Who’s holding you hostage: Cybersecurity companies or hackers?


It’s a serious headline. Although most CIOs and CTOs teams have the best intentions taking proactive steps to prevent a data breach and ward off hacking intrusions, many are stunned when they discover their security response retainer didn’t actually protect them, instead only prioritizing their case when a breach inevitably happens.

What A Security Response Retainer Really Does

When you look under the hood, a security response retainer policy is no different than a retainer policy one would have with a lawyer.  The customer gets their billing vehicle in place, and when an issue arises, a quick all is placed to the attorney, and the team of lawyers save the day. But also like an attorney, the bail-out experience is when the big bills start rolling in.

The high cost of security and remediation is why some in the industry have simply toyed around with the idea of simply forgoing an expensive security response retainer, opting to simply pay when a hack happens, getting the same end result. The frustration is warranted—but the approach is not.

Speaking generally, there are 3 core benefits to having a reputable company provide a security response retainer. The CIO or CTO receives weekly e-mails and alerts about the latest threats, they receive guarantees of “Boots on the ground” for remediation and Malcode analysis, often within 24 hours, and lastly, they receive a discount of the hourly rate charged for when you get breached. It’s not cheap.

When a company fails to prevent a data breach, average incident response is typically around $600 per hour with no contract and $275 with one, and this entire plan is sold to enact AFTER you get hacked. When you enact the package, the clock starts. Having a history in cybersecurity, I can tell you this gets more expensive than you can possibly imagine.

In one specific hacking case, some of my previous security teams largest commission checks came from making $2 million from an initial $50k security response retainer. If this sounds shocking, consider a multi-person team coming to your corporate HQ billing around $400-$500 an hour for several months. It’s for this reason customers start to ask who is really holding them hostage: The security company hired to protect them? Or the hackers?

Who is really holding you hostage: The security company hired to protect you? Or the hackers that will inevitably breach your network?

This is precisely why my fellow researchers at 3 Tree Tech are fascinated by tech we are implementing from Vigilant Technologies. While there are no silver bullets, their fresh approach moves the needle in the right direction on the cybersecurity battlefront. 

Unique Risk Mitigation To Prevent A Data Breach

Their unique on-premises hardware design stands defiantly opposed to current software-based cybersecurity contractors existing methods to prevent a data breach. I’ve determined Vigilant Technologies method detects a breach in seconds to minutes, and when a breach is detected, it simply “rewinds” your organization, link a DVR or cybersecurity time-machine. Vigilant Technologies even guarantees unlimited incident response to boot, ready to eat all costs associated with remediation of a breach, if their system is bested. 

We strongly endorse Vigilant Technologies and believe they will disrupt cybersecurity and change the way we all look at the standard security response retainer. The old saying “an ounce of prevention is worth a pound of cure” comes to Prevent A Data Breachmind. Perhaps being held hostage for millions by your security provider is a thing of the past.

Kris Taylor of 3 Tree Tech

Kris Taylor is a cybersecurity pro at 3 Tree Tech. If you’d like to implement Vigilant Technologies security solution or need other solutions like Gen 2 SD-WAN, or Wireless 5G, reach out to simplify the complex.

IT Stuff To Your Face!

For more smarty-pants research, insights, and invites to our CIO/CTO virtual wine tastings, lunches, and scotch sessions, sign up!