With the extensive number of connected devices and applications being used today across every industry, traditional security tools such as antivirus software, firewall layers, and even WAF’s are no longer effective in preventing breaches. In light of this, Virtis has created a full spectrum protection security portfolio that includes threat intelligence, artificial intelligence, machine learning, web application protection security, micro-segmentation, and complete data management from security to backup and recovery.
"Virtis Vi is the only fully managed web application protection service on the market today that makes 100 percent vulnerability mitigation a reality"
Clearing the Air about Third-Party Security Providers
According to Ms. Wilner, there is a wide spread misunderstanding that companies are not liable for data breaches incurred by their third-party providers. In today’s legal climate, not only may companies be liable to their customers, they may have to engage in costly notification and disclosure efforts and may be subject to governmental auditing and penalties all due to their service provider’s failure to properly secure their customers’ sensitive information. Ms. Wilner adds, “Make sure to secure auditing rights that will enable your company to verify that your third-party vendor is maintaining its data security standards.” In addition, under GDPR mandates, the third-party provider and data owner are jointly liable for data loss. In most cases, you cannot shift the liability for a data breach through contractual terms because these providers are usually viewed as an extension to your internal staff. Consider the Equifax breach where the sensitive personal data of 148 million Americans was compromised. The vulnerability that actually exposed Equifax was within the Apache platform, provided by a third party. “At the end of the day, since your company will be responsible for the mistakes of your vendors, you should take appropriate legal measures to protect your company and your customers,” concludes Ms. Wilner.
As visionaries, we specialize in cybersecurity and are dedicated to bringing people, business objectives, and technology together to successfully align IT workforces and company culture while maximizing customer outcomes
Delivering Cost-Effective Security
We are in a global cybersecurity crisis. The Global cost of data breaches is expected to top $2 trillion by the end of 2020. In the recent IBM 2018 Cost of Data Breach Study: Global Overview, it was found that the mean time to identify (MTTI) a breach was 197 days and the mean time to contain (MTTC) said breach was 69 days. Yet, companies that were able to contain a breach in less than 30 days saved, on average, over $1 million vs. companies that took more that 30 days to contain. It’s critical to understand the current state of affairs.
“Today, 40 to 60 percent of breaches happen via web applications and most organizations are not prepared to remediate, given the speed and frequency at which they occur,” adds Ms. Wilner. “However, with VIRITS Vi (Vulnerability Intelligence) powered by RedShield, our fully managed web application protection solution; we find, fix and report all vulnerabilities making 100 percent vulnerability mitigation a reality.”
What makes Virtis Vi globally unique is it shields applications, platforms, and frameworks from cyberattacks without touching a single line of source code. “There are some great tools out there, but without the experts managing the tools, you can’t be fully protected. Fixing complex business logic flaws is an example where a WAF cannot protect against a breach,” says Ms. Wilner. The Virtis differentiator: web application protection developed into a service instead of a product. We can find vulnerabilities, fix faster and cheaper than trying to do it yourself and thus allowing organizations to reallocate their precious resources to other areas of need. Reexamine the Equifax breach. Equifax was breached four days after the Apache CVE was released. Oracle released the Apache patch 145 days later. Virtis Vi customers in blocking mode were never vulnerable; they were protected day 1. Another critical component of web application protection, environmental discovery, has been newly developed into a service of its own. Virtis Di (Discovery Intelligence) is a discovery solution that correlates assets and CVEs into risk assessment reports. According to Ms. Wilner, “Web apps have blurred edges. It’s crucial to know what’s happening in the periphery.”
Powering Security with Vendor-agnostic Solutions
Virtis’ vendor-agnostic solutions, combined with the company’s outcome-based approach and boutique white glove customer service, enable them to provide strategic roadmaps, leading-edge technology, and support services to some of the most technically advanced organizations. “Our solutions enable us to identify vulnerabilities, detect cyber threats faster and proactively shield against in-progress cyber-attacks more effectively than anyone else in the industry.
In an instance, one of Virtis’ clients, a payment transaction company, was in jeopardy of losing its PCI accreditation over security issues that arose in their applications and were seeking an appropriate solution. “The client spent over a year and millions of dollars trying to mitigate their issues and get their situation in order,” recalls Ms. Wilner. “Yet, instead of decreasing the number of issues, the number increased by 20 percent.” This is when Virtis stepped in and, with their fully managed web application protection service, eliminated all the issues in just a matter of days, helping the client successfully retain their accreditation.
In another instance, a disgruntled employee at a finance company attempted to steal sensitive customer data from a database and exfiltrate it to a suspicious location. Through Virtis’ AI solution, the client was able to detect the unusual database access instantly and was able to parse the layer 7 transactions to see that the malicious laptop had sought to log in as a privileged account and delete the database logs that showed evidence of the data transfer. With this forensic data immediately in hand, the security team was able to prevent further database access and the malicious actor from moving any data offsite, avoiding major data loss, brand damage, and regulatory penalties.
A hospital was concerned about ransomware attacks after detecting several phishing attacks containing ransomware variants. Because this client used Virtis’ data management solution, all applications and data ingested were stored in an immutable manner. Once ingested, no external or internal operation can modify the data.
"Our solutions enable us to identify vulnerabilities, detect cyber threats faster and proactively shield against in-progress cyber-attacks more effectively than anyone else in the industry"
Virtis’ competencies extend well beyond its’ world-class solutions portfolio. Ms. Wilner and her team offer cybersecurity advisory services that include risk assessment & management, vulnerability assessment & management, compliance & governance reviews, PCI-DSS, and security assurance. Ms. Wilner has also bagged numerous awards such as Shining Star Award by SC Media Reboot Leadership. Further offerings of architecture design & integration, and penetration testing complete Virtis’ suite of technology services to provide its clients comprehensive cybersecurity protection.
Speeding with Women Empowerment
Ms. Wilner ascribes the company’s dynamic work environment and collaboration between her employees as the mainstay of their ongoing success. “I am fully invested in my team. I’ve intentionally thrown away the cookie cutter to bring together a diverse group of individuals with varying backgrounds; as diversity and inclusion drives innovation. Virtis is proudly WBENC/WOSB certified and was named among Top 10 Artificial Intelligence Solution Providers 2018 by Enterprise Security Magazine. Through focused collaboration, I endeavor to unify and inspire thinking outside the box to empower each member to provide a custom version of white glove service for every client. This is the reason we are the best at what we do. Our heuristic approach focuses on creating an environment where everyone’s data is fully protected and secure,” she adds. Going forward, Virtis will continue to develop and provide best-in-class security solutions and services that will proactively shield against cyberattacks much more effectively.