Wapack Security LLC - Why Wapack?

Why hire Wapack?

Hackers are increasingly targeting small and medium sized businesses. Media coverage of high-profile attacks is helping small companies understand how their networks could be vulnerable. As an example, TJX (parent company of TJ Maxx) suffered the loss of several million credit cards , costing the company not only negative publicity, and the resultant los of sales, but also approximately $90 for every card lost!

According to Gartner, Security is a number one priority for many IT professionals in small and medium sized businesses. Unfortunately, resource and budgetary realities constrain their ability to hire and retain qualified security talent. Most small and medium sized businesses simply cannot afford to build and manage their own information security monitoring and management center. The costs alone of such an undertaking could range from $1M to $3M to build, and upwards of another million per year to operate. Worse, these processes do not generate revenue! While they might be considered a competitive diffentiator in some markets, they are still an overhead item --a cost of doing business safely, and are quickly becoming required as a simple baseline 'must have to stay out of the media' practice.

The increased focus on the Payment Card Industry Data Security Standards (PCI DSS) brings security compliance front and center to millions of small and medium sized businesses that were previously exempt from regulatory concerns. Small and medium sized businesses in many industries are now being forced to comply. This can be an expensive undertaking, and nearly impossible for many SMB companies to manage on their own.

The high tech sector, especially those companies who wish to sell technologies into the Department of Defense, Energy, FAA or others, within the next two years, will have to prove NIST 800-53 compliance, including enhanced controls over all of the intellectual property that will be used in their contracts. This is happening especially fast in the Defense Acquisition System where contract requirements are already starting to be written with wording requiring proof of adherence to NIST 800-53, including security monitoring, management, and incident response. Again, the cost of such a program is not revenue generating and is VERY expensive. Wapack Computer Network Security monitoring is one essential element of compliance, and can be performed in a very cost efficient manner when compared to building your own.

How does it work?

1. Your security alarm dealer and/or Wapack will install a "Unified Threat Management" Appliance, or UTM, just behind your firewall, modem, or router just before your internet connection. One appliance should be placed at every external connection or WAN connection to remote locations.

2. A management server, located at Wapack is used to monitor and manage the UTMs in your network.

3. Wapack maintains a centralized analyzer machine, which is used to collect, aggregate, and alert a Wapack analyst to any issues that arise.

4. When at attacker attempts to access your network, a signal is sent via encrypted communications to Wapack, where an analyst is notified immediately. If the attack is not stopped automatically by the UTM, Wapack analysts have several options that may be taken to stop the attack.

5. The UTM is pre-configured to stop most attacks, but log that they happened. In those cases, no action is generally required. In some cases, new attacks are used to attempt to gain access (new cyber attacks are discovered daily), the Wapack analyst will evaluate the attack, and do one of a couple of things --do nothing, disallow the attack, create a new rule and deploy it to your UTM, or kill the connection.

6. If a breach occurs, Wapack will contact your IT department and work with them to better understand the nature, and create new rules to be placed in the UTM for future protection against this new attack.