Cybersecurity is an ever-evolving challenge. Managing this challenge takes a team of experts from a wide range of skills. Corporations and government agencies alike are adopting evolving technologies such as the Internet of Things (IoT) and Bring Your Own Device (BYOD) that expand the attack surface. Hence, managing Information Security (InfoSec) programs are becoming less effective while threats are becoming more advanced. However, California based company, Keep I.T. Simple (KIS) has always been at the forefront of assisting organizations with industry best IT Security solutions and services. For more than twenty years, KIS’s cybersecurity team and strategic partnerships have been providing cybersecurity consulting and technical services for clients from the design and implementation of InfoSec programs to incident response and forensics. KIS focuses on security controls and compliance as they pertain to the client’s culture and specific needs. KIS can then assess, design, and implement these into their client’s InfoSec programs where KIS and the client can monitor and maintain effective defenses.
"KIS started in 1988 as a systems integrator that deployed systems and network services for enterprise clients."
KIS started in 1988 as a systems integrator that deployed systems and network services for enterprise clients. As the company grew and technology advanced, KIS continually improved security in its deployments. The company expanded into their current practice that includes Security Controls design and implementation, security assessments, compliance preparations and pre-audits, InfoSec program and policy implementations, incident handling and response, and providing support to clients for managing and maintaining their InfoSec program both strategically and tactically. Over the last three decades, KIS has achieved client satisfaction by bringing exceptional products and expert professional services to help clients achieve their goals.
KIS clients are as diverse in type and size as the projects and solutions they request. Government, education, small and medium business, and enterprise-level organizations are all part of the KIS client list. KIS’s preferred process is to complete an initial review of the client’s goals and objectives, then create and execute a specialized assessment, including manual and automated vulnerability testing. The resulting “threat posture” of the client is matched against compliance standards and/or best practices specific to their environment and industry. KIS uses multiple sources (that they regularly update to stay current) to evaluate the current threat landscape and develop models that they use as a baseline to recommend and implement InfoSec program improvements. The assessment process also assists them in developing or improving the security policies and solutions of the client. KIS uses a gap analysis to determine the high priority items and then work with their clients to review solutions and processes that will address their goals and objectives in priority of most to least critical.
KIS has three areas of focus firstly, Assessing Cybersecurity (InfoSec) Program design and controls, which includes assessments like vulnerability testing, InfoSec Program reviews and testing of the deployment using automated and manual methods, and InfoSec program creation. The second area of focus is consulting to provide guidance and services for implementations of the InfoSec Program and the specific tools and solutions that will best fit with a client’s goals and objectives. The third focus is Maintenance and Incident Response where KIS is engaged to prevent and (if necessary) respond to and defeat the wide range of attacks from bots, viruses, hackers, internal threats (such as disgruntled employees or other internal threats), cybercriminals, and other threats such as phishing and ransomware attacks of all types.
The KIS team is proficient and experienced in preventing and defeating cyber-attacks as well as responding to incidents effectively and efficiently. In one instance, a KIS prospective client was plagued with a highly dangerous worm that propagated across the client’s organization. KIS was tasked to work with a third party to find the source, develop a remediation process, and provide experts at all levels with specific and direct responses to each layer that was affected. KIS worked with the organization’s IT department to plan and execute recovery efforts until the team achieved a successful resolution.
Looking to the future, KIS is enhancing their cybersecurity practice by engaging in new partnerships to provide effective and efficient consulting capabilities as well as products and technologies to improve and keep up with the ever-evolving cybercriminals and threats that plague organizations such as government and commercial alike.