Jason Ingalls, Founder & CEO
Jason Ingalls, founder and CEO of Ingalls Information Security, is undisputedly a very busy man. For a person who works in the deepest trenches of delivering solutions that reduce information technology risk, this CISA and CISSP-certified engineer-turned-entrepreneur sure does exude an air of modest lucidity. Some might even think that he would bend time and space to reach out to a customer and pull them out of their cybersecurity challenges. One of these cases cropped up when we spoke to this busy CEO. “A large company approached us about a ransomware attack, which was out of business for 12 days. The attackers demanded $450,000 in bitcoin in exchange for the encrypted data; I personally get involved in any bitcoin transactions, we brought the ransom down to $150,000 and we saved the client $300,000,” says Ingalls.
In the wake of such commitment and dedication to delivering outstanding cybersecurity risk management, it stands to reason that Ingalls Information Security sets itself apart in the market as the best-in-class cybersecurity solutions and services provider. When asked about the vital prerequisites for cyber resilience in an IT enterprise, Ingalls says, “Bolstering an organization against intrusions is similar to preparing a fort for an imminent enemy attack. The high walls of a castle or the moat surrounding it serve as the first line of defense against attacks. When the enemies get past this layer, they are faced with cavalry, archer towers, mortars, and the best of weapons guarding the fort. As a whole, there are multiple layers of security protecting the ultimate prize. Enterprise IT architectures are similar to such establishments, where there are multiple layers of security and control, translating into an overall cybersecurity portfolio.”
"Through our cybersecurity solution, we can alert IT professionals of suspicious log-ins or malicious activities that normally go undetected"
At a time when organizations are fighting against hacktivists and cybercriminals, Ingalls’ analogy breaks down cybersecurity into multiple preventive measures, highlighting various prerequisites that are crucial for enterprise security. From endpoint protection to the vulnerability management solution implemented by an organization, every layer of cybersecurity plays a predominant role in keeping attackers at bay. To that end, Ingalls Information Security’s portfolio of cybersecurity and managed security solutions safeguard the IT fortress of organizations. It nurtures an arsenal of cybersecurity tools and a plethora of best practices, which ensure the resilience of security infrastructures.
Fighting Fire with Fire
Ingalls Information Security’s arsenal of cybersecurity services is diversified across Incident Response, Managed Detection and Response (MDR), technical testing, and consulting services. Irrespective of the origin of cybercrime— whether by a hacker, malware, advanced persistent attacks, or the negligence of an employee— Ingalls Information Security is agile in responding to cyber intrusions through tailored assessments of client infrastructures. “When victims of a cyberattack approach us for help and we investigate, we ask ourselves if our MDR system could have prevented this attack.
Bolstering an organization against intrusions is similar to preparing a fort for an imminent enemy attack
And, if the answer was ever “no,” then it would be clear to us that we have discovered something new. We would then engineer a solution to address the problems relevant to this use case,” adds Ingalls. The company’s portfolio of solutions is designed to address various such use cases, be it prevention of an attack or recovery from a previous one. The CEO emphasizes that his company does not sell a set of tools, software, or even a license, but instead offers a holistic, integrated cybersecurity solution that includes the tools, processes, and people required to effectively manage cyber risks.
One of the common use cases the company caters to is phishing prevention and response. Phishing is a well-known, yet often disregarded as trivial cybercrime of the current day. Though the most-savvy individuals can dodge such email attacks, non-native English speakers often get trapped, as they do not have the required language proficiency for understanding the motive behind such mailers. “We recently witnessed a case where one of our client’s employees in Africa had their email credentials stolen,” explains Ingalls. Other employees were unaware of what was happening, and they were replying to what they thought were legitimate emails. Most people do not report this commonplace activity, however log data showed the malicious activity and an alert was generated. Upon recognizing the risk areas for this client, Ingalls Information Security recommended the implementation of a multifactor authentication solution, which drastically reduced risk for the client.
Ingalls Information Security’s success at resolving such issues is merely the tip of the iceberg. The company transcends the traditional barriers of cybersecurity by curating solutions for specific use cases or areas of applicability. A noteworthy solution that testifies the company’s capabilities in this arena is its Managed Detection and Response (MDR) offering. By incorporating additional layers of cybersecurity, Ingalls Information Security’s MDR solution solves for multiple enterprise requirements: advanced detection, threat hunting, anomaly detection, and response guidance. Collectively, these multiple layers of cybersecurity form the defense-in-depth fortress that safeguards information from unauthorized access or cybercrimes. Within this cybersecurity architecture, Ingalls Information Security incorporates up to fifteen different security controls through its MDR system. From email to endpoints to data repositories, the entirety of an enterprise IT infrastructure is protected against a multitude of cyberattacks.
Ingalls Information Security’s Managed Detection and Response capability provides a holistic view of every action occurring on an endpoint, revealing vulnerabilities such as compromised credentials. One of the many ways to gain access into an IT infrastructure without getting detected is by obtaining the credentials of the employees—a technique that goes undetected through traditional security checks. “When credentials are compromised, attackers look like regular users, and everything seems normal to most detective controls. However, our deception module can alert IT professionals on suspicious or malicious activities that go undetected by legacy systems,” explains Ingalls. The approach functions as yet another layer of security within the defense-in-depth architecture.
The First Responders to Cyber Crimes
On the vulnerability assessment side, Ingalls Information Security provides vulnerability data using the Common Vulnerability Scoring System (CVSS), highlighting patching gaps within a client’s environment, and allowing them to craft a solution that addresses the unique requirements. The company’s team of experts pays close attention to CVSS scores above six—especially critical vulnerabilities—to ensure that their clients efficiently patch the vulnerabilities before they become exploited. Understanding such vulnerabilities has always been Ingalls Information Security’s core competency. In fact, the company played a pivotal role in helping clients recover from the major credit card compromises of 2012. “We led the breach response program for a large victim in 2012 when numerous credit cards were compromised due to a SQL injection attack on web servers. We were able to showcase the vulnerabilities associated with SQL servers at a domain level and help them fix those issues,” adds Ingalls. Such breach response programs position Ingalls Information Security as the first responders of cybercrimes in the enterprise security landscape.
One of the many cases that shed light on Ingalls Information Security’s proficiency in mitigating cybercrimes is of a large multinational non-profit organization, which had suffered a security breach in 2017. Within 30 minutes of notice, Ingalls Information Security re-established internet connectivity for the compromised infrastructure and brought back essential services such as email and other critical operations to normalcy. Simultaneous to notifying Ingalls, the non-profit organization had also alerted its cybersecurity insurance providers of the breach. The cybersecurity insurance vendor took 72 hours to respond, however by that time, Ingalls Information Security had already concluded the breach response. The cybersecurity insurance provider wanted to document the breach, and Ingalls helped them implement the necessary tools, providing essential evidence to support the investigation.
Impressed by the collaboration, the non-profit organization sought Ingalls Information Security’s assistance in understanding the risk associated with their global IT infrastructure that comprised over 8000 professionals. Ingalls Information Security’s consultants visited war-torn regions to conduct a cybersecurity assessment on refugee databases that contained tens of thousands of confidential information sets. By deploying sensors for vulnerability assessment and data aggregation across Asia, Europe, Africa, Mid-East, and the Americas, Ingalls Information Security performed a comprehensive evaluation of the client’s global infrastructure and implemented sophisticated endpoint security solutions. “The non-profit organization’s IT infrastructure was distributed around the globe with people from many different cultures and languages. We told them how parts of the infrastructure could be the Achilles Heel of the organization, and helped manage the cybersecurity programs consistently,” adds Ingalls. The collaboration testifies how Ingalls Information Security upholds its tagline, ‘Prevent where we can, respond where we must, and do it as fast as possible.’
Resolving crisis by crisis, Ingalls Information Security works to address multiple cybersecurity challenges while enhancing its managed security services. The company’s ability to respond to attacks befits their recognition as the First Responders of cybercrimes in the enterprise security landscape. The unique approach and the resilient posture donned by Ingalls Information Security serves as a beacon of light for clients worldwide in their hour of crisis.