The AME Group is a leader in providing a comprehensive yet adaptive approach to securing your business.

Our approach is COMPREHENSIVE, as anything less will fail to achieve the objective.
Our approach is ADAPTIVE to both YOUR risk tolerance and to the constantly evolving threat landscape as it must be to be effective.

Securing your business requires a multi-layered approach that addresses every potential attack vector > Devices, Apps, People, Process, Network, Internet, Email, etc.

A comprehensive approach must factor in –

Compliance requirements, and

Your businesses objectives and expectations around being able to recover systems in the event a cyber-attack renders them inoperable or inaccessible.

Despite the many layers of protection, none (nor collectively) are they capable of preventing 100% of attacks. IT IS IMPORTANT FOR BUSINESS OWNERS TO HEAR THIS FROM US, AND TO UNDERSTAND IT.

Everything we do from a security perspective is aimed at lowering the odds of a successful breach or cyber-attack, nothing we do is certain to prevent it from occurring.

This may seem like a simple point but realizing and accepting this is a key step in taking an adaptive approach to security.  We’ll come back to this later.

Our approach must be ADAPTIVE to the business owner’s risk tolerance.

If Risk Tolerance is high, and there are few or no compliance requirements, the customer may elect fewer of the advanced security options.

If Risk Tolerance is low (and/or compliance requirements are high), then customers will elect more of the advanced security options.

Low Risk Tolerance / High Compliance Requirements typically translate to higher cost to achieve the associated objectives.

For cyber security to be effective, it MUST ADAPT to changes in the threat landscape.

An excellent example of this occurred back in 2019 when The AME Group recognized that Antivirus was no longer an effective end point security solution.  We came to this conclusion rapidly as we saw many of our clients fall victim to a new threat called Ransomware.  Even though Antivirus was effective in blocking certain threats such as computer viruses and malware, it was very ineffective against Ransomware.

The AME Group ADAPTED to this change in the cyber threat landscape by quickly researching the solutions for this problem, testing them and then rolling out a new solution to replace Antivirus on all of our customers computers called EDR (Endpoint Detection and Response).

Endpoint Detection and Response Replaces Antivirus

EDR was developed to specifically address Ransomware. Also, to provide security providers like us with additional visibility into potentially malicious behavior occurring on customer computers.

While there is no silver bullet solution that will work 100% of the time, since implementing this in 2019 there have been no successful Ransomware attacks on AME Group clients with EDR.  There have been many attempted Ransomware attacks, but they have all been thwarted by EDR and the other Layers of protection we have in place. 

Adapting our approach to this cyber threat resulted in the desired outcome for our customers. We’ve seen significant reduction in the risk of business disruption caused by Ransomware.

Another way in which cyber security has evolved to adapt to modern threats is in the creation of new solutions that are designed to provide visibility and alerting when:

An attempted breach or intrusion is in process.

A breach has already occurred, and the bad actor has already gained access to a customer environment.

Back to the point previously made, nothing we do being able to prevent 100% of attacks. 

These new solutions are based on the assumption that threats will sometimes get past the many layers of security. However, if we identify them quickly enough, we can often either prevent the breach or kick them out before they have the opportunity to do some or all of their intended damage.

Adapting to a New Threat

Just like in 2019, we find ourselves at a new crossroad in dealing with an evolved cyber-threat. Our existing security solutions are proving to be far less than effective than desired – Business E-mail Compromise (BEC).

Business E-mail Compromise (BEC) is:

Now the most frequent attack vector in the United States with nearly 20,000 incidents reported​ last year.  Please factor in that most incidents go unreported. BEC is your biggest threat.

The costliest cyber threat to US businesses, almost $2.5 billion​

Specifically targeting Microsoft 365

Phishing attacks are very often the entry point for broader attacks.

These statistics from the Verizon DBIR (Data Breach Investigations Report) were no surprise to us.  It reinforces what we already knew to be true!  What we are doing to address Business E-Mail Compromise (BEC) is not sufficiently effective.

So, what is AME recommending to address the increased threat of Business E-mail compromise?

Security Awareness Training

Since over 70% of the time BEC starts with someone clicking on something they shouldn’t. So, the first thing you must address is the security awareness level of your employees.

The AME Group provides many solutions for achieving this.  These solutions are part of what we refer to as our Security Awareness Training Program (SAT).  If you already have this in place EXCELLENT! Now, make sure you and your employees are using this program to the fullest extent possible!

If you don’t have this in place, this is where you need to start.  Technology alone is incapable of securing your business, People and Process must also be addressed.  It is critical that your employees understand their role in securing your business – this is not just an IT thing.  Security expectations should be written into every job description, starting with an expectation of completing annual Cyber Security Training.

Learn more about our Security Awareness Training Platform – Are You At Risk? | PII Protect (pii-protect.com)

Advanced E-mail Security

The free Basic E-Mail security built into O365 is very minimally effective.

The AME Group provides advanced email security through APP River. If you don’t already have an advanced E-mail Security solution in place (or are not sure), please consult with your IT provider.

Microsoft 365 Security

Microsoft 365 Security is a solution, created by the AME Security Team in 2023. It provides our security team with visibility and alerting when:

An attempted breach or intrusion is in process.

A breach has already occurred, and the bad actor has already gained access to a customer environment.

Since we began implementing this solution earlier this year (2023), roughly ½ of the time when we have turned the service on, we have (within hour or days) detected a breach or attack in progress.

This service includes:

1️⃣ Continuous monitoring of your Microsoft 365 tenant, activity, and users.

2️⃣ Alerting and Investigation of suspicious findings.

3️⃣ Responding to alerts 24/7/365.

4️⃣ Initial containment/remediation of identified threat/s.  (Incident response beyond this is provided but would be billed out of scope)

5️⃣ Automatic Quarantine of some suspicious activities (reducing potential damage caused by hackers).

6️⃣ Keeping your Microsoft tenant configured with the most current security settings and features*

7️⃣ Performance of ongoing Microsoft 365 Security Risk Assessments and recommendations for maximizing security.

*There are some security enhancements which require projects to complete and would be quoted for approval.