Government Regulations & Cyber Security
This Post is part of a 4-part series on Cyber Security.
Background
There has been a measurable increase in cyberattacks, specifically on government, health care, and not for profit organizations. These organizations are targeted due to lack of budget or resources making them an easy target. These organizations, which are funded primarily through taxpayers’ dollars, need to change the focus of their IT solutions to meet compliance based on government legislation. Finally, there are requirements for these organizations to disclose when they are breached, potentially creating challenges around the reputation of these organizations.
Challenge
While different government branches have sizable IT budgets to pivot and align based on new requirements, smaller not for profits do not have that same flexibility. Oxygen, having a large number of not for profit and health care clients, needed to be able to realign our clients IT budget to adopt the new requirements for compliance and of course having the right tools and platforms to provide the reporting and transparency.
Solution
Oxygen has invested in partnerships and platforms that addresses the challenge. One of our large not for profit clients brought forward two separate
reporting requirements from different government departments. By running a Security Posture Review and performing a remediation we were able to
satisfy critical compliancy requirement, including the organizations backup strategy including test restore reports, and defining the Recovery Point and Recovery Time Objectives (RPO/RTO.) Our 2nd step was to deploy Umbrella and Stealthwatch Cloud, in conjunction with our Managed Services and Managed Backup platforms, to provide, daily, weekly, and monthly reporting to ensure that the data was backed up, and an analysis of data was
occurring in real time to ensure that reasonable risk mitigation was taking place.
Results
Oxygen was able to provide this client, in a matter of 30 days, the knowledge that they were performing reasonable efforts, in conjunction with government
legislation, that their data and systems were being monitored and managed. This was done by using cost displacement, working within the budget of the
client, and ensuring the outcomes being provided by Oxygen to the client, met their requirements.
Next Steps
Based upon the tools and processes Oxygen uses, the client has committed to doing quarterly SPRs and strategic reviews with Oxygen on an annual basis.
