Cybersecurity Solutions

The DRS Cybersecurity Solutions

Designed to Detect and Rapidly Respond to Indicators of Compromise (IOC)

Known-Knowns

Well documented and understood IOCs.

IOCs that are unknown knowns

Unknown-Knowns

Are derived from known approaches to compromise and can be found by searching for patterns of behavior. As you advance up the solution stack, the capabilities greatly expand to detect patterned behavior.

Unknown Unknowns IOCs

Unknown-Unknowns

Novel approaches to compromise, require real human intelligence to piece together IOCs not obvious to any technologies.

Higher up the pyramid the greater the multi-layered capabilities to capture an IOC
Solutions higher up the Pyramid contain all the components of the solutions below them
Ransomware Undo and Extortion Defense stands alone and are independent of the other layers by design

Unknown-UnKnowns

Unknown-Knowns

Known-Knowns

Phishing and Malware Protect

Phishing and malware protect is designed for those companies looking to kickstart their cybersecurity programs with seriousness.

Phishing Protection

Phishing is a prime example of why cybersecurity is a business problem,  not an IT one. It is the “curiosity killed the cat” scenario of human behavior that causes devastating cyber attacks. Employee awareness training is a critical element of phishing protection and is included in this package.

Phishing emails can be effective in less than 9s. Polymorphic phishing attacks are growing. These attacks can be a challenge for traditional technologies to detect. Phishing is a numbers game. Launch enough phishing emails, and it is likely someone will eventually click on one, triggering a devastating ransomware event and shutdown.

The technology of Ironscales resides on the mailbox itself, unlike a Secure Exchange Gateway (SEG). This enables ultrafast action against phishing emails. AI is a critical component of the solution as it allows the process of fast volumes of emails at an extreme pace. Phishing emails are usually caught in under 9s. There is no overhead introduced at the Endpoint. 

Dark Rhiino Security provides all the management, implementation, ongoing maintenance, and awareness training. You are ALWAYS PROTECTED.

 

AI-Based Next Generation Anti-Virus (NGAV)

There are many NGAV solutions out there. Dark Rhiino Security has chosen Blackberry Cylance as our NGAV partner; simply put, they are the best at the job. We have tested many different NGAV solutions and in our own research and lab testing found Cylance to be on top. Very high detection rates at low cpu utilization. 

The artificial intelligence capabilities in Blackberry Cylance allow for very high detection rates on patterned malware behavior. This occurs at the endpoint, the first line of defense in any security architecture.

Dark Rhiino Security provides all the management, implementation, and ongoing maintenance. You are ALWAYS PROTECTED.

 

Included Technologies

Endpoint Protect

Endpoint Protect is designed for organizations looking to step up their protection at the end point with 24×7 monitoring and detection and response capabilities in a budget friendly package.

Endpoint Detection and Response (EDR)

Endpoint detection and response is necessary to significantly increase the protection for the computing devices and limit lateral movement by a bad actor. The architecture of this package is key to avoiding the prevention paradox. The prevention paradox is a term coined by the US Air Force. To summarize, the more you focus on prevention, the less secure you become because you lose visibility to a bad actor’s movements beyond your prevention capability.

A single technology Original Equipment Manufacturer (OEM) was deliberately avoided to ensure that prevention was separated from detection and response. The end result is a multi-layered architecture that avoids the prevention paradox and maximizes the possibility of prevention, detection, response, and isolation.

Dark Rhiino Security provides all the management, implementation, ongoing maintenance, and awareness training. You are ALWAYS PROTECTED.

 

Included Technologies

Insurance Protect

Insurance protect is a package designed for small and medium businesses (SMBs) to gain access to cyber insurance. Many cyber insurance carriers are requiring companies to have foundational controls in place for detection and response, endpoint protection, and Identity and Access Management (IAM).

Challenges with Cyber Insurance

It used to be fill out a one-page form and get cyber insurance. The continuing growth of ransomware as a service and data exfiltration have caused carriers to lose money. Carriers have increased premiums at very high rates and have eliminated coverage for certain sectors.  For those they insure, they want proof of controls. This can be a challenge for a small business with a small IT. Complexities and unique skill sets go with creating a functional defensive architecture containing the necessary technologies, as this offering does. 

Controls go beyond technology. With a remote workforce, implementing IAM requires a deep understanding of best practices and policies to instantiate them in a manner not disruptive to the business. Dark Rhiino Security brings the technology and business talent to the deployment of the controls and provides the on-going verification of those controls to any requesting authority with the client’s approval. Making it easy to not only prove controls are in place, but most importantly, are effective in their utilization.

All of this becomes paramount to any insurance provider in providing coverage at a reasonable premium.

Included Technologies

Compliance Fundamentals

Compliance does not ensure effective cybersecurity, but effective cybersecurity naturally results in compliance as an outcome. At the heart of many compliance programs is ensuring controls are in place and documented, and their integrity is auditable through demonstrated use and documentation. Compliance Fundamentals is a package designed for SMBs to get the necessary security controls for SOC2 type 1, HIPAA, and many third-party compliance programs. 

Compliance - The Costly Conundrum

Compliance can be costly and time consuming. Though not directly generating revenue, it is table stakes for business in many business sectors. Depending on the scale of the business, the compliance requirements can be a challenge to any firm. The cost of putting in and validating controls for any auditor is not trivial. This offering provides auditable controls necessary to begin a serious compliance journey and takes a significant amount of cost out of establishing and proving the needed controls.

For a SMB the resources are limited to get items like an operational 24×7 SOC, asset intelligence, data loss prevention, IAM, and EDR in place. This offering delivers all of this and more at a price point affordable to the SMB. Much more than technology, this offering is prescriptive in policies, procedures, and controls. It is not a technology offering but a total solution offering with relatively easy implementation. 

Included Technologies

Proactive Defense

Organizations in highly targeted sectors like healthcare, energy, law firms, public infrastructure, and those needing to satisfy the 110 controls of CMMC level 2 from NIST 800-171 will find this offering ideal for their needs. All fully managed and delivered at price typically equal to .5 to 1.5 Full-Time Equivalents (FTEs).

Vigilant Protection against Relentless Adversaries

This offering starts addressing the unknown-unknowns with human threat hunting, not AI-based threat hunting. Why not AI? AI can’t have hunches. Real humans with natural intelligence must look at events and piece together for what may be an IOC for a novel event. Along with threat hunting comes automated penetration testing and vulnerability scanning. No longer are you dependent on expensive human penetration testers. Penetration testing can be performed along with vulnerability scanning at any needed set interval. This offering enables a multi-layered defensive architecture that makes the persistence of bad actors difficult, provides all the controls for CMMC level 2, and provides protections for targeted organizations and economic sectors.

Included Technologies

Ransomware Undo and Extortion Defense

Ransomware attacks continue to rise and are amongst criminal’s highest mode of financial extraction. Ransomware is often combined with Extortion to leverage higher sums from victims. There is no slow down in this mode of criminal operation for the foreseeable future. This offering is stand alone by design and can be adopted by organizations that already have a multi-layered defensive posture and need to add firm protection against ransomware and extortion.

Don't be Extorted and Held for Ransom

Ransomware has proliferated rapidly. It is now available as a service, making it readily accessible to any bad actor. Ransomware as a Service coupled with Compromise as Service has done much damage to businesses large and small. A bad actor can buy compromised accounts, phishing campaigns, and advanced ransomware and get financial gains from compromised organizations. This offering provides a last line of defense against such maliciousness. 

The data encryption and controls provide protection at the file level. Only authorized parties can access files sent to them. It does not matter if the file was sent to a mobile device. The authorization goes with the file, and if the authorization is pulled, the individual cannot open the file even if it was downloaded, forwarded, or resides on a mobile device.

Included Technologies

Defense-in-Depth

Defense-in-Depth, for us, is not just an offering, it is a mindset. It is a premier offering that combines cybersecurity technology and prescriptive processes with our insured guarantee. The amount of the insured guarantee acts as the deductible on a cyber insurance policy from one of our AM Best rated carriers and insurance brokerage partners. Comprehensive total protection with a financial backstop. The amount of the guarantee is dependent on the size of the cyber insurance policy.

Defense-in-Depth

Defense-in-Depth has been adopted from the military by the cybersecurity community as a strategy implementing multi-layered defenses to slow and stop the movement of an adversary. More and more organizations are adopting the approach. On July 21, 2022 the Department of Homeland Security (DHS) released  Directive Pipeline-2021-02C (SD02C) effective July 27, 2022. The security directive is universally applicable to any organization in a high risk, highly scrutinized, auditable, and regulated economic sector.

It states “The goal of this security directive is to reduce the risk that cybersecurity threats pose to critical systems by implementing layered cybersecurity measures that demonstrate a Defense-in-Depth approach against such threats.” 

This program offers the necessary controls to demonstrate a Defense-in-Depth approach to any requesting authority. This offering contains a highly robust, functional, interdependent technology framework. The key to Defense-in-Depth is interdependence by process. Imagine a spider web. Each ring in the web is a technology. Each ring connected by a radial thread, which is process. Each technology supports a specific and targeted solution to cybersecurity. In this way, you avoid common gaps organizations fall into and gain the advantage of a multi-layered defensive security architecture that slows and stops the movement of a bad actor.

Included Technologies

Insured Guarantee

The Guarantee is about ensuring and insuring outcomes in cybersecurity.  Dark Rhiino Security provides the Insured Guarantee to clients subscribing to Defense-in-Depth. The Guarantee does not replace cyber liability insurance. It works in conjunction with it. The Guarantee is unique to Dark Rhiino Security. It is an excellent means means by which a client can procure a higher level of cyber liability insurance coverage with a higher than normal deductible, resulting in a total financial backstop against potential losses at a lower insurance premium.

Most Partners are Really Vendors

By definition, a partner is someone or an entity with a vested interest in the person or organization they are involved with. By putting up our money, as a guarantee, we have a vested interest in your cybersecurity outcome. Dark Rhiino Security is a partner. Ask, how many organizations are willing to take a risk to lower and outsource their client’s risk at their own expense? None, that we know of. We are a first.

The Guarantee is available in increments of $25,000, $50,000, $100,000, $250,000, all the way to a $1,000,000. Since the Guarantee is the deductible on the primary cyber liability insurance policy, its’ amount depends on the value of the insurance coverage. For example, a company with a $2,000,000 cyber liability insurance could get a reasonable $50k-$100k for a guarantee. In contrast, a company with $10,000,000 in cyber liability coverage or higher would qualify for up to a $1,000,000 insured guarantee. 

Statistically, many SMBs are out of business within 6 months post cyber attack.

This program is ideal for clients seeking a state of the art cybersecurity program that mitigates and outsources the risk with real financial backstops. It enables organizations to provide their boards with material insights on the management of cyber risks and provides their customers the knowledge that they are dealing with an organization heavily vested in their security.

Cyber Insurance

Dark Rhiino Security has developed a program in partnership with Liberty Insurance Agency with a streamlined process for companies seeking cybersecurity, guaranteed outcomes, and cyber insurance in one easy step. Dark Rhiino Security has also partnered with Willis Towers Watson (WTW) to get access to many additional AM Best rated carriers to get coverage for clients with higher insurance requirements or higher risk profiles.

Cyber Insurance - The Challenge - The Solution

Cyber Insurance used to be available with a one-page simple form. Cyber Insurance used to be highly profitable with some insurers keeping $0.60 of every dollar in premium as profit. With the proliferation of polymorphic phishing attacks, ransomware as a service, and compromise as a service, the profits are gone, and the questionnaires require much deeper responses than checked boxes. Insurance carriers have had to pull funds from their property and casualty funds to pay some claims. The net result has been increased insurance premiums, expanding exclusions, and dropped coverage for some industry sectors. 

Dark Rhiino Security has addressed these challenges and taken the heavy lift off the client. Dark Rhiino Security is SOC2 compliant, and its’ controls are audited. The insurance carrier receives a controls supplemental from Dark Rhiino Security documenting the compliant controls. The legal framework of coordinating the controls, guarantee, and insurance has been taken care of, streamlining the process. Dark Rhiino Security provides a turn key offering that mitigates, outsources, and reduces the risk for a client to an acceptable level, the trifecta. Their are complexities in an offering of this caliber and we are happy to explain details, so give us a call.

Scroll to Top