CENTENNIAL, Colorado, – (April 30, 2021)– VirtualArmour International Inc. (CSE:VAI) (OTCQB:VTLR), a premier cybersecurity managed services provider, reported results for the fourth quarter and full year ended December 31, 2020. Financial results are in U.S. dollars, with comparisons made to the same year-ago quarter unless otherwise noted. For complete details, please refer to our financial statements and discussion found here: https://www.sedar.com/DisplayCompanyDocuments.do?lang=EN&issuerNo=00037617
2020 Financial Highlights
Managed and professional services revenue for the year increased to $6.5 million, increasing by 21% year-over-year.
Overall revenue for the year decreased to $10.25 million, decreasing by 25% year-over-year due to a 54% reduction in product sales.
Gross profit margins for managed and professional services came in at 50.5% with overall gross profit margin, including lower margin resale revenue, of 38.2%.
The company lost $189,000 from operations in the year ending December 31, 2020 compared to an operating loss of $1.53 million for the year in 2019.
Adjusted EBITDA was $264,000 for the year ending December 31, 2020. See Supplemental Non-GAAP Financial Measures below.
Annual recurring revenue (ARR) totaled $5.3 million at December 31, 2020, representing an increase of 15.2% from $4.6 million at December 31, 2019. ARR is defined as the value of VirtualArmour’s service contracts normalized to a one-year period.
2020 Operational Highlights
Expanded offerings in Essential Core Services to include Managed SIEM, Managed Infrastructure and Firewall, and SOCaaS.
Launched Premium level service offering for SOCaaS.
Completed Phase 2 of the VirtualArmour Automation initiative, which will result in an expected savings of approximately 100 hours per month in engineering man-hours.
Engaged with lead generation company, investment into Google Ads, and increased webinar events.
Revamped regular customer reporting and interaction with Technical Business Reviews that will continuously improve awareness and guide customers to strengthen their security practice.
2020 Financial Summary
Revenue totaled $2.35 million for the three months ending December 31, 2020 and $10.25 million for the year 2020. Managed and professional services revenue totaled $1.7 million in the fourth quarter reflecting a 34% increase in managed and professional services revenue year-over-year and Product revenue for the fourth quarter decreased from $3.67 million in 2019 to $618,000 in 2020.
2020 Cost of sales totaled $6.3 million, down from $10.4 million in 2019.
Gross profit was $3.9 million for the year 2020 as compared to $3.2 million in 2019. The change in gross profit was due to higher margin revenues from managed services and higher utilization of professional services resources in 2020.
Total operating expenses were $4.1 million in the year 2020 as compared to $4.76 million in the prior year.
Operating loss was $189,000 for the year 2020 compared to an operating loss of $1.53 million in 2019. Net loss was $1.4 million or $(0.01) per share in the year 2020 as compared to a net loss of $2.23 million or $(0.04) per share in the prior year.
Cash totaled $179,355 at December 31, 2020, compared to $145,268 at December 31, 2019.
“In the year 2020 we saw great results from the continued expansion of our Essential Core Service offerings, which now include entry to mid-level offerings around Managed SIEM, Managed Infrastructure & Firewall, and SOCaaS. These tiered service offerings are intended for businesses that have a low number of devices, require less IPMs, or EPS, but still need managed cybersecurity services.” Tianyi Lu, VirtualArmour VP Product Strategy.
“With so many businesses that have shifted their infrastructure online, we continue to see an increased need for protection in this new online environment. It’s almost like the wild west out there, and our clients look to us for one-time consultation or to manage their cybersecurity needs through our service offerings.” VirtualArmour CEO, Russ Armbrust.
VirtualArmour Outlook 2021
As the COVID-19 pandemic continued to grip the globe throughout 2020 and many businesses went completely online, the uptick for cybersecurity services continued to increase. Our focus from hardware/software resale to offering primarily managed cybersecurity services in 2020 lead to the safeguarding of our margins from the widespread freezes on capital spending in all industries. Tapping into a new section of the market that was previously overlooked by competitors, the VirtualArmour addition of new Essential Core Services offering has opened up entry and mid-level markets for the company. As we continue to experience growth in all areas of our business, the company formed an internal dedicated product team leading to increased efficiencies, quality and more value add to the customer.
As the world slowly emerges from the pandemic in 2021, VirtualArmour predicts we will continue to see interest and expansion in our new service offerings. With the growth of our company, we have experienced a need for process that has lead to increased internal efficiencies and automation. Shifting our focus in 2020 has benefited the company greatly, and enabled us to finish the year with strong performance.
VirtualArmour International is a global cybersecurity and managed services provider that delivers customized solutions to help businesses build, monitor, maintain and secure their networks.
The company maintains 24/7 client monitoring and service management with specialist teams located in its U.S. and UK-based security operation centers. Through partnerships with best-in-class technology providers, VirtualArmour delivers leading hardware and software solutions for customers that are both sophisticated and scalable, and backed by industry-leading customer service and experience. The company’s proprietary CloudCastr client portal and prevention platform provides clients with unparalleled access to real-time reporting on threat levels, breach prevention and overall network security. VirtualArmour services a wide range of clients, which include Fortune 500 companies and several industry sectors in over 30 countries across five continents. For further information, visit www.virtualarmour.com.
Supplemental Non-GAAP Financial Measures
In addition to GAAP financial measures, management uses non-GAAP financial measures to assess the company’s operational performance. It is likely that the non- GAAP financial measures used by the company will not be comparable to similar measures reported by other issuers or those used by financial analysts as their measures may have different definitions. Generally, a non-GAAP financial measure is a numerical measure of an entity’s historical or future financial performance, financial position or cash flows that is neither calculated nor recognized under GAAP. Management believes that such non-GAAP financial measures can be important as they provide users of the financial statements with a better understanding of the results of the company’s recurring operations and their related trends, while increasing transparency and clarity into its operating results. Management also believes these measures can be useful in assessing the company’s capacity to discharge its financial obligations.
Management assesses adjusted EBITDA as the net gain (loss) for the period as reported excluding depreciation and amortization, change in fair value of warrant derivative liabilities, share-based compensation and interest expense. Adjusted EBITDA is not a term recognized under GAAP and non-GAAP measures do not have standardized meaning. Accordingly, non-GAAP measures should not be considered in isolation or as a substitute for measures of performance prepared in accordance with GAAP.
The table below provides a reconciliation of net gain (loss) for the period as reported to non-GAAP adjusted EBITDA for the years ended December 31, 2020 and 2019:
Important Cautions Regarding Forward Looking Statements
This press release may include forward-looking information within the meaning of Canadian securities legislation and U.S. securities laws. This press release includes certain forward-looking statements concerning a service contract VirtualArmour has entered into with a current client, VirtualArmour’s continued relationship with various suppliers, the future performance of our business, its operations and its financial performance and condition, as well as management’s objectives, strategies, beliefs and intentions. The forward-looking information is based on certain key expectations and assumptions made by the management of VirtualArmour. Although VirtualArmour believes that the expectations and assumptions on which such forward-looking information is based are reasonable, undue reliance should not be placed on the forward-looking information as VirtualArmour cannot provide any assurance that it will prove to be correct.
Forward-looking statements are frequently identified by such words as “may”, “will”, “plan”, “expect”, “anticipate”, “estimate”, “intend” and similar words referring to future events and results. Forward-looking statements are based on the current opinions and expectations of management. All forward-looking information is inherently uncertain and subject to a variety of assumptions, risks and uncertainties, including the success of the Company in performing the IT implementation and migration, performance under the contract by all parties, the ability of VirtualArmour to meet timelines, the continued availability of necessary hardware, the absence of any trade war or tariffs affecting VirtualArmour’s ability to perform, competitive risks and the availability of financing. These forward-looking statements are made as of the date of this press release and VirtualArmour disclaims any intent or obligation to update publicly any forward-looking information, whether as a result of new information, future events or results or otherwise, other than as required by applicable securities laws.
December 31 December 31
Cost of sales
General and administrative
Research and development
Sales and marketing
Gain (Loss) from Operations
Other Income (Expenses)
Change in fair value of warrant derivative liabilities
Gain on forgiveness of PPP loan
Net and Comprehensive Gain (Loss) for the year
Gain (Loss) per share – basic and diluted
Weighted average number of shares outstanding – basic and diluted
December 31, 2020
December 31, 2019
Total Current Assets
Operating lease right-of-use assets
Property and equipment
Accounts payable and accrued liabilities
Current portion of operating lease liabilities
Current portion of finance lease liabilities
Due to related parties
Total Current Liabilities
Finance lease liabilities
Warrant derivative liabilities
Common stock, no par value, 300,000,000 shares authorized Issued and outstanding: 106,508,822 (2019 – 63,599,447) shares
Additional paid-in capital
Total Stockholders’ Deficit
Total Liabilities and Stockholders’ Deficit
Russ Armbrust, CEO VirtualArmour International Inc. Tel (720) 644-0913 Email Contact
From a financial standpoint, it makes sense to try and hold out on upgrading your hardware until something breaks, even if the hardware in question is no longer supported by the manufacturer. After all, if it still works, why replace it?
However, using unsupported hardware brings with it a wealth of cybersecurity risks, can hinder productivity, and can hurt your bottom line.
9 Reasons You Need to Say Goodbye to Unsupported Hardware
You’re Incurring Unnecessary Expenses
Once hardware reaches its end-of-life (EOL), you’ll likely have to pay a hefty premium to keep your aging technology up and running. If extended support is available at all, it isn’t likely that many companies will offer it, leaving you less choice and hampering your ability to shop around for the best price.
Without the ability to install security patches to address known vulnerabilities or support up-to-date (and more-secure) versions of the software your organization relies on, you may no longer be able to comply with relevant regulations, leaving your organization vulnerable from a legal and compliance standpoint.
Outdated Hardware is Unreliable
Aside from the expected wear and tear on old components (which will become increasingly difficult to find or repair), outdated hardware doesn’t support new versions of the software your organization requires to function. As such, you will likely be forced to rely on outdated software, curtailing system performance and cutting you off from new features.
Outdated hardware is also more likely to crash, increasing system down-time and causing headaches and frustration for employees and customers alike.
Productivity Takes a Hit
Unsupported hardware affects employee productivity in a multitude of ways:
Employees have to invest more time and energy in keeping outdated hardware up and running, pulling them away from tasks that grow your business.
Outdated hardware isn’t able to support the newer, faster, more reliable versions of the software your organization depends on, which means employee tasks end up taking longer than they should because workers are left waiting for software to load.
Employees who are continually frustrated with the tools they need to do their jobs are less likely to be satisfied with their jobs overall, leading to higher turnover. Not only does this lead to increased costs (during the training period, trainees don’t make the company money, they cost money), but it also decreases productivity as new members learn the skills they need to do their jobs. Workers are also more likely to view employers with high turnover rates with suspicion, which may make it harder to attract the skilled workers you need to succeed.
Your Network is Left Vulnerable
Older hardware is unable to support the newest software, which means you won’t be able to take advantage of security patches or other steps software manufacturers take to address vulnerabilities in their products. Cybercriminals are well known for targeting older software with known vulnerabilities since not all users will have the latest security patches installed.
Increased Environmental Impact
Everyone knows old cars are more likely to be gas guzzlers than their sleek modern counterparts, but the same holds true for outdated hardware. Increased energy consumption leads to higher electricity bills, increasing your carbon footprint while further eroding your bottom line.
You May Experience Data Recovery Problems
Should disaster strike, outdated hardware means you may have trouble recovering lost data. Depending on your industry and the nature of your business, the impact of this lost data could range from frustrating to catastrophic.
You’ll Likely Encounter a Skills Shortage
As we mentioned in the section about unnecessary costs, finding a repair or maintenance company with the skills needed to repair and maintain your outdated equipment may be difficult. Even if you are able to find a business that can help, there aren’t likely to be many of them around, which means you will likely be left with the choice of either paying exorbitant amounts for repairs and maintenance or upgrading your hardware anyway.
Also, because older hardware is only able to support older software, you may find it’s difficult to find workers who are familiar with the programs you use. For example, many financial institutions rely on software written in COBOL; a vintage programming language developed nearly 60 years ago that isn’t regularly taught in universities anymore. Unfortunately, many major financial corporations (and sections of the federal government) rely on systems that use COBOL, and as older programmers retire, they are having a hard time hiring qualified replacements.
By holding onto unsupported hardware, you may be compromising your organizations’ future as it becomes increasingly difficult to find workers and repair people who have the skills needed to maintain your outdated and aging equipment.
Frustrated Customers Are Likely to Become Former Customers
In the age of instant results, a slow website or frequently inaccessible client portal is incredibly frustrating. Customers expect to be able to access products and services quickly 24/7/365. That means organizations that experience frequent outages, slow software, and other outdated hardware-related issues are likely to see their customers abandon them for competitors who offer a better user experience.
Looking to Break Up with Your Outdated Hardware? Virtual Armour Can Help!
A system migration may seem daunting, and not every organization has the people power or the inclination to maintain and troubleshoot their IT infrastructure or keep it up to date. That’s why Virtual Armour offers managed infrastructure services.
Recent cyberattacks, including the SolarWinds attack and the Microsoft Exchange attack, have renewed focus on how critical a good cybersecurity posture is. Managed IT services and cybersecurity promise to help organizations manage their IT and keep their data safe and compliant, but not everyone is clear on what exactly a managed IT provider does, what cybersecurity is, and what the various technical terms used in the industry mean.
To help you understand what managed IT and cybersecurity are, and why they are important, we’ve created a handy little guide that explains common terms you may encounter and demonstrates how they pertain to the larger cybersecurity or managed IT picture.
What is Cybersecurity?
In the broadest sense, cybersecurity refers to techniques used by either companies or their cybersecurity services provider to protect an organization’s digital assets. Digital assets include both your digital infrastructure (networks, systems, and applications) as well as your data (such as financial records, client lists, and other records). By taking steps to protect these digital assets, organizations can better safeguard themselves against cyberattacks, where threat actors or attackers (also called hackers) attempt to gain unauthorized access to infrastructure or data for nefarious purposes.
Types of Cybersecurity Solutions
Many of these solutions overlap, creating a “swiss cheese” model approach to cybersecurity: not every program is going to be able to catch everything, but layering multiple programs and strategies together reduces the chances that someone or something malicious is able to slip through all your defenses.
Antivirus is a type of security software used by IT professionals to scan for, detect, block, and eliminate malware (malicious software). AV programs typically run in the background and rely on known malware signatures and behavior patterns. Though AV is useful, it is just one piece in the cybersecurity puzzle and isn’t enough to protect your digital assets on its own.
Endpoint Detection & Response (EDR)
Endpoint detection and response refers to a set of tools and solutions that are used to detect, investigate, and mitigate suspicious activities on endpoints (devices that can access the network, including computers and smartphones) and on hosts (such as networks). EDR is valuable because it can detect advanced threats that don’t have a known behavioral pattern or malware signature (like AV requires). EDR can also trigger an adaptive response (like your immune system springing into action) depending on the nature of the threat it has detected.
Managed Detection & Response (MDR)
Managed detection and response is a piece of the SOCaaS (Security Operations Center as a Service) model that offers a comprehensive solution for continuous threat monitoring, threat detection, and incident response and is provided by a third-party vendor. Holistic, turnkey solutions like this can help provide peace of mind, giving IT professionals the information they need to prioritize incidents and improve the overall security posture of the organization.
Network Operations Center (NOC)
A network operations center refers to a central hub that allows network administrators to manage and control their network or networks and their primary server across several geographically distributed sites (such as a head office managing and observing multiple branch locations). Because network administrators need to deal with threats and headaches such as DDoS attacks (discussed later in this article), power outages, network failures, routing black holes, and other issues, it is critical that they are able to oversee the entire network and react to threats quickly and easily.
A NOC is not a security solution, but it can help larger organizations effectively monitor their networks, endpoints, and other critical infrastructure and devices for signs of trouble and is frequently used in Managed IT.
Security Operations Center (SOC)
A security operations center is crewed by cybersecurity personnel and handles threat detection and incident response processes, all while supporting the various security technologies your security operations rely on. While larger enterprises often build and manage their SOC in-house, small and medium-sized organizations don’t typically have the personnel or bandwidth to do so. As such, SMBs (small and medium-sized businesses) frequently choose to outsource their SOC to trusted partners.
Security Information & Event Management (SIEM)
SIEM is a vital tool used to collect and aggregate security events and alerts across multiple security products. Once this information has been gathered, the SIEM software analyzes and correlates those events to look for patterns that might identify potential threats within the organization.
Vulnerability management solutions are programs that are used to identify, track, and prioritize internal and external cybersecurity vulnerabilities. This information is used to optimize cyberattack prevention activities (such as patching known vulnerabilities, upgrading software, and fixing configuration errors).
Patches refer to small programs released by software development companies to fix vulnerabilities they have discovered in their products. Keeping your software up to date allows your organization to take advantage of any security patches released, allowing you to better safeguard your digital assets. Unpatched software leaves your organization vulnerable since cybercriminals often target recently patched software in the hopes that not all organizations will have the patch installed.
Vulnerability Assessment (VA)
Vulnerability assessments are used to identify, classify, and prioritize vulnerabilities and can be used to assess internal, external, or host-based, third-party systems.
Common Types of Cyberattacks
Cyberattacks are becoming increasingly common and can be devastating. A single attack can compromise your systems and your data, ruin your reputation, and even lead to legal trouble and compliance issues if it isn’t addressed and remediated swiftly.
Brute force attacks are crude but frequently effective. During a brute-force attack, a cybercriminal attempts to gain unauthorized access to a system by trying all possible passwords until they guess the correct one. Though this could take centuries by hand, many criminals have software that allows them to try passwords quickly, making this a viable hacking option.
Phishing & Social Engineering
Phishing attacks involve a cybercriminal attempting to trick potential victims into revealing confidential information (such as your banking details, your credit card number, your SIN, or your password) or install malware by clicking a link or opening an infected file. Phishing attempts usually involve text-based communications such as email, text messages, or other messaging apps. Cybercriminals usually pretend to be someone you are already primed to trust, such as your boss or an employee from your bank.
Phishing scams are a type of attack that uses social engineering. Social engineering is when attackers use psychological manipulation to infiltrate an organization or private network by exploiting human weaknesses and tricking unsuspecting users into granting access or handing over sensitive information. This manipulation relies on the human desire to help and trust easily and may also use the fear of getting in trouble or causing an inconvenience.
Credential stuffing involves using existing databases of compromised usernames and password combinations (typically collected during a previous breach and frequently purchased on the dark web) to attempt to login to a targeted account.
The dark web refers to a part of the internet that isn’t indexed by search engines such as Google, so it can’t be accessed by simply typing in a URL (such as www.virtualarmour.com) into your browser. This secrecy has made the dark web a popular place for criminals, allowing them to buy and sell illegal items (such as credit card numbers, illegal weapons, and malware) away from the gaze of law-abiding internet users.
Cryptojacking is an attack that involves the unauthorized user of someone else’s computer to mine cryptocurrencies. Though this type of attack isn’t likely to damage data or systems, it is still concerning because it means someone has access to your digital assets without your knowledge or consent. It can also affect the performance of your system and cost you money since the attack siphons off computing power and uses electricity that your company is paying for.
A data breach, also called a hack, refers to any event where unauthorized users are able to gain access to your systems or steal sensitive information such as PII (personally identifiable information) from an organization or individual. The goal of a data breach is usually to either use this information to gain unauthorized access to other systems (such as using your Netflix username and password to try and log into your bank account) or to sell this information to other cybercriminals.
Distributed Denial of Service (DDoS)
DDoS attacks attempt to crash a web server or other online service by flooding it with more traffic than the network can handle. This can be done either by a large group of cybercriminals working together or a single cybercriminal with a large botnet (connected computers performing repetitive tasks). By overloading the server, cybercriminals can prevent legitimate users from accessing a company’s products or services.
DNS hijacking (also called DNS redirection or DNS poisoning) redirects queries from the intended Domain Name System (DNS) to a different website, often populated with malware, advertising, or other unwanted content. The DNS acts like a phone book for the internet, so DNS hijacking involves forcing the browser to dial the wrong number (or go to the wrong website).
A drive-by attack is a form of malware attack. However, unlike phishing or other forms of malware attacks, users don’t need to be tricked into downloading infected files or opening suspicious links. Instead, user devices are infected automatically when the user visits a trusted or legitimate website that has been compromised.
An exploit is a malicious script (a list of commands executed by a program) or application that exploits known vulnerabilities in endpoints or other hardware, networks, or applications. The goal of exploit attacks is usually to take control of a system or device, increase access privileges, or steal data. Exploit attacks are often used as part of a larger, multi-layered attack.
Malware refers to any form of malicious software and is often spread via email attachments or suspicious website links. The goal of malware is to infect endpoints to gain access to sensitive systems or data or collect private information such as passwords or banking details and send this information back to the attacker.
Ransomware is a type of malware that prevents end-users from accessing an organization’s data or system or an individual’s data or system. Once the files or system is encrypted, and the user is locked out, the attacker promises to restore access in exchange for money, usually in the form of cryptocurrencies.
Supply Chain Attack
Supply chain attacks occur when threat actors are able to access a target’s systems by compromising a third-party resource, which is what happened with the SolarWinds attack. The reason that attack was so devastatingly effective is that the attackers were able to gain access to a SolarWinds program called Orion, which is widely used by companies and US government departments to manage IT resources. When SolarWinds sent out a routine Orion update, they didn’t realize it contained malicious code, which allowed the attackers to access client systems.
As was the case with the SolarWinds attack, the compromised vendor is typically not the final target but instead is used as a means to an end so the attacker can gain access to their intended victim’s systems. However, the damage is not limited to the intended victim but affects any other organization that inadvertently downloaded the compromised software.
Common Cybersecurity Compliance Regulations
Compliance is a large part of cybersecurity for many verticals and industries, including healthcare, finance, energy, and retail. Which regulations you need to comply with depends on a variety of factors, such as your industry or vertical, what sort of PII or sensitive information you handle, who you do business with (such as the US Department of Defense), where your users or clients are located, and whether or not you process credit card payments. To find out which regulations apply to you, please speak to a qualified compliance professional.
Healthcare providers and related organizations need to comply with Health Insurance Portability & Accountability Act (HIPAA) regulations. HIPAA is responsible for establishing cybersecurity standards for healthcare providers, insurers, and all third-party service providers that medical organizations do business with.
General Data Protection Regulation (GDPR) is a European Union law that dictates how personal data on individuals residing in the EU and the greater European Economic Area is collected and processed and specifies the rights users have to access and control their data on the internet. Even if your organization is not based in Europe, if you have users in Europe, you must be compliant.
Organizations that Process Payment Cards or Store Payment Card Data
The retail sector isn’t federally regulated, but any organization that processes payment cards or holds payment card data is required to follow regulations laid out by the Payment Card Industry Security Council’s Data Security Standard (PCI DSS). For more information, please visit the PCI Security Standards Council’s website.
Organizations that Do Business with the US Department of Defense
Organizations that provide electricity, including electric utility companies and operators, are governed by the Federal Energy Regulatory Commission (FERC). FERC has the authority to establish cybersecurity regulations for this sector, though the standards themselves are created by the nonprofit authority called the North American Electric Reliability Corporation (NERC). The standards are referred to as the Critical Infrastructure Protection (CIP) Standards.
More information about FERC can be found here. More information about NERC can be found here, and information about the CIP Standards is located here.
Organizations with Users in California
The California Consumer Privacy Act (CCPA) of 2018 is similar to GDPR in the sense that it is designed to give consumers more control over the personal data businesses collect about them, including:
The right to know what personal information is collected as well as how it is used and shared
The right to delete personal information collected about them (with a few exceptions)
The right to refuse to allow the sale of their personal information
The right to non-discrimination for exercising their rights under CCPA
Even the best cybersecurity policy is useless if your workers and other users don’t understand it or have the necessary training to adhere to it.
Create a Plan
To begin, make sure you have a robust yet flexible cybersecurity incident response program in place. Cyberattacks typically unfold very quickly, so an ad hoc plan created in the heat of the moment isn’t going to cut it. By making all crucial decisions ahead of time (such as how evidence is gathered and handled, how resources are to be allocated in a crisis, and who needs to be alerted if an incident occurs) and determining who is responsible for what you can help ensure there are no gaps or deficiencies in your response.
You should also take this time to establish cybersecurity rules, such as password standards, so you can best safeguard your digital assets.
Cybersecurity is everyone’s responsibility, from the President of the company down to the summer intern. Cybersecurity training ensures your employees know what to do should they encounter a potential threat and explains why these actions, as well as all preventative steps, are important. It’s easier to get worker buy-in when they understand the “why” behind the “what”.
Test Your Plan
Once you have a plan and the necessary cybersecurity programs and tools in place, you need to test your response before an incident occurs.
What is Pen Testing?
Pen (Penetration) testing is a tool used to stress-test your cybersecurity defenses. This involves hiring an ethical (or “white hat”) hacker to try and break through your security defenses and simulate a cyber attack. The ethical hacker records any and all deficiencies or gaps they were able to exploit and then summarizes and shares their findings with your team.
Tabletop scenarios are like fire drills for security. Once your team has undergone cybersecurity training, a tabletop exercise lets them put their newfound skills and knowledge to the test while they test-drive your cybersecurity incident response plan.
Tabletop scenarios present your team with a hypothetical cybersecurity incident that they need to respond to, allowing them to practice what they have learned in a zero-stakes environment.
What is Managed IT?
In simplest terms, managed IT solutions, also called managed IT services allow organizations to hand off their IT operations to a trusted service provider, who then handles all IT-related work. This single point of service can free up internal IT team members for other projects, or in the case of an “IT Light” organization, allow you to access the professionals you need without having to hire internally.
Managed IT offers a variety of benefits, including:
Access to an entire team of professionals, 24/7/365.
Cost savings, since additional team members won’t need to be hired
Peace of mind, since you never need to worry about your IT or security person calling in sick or departing to pursue other opportunities and leaving you vulnerable.
Predictable and scalable spending
Common Types of Managed IT Solutions
There are many types of managed IT services. While some organizations only offer a handful of managed services, others take a holistic approach that handles everything. How much, or how little, you want to hand off when it comes to your IT is up to you, but make sure you carefully vet any MSSP you are considering to ensure they offer the services you need and have a reputation you can trust.
Opting for a managed IT solution can help with business continuity (BC) as well as backup and disaster recovery (BDR). BC refers to the necessary planning and preparation needed to ensure your critical business operations can continue to function should a pandemic, natural disaster, power outage, cyberattack, or other crisis affect your business. A key component of BC is BDR, which refers to a combination of data backup and disaster recovery solutions that are designed to get your systems restored and fully operational again as quickly as possible should disaster strike. Having dependable backups is critical for effective disaster recovery.
Two other good terms to be familiar with are RTO (Recovery Time Objective) and RPO (Recovery Point Objective). RTO refers to how quickly data needs to be recovered to ensure business continuity after unplanned downtime or a disaster strikes. The faster your RTO, the faster your organization can get back to work. Though exactly how long your RTO needs to be will depend on a variety of factors, you should aim to have an RTO of 4 hours or less.
RPO refers to what data needs to be recovered for normal business operations to resume after disaster strikes. This metric is usually based on file age (for example, all data backed up before this morning needs to be recovered). In conjunction with RTO, RPO can help your organization determine how often you should be backing up your data. For example, if your RPO is 2 hours, then you should be backing up your data at least once every 2 hours.
Strategic Business Review (SBR)
An SPR is a structured process with two goals: unearth new business opportunities and identify how your organization’s performance can be improved using technology or other means. This living document serves as a roadmap to guide future technological investments so you can ensure your managed IT services and IT infrastructure continues to meet your needs as your company grows and evolves.
Network Monitoring & Remediation
Remote monitoring management (RMM) is critical for network monitoring and remediation and refers to a platform that managed services providers like VirtualArmour use to remotely and proactively monitor your endpoints, network, applications, and systems for suspicious activity. This data is used to identify potential cybersecurity incidents or other potential problems so that they can be addressed as quickly as possible.
Most network monitoring and remediation is done out of the NOC (Network Operations Center).
What does -aaS Mean?
The term “-aaS” is a suffix that means “as a Service” and refers to any services (IT or cybersecurity) that are delivered remotely to your organization via the cloud. Examples include HaaS (hardware as a service), SaaS (software as a service), and IaaS (infrastructure as a service).
Not everyone is an IT or cybersecurity expert, and that is okay. The experts at Virtual Armour are here to help. We offer a wide selection of cybersecurity and managed IT services that can be tailored to meet your needs, as well as 24/7/365 network monitoring upon request.
For more information, or to get started with your cybersecurity or managed IT services, please contact our team today.
Supplemental Reading List
If you would like to learn more about managed IT and cybersecurity, please consider reading the articles listed below.
In recent months, Apple has taken steps to improve user security and privacy. In February 2020, Apple announced that they had joined the FIDO (Fast Identity Online) Alliance. The Alliance’s goal is to help augment less secure forms of identity verification (such as passwords) by pairing them with more secure forms of authentication such as security keys and biometrics. Though this is noteworthy, Apple is also one of the last large tech companies to join the Alliance, whose ranks already included Amazon, Google, Facebook, and Microsoft.
The release of iOS 14 last September brought with it improved security features, and though users have been overwhelmingly supportive of these changes, advertisers such as Google and Facebook are much less enthusiastic.
The Alliance aims to replace password-only logins with more secure login experiences for both websites and apps by promoting other forms of authentication, including security keys and biometrics (such as voice authentication, fingerprint scanners, and facial recognition).
Though all apps on iOS already had to explicitly ask for permission to use the camera and microphone, starting with iOS 14, you will now be alerted whenever an app is accessing your camera or microphone. This is done using a dot in the upper right-hand corner: A green dot means your camera is currently in use, and an orange dot means the app is using your microphone.
The goal of this feature is to ensure you are never recorded without your knowledge.
Limit Photo & Location Access
This update offers a more granular configuration for your photo and location settings. This allows you to specify whether an app can never access location data, always access location date, or only access this data when the app is open or when you have granted explicit permission.
The new Precise Location toggle switch also allows you to grant an app permission to know your general location while keeping your exact GPS coordinates private.
This update also allows users to specify whether apps can access all, none, or a few select photos.
Flagging Bad Passwords
Though Apple has had the ability to sync your login credentials across various accounts on your Apple hardware via iCloud for a while now, they have now implemented a password monitoring system that will alert you if your credentials are spotted during a data breach. This helps ensure potentially compromised credentials can be changed as soon as possible.
Discouraging Wi-Fi Tracking
Whenever a device connects to the internet, it is assigned a MAC (media access control) address, which allows your local network to keep track of the device. In recent years, internet service providers and, by extension, advertisers have been using this data to determine the time and place of your device when you log in.
Most app companies quickly re-configured their products to eliminate this form of unauthorized data collection once Apple implemented this feature during beta testing and made this behavior public, but this feature helps ensure that underhanded app companies are no longer tempted to snoop where they aren’t explicitly welcome.
Privacy Reports from Safari
Though Apple has blocked cross-site tracking cookies in Safari for quite some time (a feature that makes it more difficult for advertisers to string together your browsing history across various websites), this feature has been improved in iOS 14 by adding the privacy report feature.
This feature gives you more details regarding what effect this blocking has on your browsing by showing you how many individual trackers on each page have been blocked over the past month. The reports don’t have an interactive component but do provide helpful information.
Coming Soon – Limiting App Tracking
Though pushback from advertisers means this feature won’t be fully implemented until sometime in 2022, there are still steps users can take now to curtail apps’ ability to track you outside of the actual app itself.
However, even if you don’t explicitly give an app permission to track you, they may still try to do so per their individual privacy policies, curtailing users’ ability to opt-out of advertising tracking until this new feature is fully implemented.
Coming Soon – Improved Access to App Privacy Information
Though this feature is also not yet live, Apple did announce that one iOS 14 feature that is also coming soon is app privacy cards. These cards are designed to give users a clear picture of the types of data each app collects and how that data is used.
What Does This Mean For Advertisers?
It’s become common wisdom that if a product or service is “free,” then the users (or, more specifically, the data they generate) is the real product. Apple’s approach to improved privacy and security, even with significant compromises on limiting app tracking, has the potential to severely impact the ad targeting business. While this is good news for users, advertisers are not as excited.
“When Apple’s policy goes into effect, we will no longer use information (such as IDFA) that falls under ATT [the App Tracking Transparency feature] for the handful of our iOS apps that currently use it for advertising purposes. As such, we will not show the ATT prompt on those apps, in line with Apple’s guidance.“ Google Ads’ group project manager Cristophe Combette stated in the blog post responding to Apple’s changes.
This incident has demonstrated the power of supply chain attacks (when malicious actors infiltrate networks via an outside partner or provider with access to a company’s systems and data) and highlighted the unfortunate reality that many organizations remain unprepared to detect, prevent, and address such attacks.
Cybersecurity Shifts From a Want to a Need
The biggest lesson to learn from the SolarWinds attack is that having a robust cybersecurity posture is no longer just a nice-to-have. Remote work has also made many organizations particularly vulnerable to attacks like the one perpetrated against SolarWinds as companies grapple with keeping remote workers secure.
What Should I Do? Cybersecurity Basics to Get You Started
Creating cybersecurity policies to safeguard your digital assets may be daunting, but there are a few basic steps every organization needs to take:
Making sure your software is kept up to date, and that outdated and unused programs are removed from your systems is one of the easiest things you can do to improve your cybersecurity posture. When software companies discover flaws or vulnerabilities in their products, they address them by issuing patches (snippets of code that correct the issue). However, you can only take advantage of these fixes if you download the patches.
Recently patched software is a common target for cybercriminals since not all users are vigilant enough to download the patch as soon as it becomes available. This means that cybercriminals often target recently patched software in an attempt to gain access to private or sensitive information.
You should also remove any unused or out-of-date programs from your systems, particularly if the software is no longer maintained. Software that is no longer being maintained may contain unpatched vulnerabilities or flaws, leaving your entire network vulnerable. Unused programs may contain vulnerabilities that leave your network exposed, but because these programs aren’t being opened and used regularly, your team may not discover these issues until they have already been used against you.
Remove Permissions as Part of Your Offboarding Process
While most organizations have fairly robust onboarding processes, many don’t put nearly as much time and effort into creating equally comprehensive offboarding processes. To help safeguard your network, make sure that all accounts of former employees are removed so that these login credentials cannot be used.
Even if your former employees don’t plan to access their old accounts, these unmonitored logins present a tempting possible entry point for cybercriminals. Old accounts are particularly useful to cybercriminals because no authorized users are monitoring them regularly, which means the criminal’s actions are less likely to be detected.
Stay Up to Date on Threats
You can’t defend yourself against a threat you don’t know to look for. Make sure your team is keeping up to date on the latest and most common cybersecurity threats.
Even if you don’t experience an attack, your team should still be regularly auditing your current protocols and procedures to ensure they are up to date and continue to meet your needs. You may also want to consider conducting a pen (penetration) test, which involves hiring an ethical hacker to stress-test your defenses and look for vulnerabilities. Once the test is complete, your hired hacker shares their findings with your team, detailing which vulnerabilities they were able to exploit and how, and offers their professional advice for addressing these security shortcomings. These tests allow you to identify and address issues before cybercriminals can exploit them.
Invest in Employee Training
In many instances, your employees are your first line of defense. Training your employees to identify suspicious activities and ensure they know who to report their suspicions to is a critical component of any cybersecurity posture. All new hires should undergo extensive cybersecurity training, and all team members should undergo refresher training regularly.
To help your employees put their new knowledge and skills to the test, you may also want to consider running tabletop exercises. Like fire drills, tabletop exercises present your team with a hypothetical scenario which they need to address. This approach allows your team to practice their skills in a no-stakes environment and test if your current cybersecurity posture and protocols are meeting your needs. Once the exercise is complete, your team sits down to discuss what went well and what did not so that these shortcomings can be addressed as soon as possible.
How VirtualArmour Can Help
Safeguarding your digital assets is critical, but many organizations find this task daunting. That is why the experts at VirtualArmour are here to help. Our team can help you audit your current posture for vulnerabilities and create a robust plan to address these security shortcomings. We offer a wide selection of managed and professional services, including: