100% of recent healthcare cyber attack victims had a firewall, anti-virus software and an IT company but were still breached.

Hackers often have unrestricted and undetected access to your network for weeks prior to launching their ransomware attack. During this time, they steal passwords, install screen sharing applications to watch your employees, and download all your patient data…all while bypassing your current security measures.

Hackers can use IoT (internet of things) devices, such as a smart device, to launch an attack against other parts of your network like your server and workstations. They understand the value of the data contained in healthcare databases and, as a result, target these systems. Healthcare provider’s networks are being breached because they are not implementing advanced cybersecurity solutions that minimize the chances of a ransomware attack and data breach. Ransomware is devastating healthcare and it is compounded by the theft of the practice’s data prior to the ransomware attack.

Black Talon operations are 100% US based and we employ highly credentialed security experts. Our customer-focused approach has enabled us to provide industry leading data breach prevention solutions for your organization. 80% of our clients are in healthcare and look to us as experts in healthcare cybersecurity.

Relying strictly on a firewall or anti-virus software to block an attack simply won’t work. You need to know how and where you are vulnerable. Black Talon takes over where your IT company leaves off by implementing a multi-layered security solution to help prevent a cyber or ransomware attack at your business.

Vulnerability Management

Black Talon scans every device on your network for “open doors and windows” that let hackers in and we close them before the hackers can get in

Cybersecurity Awareness Training

Your employees present a tremendous amount of risk to your company. Can they identify threats that come in through email? We train your employees to identify and mitigate risk

Virtual CISO (vCISO)

Black Talon can offer part-time Virtual Chief Information Security Officer services, minimizing the expenses of having a full-time position

Disaster Recovery Training

Black Talon will help develop and implement a disaster recovery plan so that your organization knows exactly how to respond to a multitude of disasters

Penetration Testing

Black Talon’s ethical hackers attack your network using the same tools and techniques as cybercriminals and work with your IT vendor to secure your network

Cybersecurity Assessment

Black Talon helps identify weaknesses in your business operating procedures that may result in a breach of your system. We audit your current standard operating procedures and make recommendations

Application Testing

Black Talon will test your custom or 3rd party software applications to identify vulnerabilities that may result in a breach and make recommendations on how to harden your software

Vulnerability Management

Every one of your devices is vulnerable and can be potentially exploited by threat actors. You want to believe that running updates and working with an IT company covers you…but that is just not the case. Your devices are vulnerable and can be used as a launching pad by hackers to attack your network and gain access to patient data.

Utilizing the most advanced technology, Black Talon Security places software on your network that actively tries to find and exploit vulnerabilities in your network, server and firewall. The software detects vulnerabilities such as: weak passwords, out of date operating systems/software and open ports on your network and firewall. There are approximately 20,000 known computer and device vulnerabilities and our software can find all of them, mitigating your risk. New vulnerabilities are discovered on a daily basis, and businesses must implement a structured and continuous process to constantly monitor and manage vulnerabilities. Most forms of malicious code require a vulnerability in order to execute. If Black Talon Security identifies these vulnerabilities and they are removed, the malicious code most likely will not execute on your network. “It dies on the vine.”

Cybersecurity Awareness Training

Cybersecurity Awareness Training is a very powerful solution that helps mitigate the “employee risk factor.” By properly training your employees on threats that present through the use of email and the internet, you can minimize your exposure by reducing the chances of an employee clicking on a malicious link, attachment or falling for a social engineering scam.

Virtual CISO (vCISO)

As your organization grows and matures, the role of a CISO becomes more and more critical. In many organizations, the CISO role may not be a full-time position or, due to geographic constraints, strong candidates may not be available. Black Talon can offer a solution called vCISO. In this role, you will be provided with a dedicated CISO resource that provides you with a pre-defined amount of monthly consultation and services. A vCISO typically handles:

  1. Compliance
  2. Security Policies and Procedures
  3. Standard Operating Procedures Guidance

Disaster Recovery Planning

Regardless of the size of your organization, you must have proper plans, policies and procedures in place to mitigate risk to your business and ensure business continuity. These plans must take into account numerous possibilities and variables in order for the business to recover from an event as quickly and painlessly as possible. Data loss and extortion are significant problems that cost businesses hundreds of thousands of dollars and business executives must prioritize disaster recovery budgets and resources accordingly.

Penetration Testing

Hackers are targeting your firewalls, servers and devices using very sophisticated tactics, techniques and procedures. Our ethical hackers will attack your firewall, server and network to find exploits that other technologies simply can’t find. Once this is complete, a detailed report is provided to your IT company/MSP for remediation and risk mitigation purposes in order to further harden your network.

Cybersecurity Assessment

We will conduct a comprehensive assessment of your operations to help you better understand where you have risks such as backups, remote access, email, etc. The assessment is approximately 1.5 hours long and consists of seventy-five questions. Certain types of businesses may require a more comprehensive audit due to size, network environment or compliance requirements. Black Talon Security can customize your audit based on your business needs. Upon completion of the audit, a comprehensive report will be provided outlining our recommended changes to your standard operating procedures.

Application Testing

We will conduct extensive testing on your custom applications using sophisticated tools and human intellect. We can also test hosting environments such as Microsoft Azure and Amazon Web Services. In many instances, we find significant vulnerabilities in software applications and hosting environments that may ultimately result in a breach.

In a recent application test, we were able to expose the complete names and email addresses of a company with over 40,000 employees. A mistake was made by the company’s software developers that exposed this information to the internet.

The Biggest Mistake You Can Make

Every business that contacts us for help with recovering from a cyberattack has two things in common. First, they relied only on basic data breach prevention solutions such as firewalls and anti-virus software. Second, they did not engage with a cybersecurity company to identify risk, harden their network and train their employees. They simply relied on their IT vendor to provide security. Your IT vendor should not be checking and auditing their own security work. It is very poor practice to “self-audit” security. The best IT companies and MSPs always recommend that their clients have an independent company check and verify their security. If your IT vendor pushes back, they truly do not have your best interest in mind. You should sit back and critically ask yourself, “Why would they say we don’t need a cybersecurity company?”


Integrated Solutions