Home - Article

Featured Article

September 03, 2017

Data Breach at TigerSwan and TalentPen Exposed Thousand of Secret Government Applicants


There are two types of companies. Those that have a Cybersecure Culture and those that do not. In this day and age where every company is a perpetual target, there are some mistakes which make it all too easy for hackers to gain access to important information. Data which could sink your company or in this case perhaps two companies.

Thousands of files containing the personal information and expertise of Americans with classified and up to Top Secret security clearances have been exposed by an unsecured Amazon server, potentially for most of the year.

The files have been traced back to TigerSwan, a North Carolina-based private security firm. But in a statement on Saturday, TigerSwan implicated TalentPen, a third-party vendor apparently used by the firm to process new job applicants.

TigerSwan references TalentPen as their “former” recruiter and goes on to say its systems were never breached... Blaming the issue on its vendor.

There are a few ways to reduce the chance this situation can happen to your organization:

  1. Have an expert IT consulting firm or someone who knows what they are doing check your servers and systems to ensure they are secure. This needs to be done frequently. A simple penetration test or pen-test would have allowed TigerSwan and TalentPen to know their server was not secured.
  2. Have auditing and documentation done of your systems by someone other than your internal or current IT team. The worst thing you can do if your business is important to you is to say the following: I pay my IT team a lot so they know what they are doing. My IT team works for a Wall Street firm so they know what they are doing. A second opinion is always good to get – to be sure you are cybersecure.
  3. Understand the vendors you work with can be the weak link in your cybersecurity culture. You need to ask questions of potential partners. Find out who they use to secure their systems – is it an inside person? An MSP? Are they using anomaly detection to check continuously for breaches? How often have they been hit with ransomware? Do they have a solid strategy for disaster recovery in place? Ask your vendors for the results of the above items. If they stare at you with blank faces, tell them to come back when they know what you mean and can prove they have buttoned up their business.
  4. Cybersecurity training is crucial to every company these days. A simple cybersecurity class would have reminded TalentPen to double-check things like an unsecured server and/or other issues that could cause a problem.

In short, Cybersecurity is not just technology – it is also user-training and a culture – a cybersecurity culture which must permeate an organization. A determined hacker can always get in and mistakes are made at every organization. However, if you have the right culture… Your mistakes will be corrected quickly and your organization will be tougher to hack than the next guy – which is the ultimate goal.

A new breed of hacktrepeneurs has awoken and they have little to fear and everything to gain by infecting as many companies as possible and extorting money from them. Apex Technology Services stands ready to protect your company regardless of whether it’s located in New York CityWhite Plains, New York; Connecticut; Australia; Europe; or anywhere else. Our full suite of cybersecurity and IT support services is at your disposal, enabling you to spend less time worrying about and more time growing your business.

To ensure your security, consider one of our most popular services — Auditing & Documentation — which pinpoints vulnerabilities in your infrastructure, process flow and internal security procedures.





Apex Technology Services
Choose from comprehensive, affordable solutions for IT consulting, network services and computer help desk support in Fairfield county including Norwalk, Darien, Stamford, Greenwich, Ridgefield and Bridgeport. Also Westchester county including Rye, New Rochelle, White Plains, Yonkers and New York including Manhattan and the five boroughs.
IT SERVICES

IT SERVICES

Apex Technology Services is a cutting edge MSP offering quality IT support to financial, medical, legal, Fortune 500 and government agencies while adhering to the highest of quality...

LEARN MORE
CYBERSECURITY Services

CYBERSECURITY

Apex Technology Services has the cybersecurity expertise to help your business in a world filled with attackers looking to shut down your business hold it ransom or steal your valuable...

LEARN MORE
CLOUD SERVICES

CLOUD SERVICES

Apex Technology Services delivers a combination of traditional IT functions such as infrastructure as a service (IaaS), applications, software, security, monitoring, storage...

LEARN MORE

Ranked Top 10 Network security Solution Provider

One Stop Shop For All Your Technology Needs


Contact us Now!