NERO Consulting: The Russians are Coming!

Anthony Oren, CEO
The Russians are coming! The Russians are coming! Well, actually they are already here, and so are the Chinese, Iranians, North Koreans, Ukrainians and many other countries who have built up a sophisticated technology army. As a result, cybersecurity strategies are at the forefront of policy discussions and future conflicts planning in the US. In many ways, the threat has become one of the primary areas of concern in the US. Primarily, after the 9/11 attack, government agencies in the US have beefed up their security portfolio to obliterate the rising illegal activities in the country. And as a student in one of these specialized programs at the time (shout out to Pace University), I can assure you, the Russians were not on anyone’s top of mind but the threat was just as real then as it is today.

As a once avid programmer and light-hearted hacker, I switched my interest to cybersecurity to develop in-depth knowledge of this subject to play a part in mitigating the evolving cyber crimes in this country. A few years later, I started a small consulting firm to offer on-demand cybersecurity consulting services. As years passed, my capability and the reach of my consulting firm increased, and subsequently, “NERO” became a consulting and technology management company. Today, my company is playing a significant role in aiding small and midsized business in eradicating the malicious activities occurring through the cyber world, such as phishing emails.


NERO brings forth a programmatic approach to evaluate technical, administrative, and management security controls in the entire network environment


NERO, is based in New York, and offers a programmatic approach to evaluate technical, administrative, and management security controls in a company’s technology environment. My personal mantra is “you’re only as strong as your weakest link” but I can’t tell that to a customer seeking technology services so my value proposition is simple: Your network will be better off when we manage it. We’ll find the weak spots, fix them, and be proactive for the life of our partnership.
We conduct monthly, quarterly, and annual reviews with our customers and are transparent about how we’re monitoring for the latest threats and vulnerabilities.

One fact I always like to share with computer users, whether it’s a mom shopping online or a CEO of a Fortune 500 company, is that a significant percentage of cyber attacks starts with a phishing link where by someone pretends to be someone else (maybe “your friend”, “a prince”, or just “a postal delivery company”) and tries to get you to click on a link in hopes that you will reveal your password or lead them into your company’s network. According to CSO Online, 93% of successful phishing attempts lead to ransomware infections. Unfortunately, in my experience, most people fall for these tactics and by the time I’m having a conversation about cyber security with someone, the cybercrime was already committed and to figure out how it was committed, I almost have to borrow a quote from Winston Churchill (originally said about Russia), because it “involves solving a riddle wrapped in a mystery inside an enigma”.

Another interesting note is that living and working in New York City (and married to a Registered Architect), I have a tremendous respect for compliance standards. Case in point, New York State’s “DFS Regulation 23 NYCRR 500” is one of the toughest regulations in the country that mandates strict standards for data security policies, backups, and network security for anyone operating under a license pursuant to the New York Insurance Law. This is a wonderful regulation meant to help businesses and their customers but unfortunately, most covered entities (companies that fall under the Department of Financial Services), do not know where to even begin, or worse, ignore the regulations in hopes that they won’t be a victim of cybercrime.

The good news is, my company, like many other IT Service companies I hope, intend to bolster capabilities in cyber security skillsets, such as installing more advanced firewalls, improving cloud security, and enforcing compliance. Because even before the Russian hacking stories started dominating the news cycles during this administration, cybercrime was always a bigly business. It came in different forms from joke viruses to pay-for-ransom infections, from phishing to vishing, and everything in between, but it remained under the radar. You only heard about it if a big company or a famous person was the victim - but in reality- small and midsized businesses are and always have been 95 percent of the victims. That is why today cybersecurity is such a popular offering because smaller businesses are finally starting to realize that they can easily be a target and can go out of business quickly if they do not mitigate the risk . So, in summary, it’s not just the Russians, it’s any opportunist, criminal, hacker and hacktivist, terrorist and even Nation State with computer knowledge that is coming or already here. The only question is, “are you ready comrade?”

Company
NERO Consulting

Headquarters
New York, NY

Management
Anthony Oren, CEO

Description
NERO brings forth a programmatic approach to evaluate technical, administrative, and management security controls in the entire network environment

NERO Consulting