Blogs /
  • Voxtelesys Partners with CISA – A Step Towards Unparalleled Security.
  • Voxtelesys Partners with CISA – A Step Towards Unparalleled Security.

    May 8th, 2023

    Introduction

    As the rise of cybersecurity attacks on telecommunication providers increases, Voxtelesys has recognized the need to take proactive measures to protect sensitive information, intellectual property, and customer data from cyber attacks.

    For this reason (and many others) Emergency Weather Broadcasts, Bomb Defusals, Emergency Services, Schools, Government Agencies, Hospitals, Banks, and many more trust Voxtelesys with redundant and secure communication Every. Single. Day. The continued trust from these companies, and organizations of all levels, have helped make Voxtelesys a critical infrastructure to the United States.

    In recognizing our growing importance to the communication sector, and to further attest security as our top priority at Voxtelesys, we have decided to partner with Cybersecurity and Infrastructure Security Agency (CISA).

    By integrating with CISA, Voxtelesys can now offer our customers unparalleled voice and messaging security. Here are just a few ways CISA helps Voxtelesys take proactive measures to protect our sensitive information, intellectual property, and customer data from cyber attacks:

    Expertise

    • CISA is the primary agency responsible for protecting the nation's critical infrastructure from cyber threats. They employ some of the best cybersecurity experts in the world who are trained to handle complex threats and vulnerabilities.

    Access to Threat Intelligence

    • CISA works closely with government agencies and private sector partners to develop and implement security regulations and standards. In partnering with CISA, Voxtelesys now has access to the wealth of threat intelligence collected by CISA. This information, which is not available to the general public, allows us to stay ahead of the latests threats and vulnerabilities targeting the telecommunication industry.

    Threat Response

    • CISA has the capability to respond quickly to cyber incidents, as well as provide guidance and support to Voxtelesys in the event of a cyber attack. Their rapid response can help us minimize the impact of an attack and get back to normal operations as quickly as possible.

    Best Practices

    • CISA has provided Voxtelesys with best practices for cyber and infrastructure securities. By following these practices, we can improve our overall security posture and reduce the likelihood of a successful attack.

    Collaborations

    • By partnering with CISA, Voxtelesys can take a collaborative approach to cybersecurity. This can help build stronger relationships between the public & private sectors, as well as generate more coordinated and effective responses to cyber threats.

    Guidance & Resources

    • CISA provides a variety of guidance documents and resources to help Voxtelesys understand and comply with various security regulations and standards. Some security resources include:

      • NIST Cybersecurity Framework
      • CIS Controls
      • Other Industry-Specific Standards.

    Infrastructure Assessments

    • CISA has conducted Cyber Hygiene, Remote Penetration Testing, and Tailored Risk & Vulnerability Assessments of Voxtelesys' Critical Systems to identify compliance gaps, as well as provide recommendations for remediation. A few Cyber Hygiene tests include:

      • Web Application Scan

      • OWASP Top 10 Vulnerability scanning

      • Architecture Design Review

      • Persistent scanning service of internet-accessible systems for configuration errors and suboptimal security practices.

    Alerts & Notifications

    • CISA always issues alerts and notifications about new security threats & vulnerabilities. They also provide guides on how to mitigate these risks and comply with relevant security regulations and standards.

      The recent 3CX Supply Chain Compromise was one of the many useful alerts from the security advisory service.

      Anyone can signup for these advisories.


    Overall, partnering with CISA has helped Voxtelesys better understand and comply with security regulations and standards. As a direct result of this integration, we have heightened our security posture and reduced risk of security incidents.

    A statement from our CISO:

    Partnering with CISA has given us an unmatched "1000-foot view" of our public-facing services. It has proven to be a valuable multi-faceted approach to Exposure Management in contrast to just using Shodan or Censys.

    We encourage any business that offers critical services to enroll with CISA for vulnerability and Pen-testing.

    Conclusion

    The task to keep a telecommunication company secure in modern times can be daunting, given the rapid evolution of the threat landscape. But we must do everything feasible to stay secure and protect our customers' data and privacy. Together, we must remain vigilant and proactive in identifying and addressing potential security risks. It is vital that we stay informed about the latest security threats, utilize best practices, and be willing to adapt/evolve our security as needed.

    While we cannot guarantee that we will never experience a security incident, our customers can take comfort in knowing that Voxtelesys takes extensive pre-emptive measures to thwart security threats. We will always do our best to keep the customers who have placed their trust in us, secured and protected.

    Notes/Resources/Sources

    Voxtelesys Partners with CISA – A Step Towards Unparalleled Security.