1 minute read
CYBER SECURITY
Our Information Technology (IT) Department is dedicated to cyber security and business continuity. In 2019, an Information Security team was created to improve our security posture and execute yearly strategic security roadmaps, updated annually; by doing so, this maintains and strengthens our company’s ability to protect company and client data. The team conducts an annual comprehensive security assessment in tandem with monthly vulnerability scans and remediates identified issues. Our SIEM platform, AlienVault, monitored 24/7/365 by ProCircular, is utilized to help improve our detection and prevention of attacks on our company’s equipment year-round.
A security awareness program was launched in May of 2020. Employees undergo training to spot ‘phishing’ scams and other malicious emails or attacks. These fraudulent requests are sophisticated and can use known company contacts to lure others into sending funds to illegitimate recipients or compromise confidential data and information. On a monthly basis, employees are tested internally and if the employee fails, they are required to go through additional training and, in some cases meet, with human resources (HR) and IT for performance improvement. As scams are ever-changing, training and tips are provided to arm our employees with the knowledge to be a digital Brother’s and Sister’s Keeper and ensure we protect our family of companies and their employees.
The ever-evolving landscape of cyber threats makes software security and stability a continually growing concern. This year we enlisted a trusted third-party to conduct an in-depth security audit and penetration test of our platforms and services. Our developers worked closely with the auditors before, during, and after the tests to ensure that we are compliant with the latest standards and that any potential risks were successfully mitigated.
Highlights
- Conducted a Tabletop Exercise to Prepare for Any Security Emergency
- Rolled Out BitWarden Password Manager
- Weekly Trivia During Cyber Security Awareness Month in October
- Deployed the KnowBe4 Learner App to All Company Mobile Devices
- Made Improvements to Our Security Posture with Our vCISO Project and Extended Through 2025
In 2023, TST will continue to implement tools and training for increased company preparedness and due diligence against increasing cyber security risk.
12
Total Hours Executed on all Monthly Trainings
76%
Completion Across all Trainings
4
Cyber Security by the Numbers Hours for Annual Required Training
Safety Goals
Cyber Security: In 2022, TST will undergo proactive security measures with a 3rd party audit.
Safety: Continue with zero safety incidents.
Cyber Security: In 2023, TST will maintain a Low-risk level on both web and iOS apps for FieldNote.
Cyber Security: Work toward SOC II certification by 2025.
