Cybersecurity firm: Fortify 24×7

Cybersecurity, as a recognized business activity, has come a long way in the past decade. The growth of hacking and sophisticated cyberattacks has caused the discipline to mature and it has now attained its “license to operate” within the corporate and public-sector environments, becoming one of the core business and organizational enablers.

There are many different security product categories on the market, each with numerous hardware or software vendors vying for market share, all of whom can make a compelling argument as to why you need their technology and many who straddle multiple product categories.  How does a business owner know what is right for them?

Fortify 24x7 was founded to help companies of all sizes improve their information security posture with best of breed products and a solution tailored to their specific business needs. The firm’s mission is to eliminate risk for its clients.  Its team of experts has the requisite industry certifications but more importantly the practical real-world experience that cannot be duplicated.

We conversed with the Co-Founder and CEO Jeremy Murtishaw to understand more about the company 

Tell us about Fortify’s first client engagement?

Our first client was an orthodontic office who was hit with a variant of the Locky ransomware. Their previous IT firm had ensured them that they had backup systems in place and would be able to recover their data. Unfortunately, no one ever validated that the backup software was configured properly or was doing its job.  Additionally, their Windows server (which ran their Active Directory, File Server, Print Server, Dental EMR system, etc.) and their workstations were not being patched at all. When the ransomware hit, they chose to pay the ransom but were not able to recover any of the data.

Fortify was brought in and we successfully recovered more than 9 months of their patient schedules, patient health record data including their imaging files. This allowed them to continue their operations with minimal interruption.

We enrolled them in our Cybersecurity Managed program to make sure that this did not happen again.  This included deploying our FP² DNS security and phishing protection solution alongside Endpoint security and Email security. We replaced their old backup solution with a new cloud backup solution and they now perform a test data restore once per quarter. We are pleased to say that they have not experienced any further ransomware or malware infections and all their data is once again secured.

Could you educate us more about your Cybersecurity Managed program?

Fortify’s Cybersecurity Managed program is a complete security offering for our clients. The process begins with a risk assessment where we seek to gain a complete picture of the client, their business, and their computing environment. Once the risk assessment is completed, we then look to remediate any issues deemed to be critical or high. Once that is complete we then deploy the key components of the Cybersecurity Managed program:

• FP² DNS security & phishing protection solution
• Next Generation Anti-Virus (NGAV)
• Managed backup
• Patch management for the OS and applications
• Email security
• Managed Firewall

All systems capable of generating logging data feed their logs into our SIEM and watched by our SOC engineers 24x7x365 and appropriate action is taken if issues are identified.  For larger customers who must meet PCI, HIPAA, GDPR, SOX or other compliance regulations, we expand the program to include network deception, identity & access management (IAM), data access governance (DAG) and privileged account management (PAM) solutions as well.

What do you feel is the biggest challenge facing a startup company?

The biggest challenge we encountered was growth, but this is true for any startup company. But growth from two perspectives: how to obtain it and then, how to manage & control it. The goal is to have an amazing product that is instantly accepted by its target market. This is a great problem to have, but can lead to a situation where you outspend the revenue to satisfy the demand for the product.  When the dust settles, you are left having broken even or in debt. The most important thing for a startup is to have a planned growth strategy.  Set your goals, map out the milestones and the costs.

How is Fortify catering to employees’ growth?

There is so much new technology being introduced into the marketplace every day, that continuous learning is a requirement for everyone on the team. Our team regularly attends security industry conferences like Black Hat & RSA, IT conferences like EMC World &VMWorld and the industry conferences of our client’s like HIMSS. Everyone on our team, including myself, is required to maintain their current certifications as well as obtain at least one new on each year.

What are Fortify’s keys to success?

Our passion for cybersecurity

Unwavering commitment to our clients

Our talented team of engineers

Commitment to providing the best working environment for our team

Mission to be the Best Managed Security Service Provider in the industry

Will Fortify launch any products this year?

2018 is a year where we are going to be launching our own Threat Intelligence platform. We have dreamt up something that we believe will be revolutionary in this space; something that will be applicable and cost-effective for companies of all sizes. Stay tuned.

Meet the mastermind

Jeremy Murtishaw is a serial entrepreneur with 26 years of experience in the field of Information Technology. His background includes work as a Network & Security Architect for many Fortune 500 companies including Disney, Mattel, Intel, and Microsoft as well as executive management for a number of startup companies. Mr. Murtishaw was the co-founder and CIO at InvisiCorp, Inc. where he led the software development team while developing the security systems and fraud prevention protocols.

Mr. Murtishaw was the founder of CyPace, Inc. and served as the Chairman and CEO while leading the development of the healthcare industries first and only Intrusion Detection and Prevention system (IDPS) which interacted directly within Electronic Medical Record applications at process execution, leading to an unprecedented level of visibility and enforcement of HIPAA, SOX and PCI rules.

“Our mission is to Protect the Viability of Your Business!”

Fortify 24x7 … Cybersecurity Managed