Attacker in the Network

     An attacker is inside your network right now. If that is true, how would you know? Many technologies are in place to protect the gateways or the network edges, and logs document the traffic moving across these gateways. But, what about the attackers that make it successfully into your network past the gateway defenses? Perhaps using an urgent social engineering ploy that gets a user, maybe even a privileged user, to click on the link, steal credentials or download a malicious file.  Or maybe they use VPN and look like a normal user. Now what?

    Malicious actors are looking for the weak point in your systems to spread malware or exfiltrate data. The attacker will move laterally, poke around, analyze the treasure trove before them. They may scan internal ranges looking for a host for a more devious act. The lateral environment beyond the firewall can be a gold mine for attackers, plotting and placing malware, setting up new accounts to become untraceable. This attack surface is often left unmonitored leaving a massive landscape unprotected within your organization.

    Technologies like our NARC® Deception Network Technology help to catch the attacker in the act. Lying in wait; capturing important details and sending them right to you in near real time so the attacker can be stopped in their tracks. Our solution is low cost and plug and play – a perfect, quick and easy way to be protected. 

    Sophisticated attacks mean you need to be ready to catch an attacker anywhere, even if that means inside your network. Check out NARC® Deception – it could be just what you are missing.

  • Aug 15, 2022
    5 Steps to Take Right Now

    The world is complicated. The steps needed to secure an organization are more and more intricate by the day. There are numerous technologies to consider and more coming out by the day (or minute, it seems). No matter what direction you take with your security plan, there are a few things you can do right now to protect your organization while you figure the rest out.

    1. Verify your backups. We have a post on this (below). If you don't have backups, stop reading this post now and go get some in place. 

    2. Patch your systems. It is tedious and never ending but must be done. Have a process in place to patch and keep your software up to date.

    3. Check your endpoint protection. What technologies are in place today? Are they working and deployed across the organization's endpoints? Are logs in place? Find out. 

    4. Keep staff apprised of risks. If there are risks in the wild that are concerning, let your staff know to be extra diligent. Staff is more likely to act appropriately if the threat is top of mind.

    5. Create your incident response plan (and test it too!). Be ready in case you need to respond to an incident – from a lost laptop or a virus outbreak to something much more complex. Have a plan, test it, and reference it when needed. Preparation is key. 

    These are just 5 places to start making your organization more secure – today.  There are many more, but if you start with these basics, you will be on the right path forward.

Popular Offerings

IT Security Healthcheck

    We provide a multi-leveled, custom IT Security Healthcheck of your technology environment leveraging a proprietary stack of tactical and operational checkpoints to deliver an analysis of the environment – within your needs and budget - to identify gaps and risks and provide actionable remediation steps with tiered goals.

NARC® Deception Technology

    Our patented NARC® technology identifies internal compromise or malicious insiders. By creating virtual targets and enticing malicious users to them through open services and potentially valuable data, organizations can root out illegitimate traffic and users quickly and without false positives.

PROTECT YOUR BUSINESS.
MITIGATE YOUR RISKS.

Dealing with security attacks has become a fact of doing business online. With the introduction of regulations to protect data,
this has become a critical area for businesses today.

Know your risks. Protect your data. Become compliant.