JK Consulting provides managed security services for your home or business.
Managed Security Services
Security Programs: Strategically develop your Systems Security Plan to identify the requirements to maintain a secure cyber posture and effectively run your IT Systems to the organizational needs.
Security Architecture and Implementation: We can help you navigate the complexities of IT environments to meet and maintain compliance standards
Compliance Requirements: NIST? PCI? HIPAA? Proving compliance is one thing, maintaining compliance is another. JK Consulting has the tools to bring your organization into compliance and keep you there.
IT / Security Training: Solutions that address everything from those annoying phishing emails to identifying insider threats. The organization is only as strong as its weakest link.
Enterprise Incident Management: We can move from crisis to continuity. Our team has the experience and training to neutralize threats and get your business running again. With the proper continuity plan, downtime can be measured in minutes, not days.
Managed Security Services: Our team serves as a remote extension of your company to improve defenses, provide security response, and lend our expertise in an ever-shifting security landscape.
Dark Web ID
We go into the Dark Web so you don’t have to.
HOW DARK WEB ID PROTECTS YOUR BUSINESS:
- Delivers the same advanced credential monitoring capabilities
used by Fortune 500 companies.
- Connects to multiple Dark Web services, including Tor, I2P and
Freenet, to search for compromised credentials, without
requiring you to connect any of your software or hardware to
these high-risk services directly.
- Provides awareness of compromised credentials
before identity theft or data breaches occur.
Phishing Simulation and Security Awareness Training
Employees often use the same password for multiple
services on the web, such as CRM, e-commerce sites,
and social media. Proactive monitoring for stolen and
compromised employee data on the dark web allows
us to detect when a problem arises, before a major
We can send scheduled phishing
campaigns, including customized
messages to fit each group or
department, at random times during
a specified period. With an everchanging threat, it is important that
your employees are exposed to all the
latest phishing traps set by criminals.
It is not always disgruntled workers
and corporate spies who are a
threat. Often, it is the non-malicious,
uninformed employee. Our easyto-understand, short and visually
engaging training videos end with an
online quiz to verify the employee’s
retention of the training content.
MEASURE AND TRACK
Your regular Security Threat Report will demonstrate the
overall cybersecurity posture of your organization, to
include dark web credential compromises combined with
employee phishing and training campaign results.
CISA Cyber + Infrastructure Alerts
- AA21-131A: DarkSide Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks
- AA21-116A: Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders
- AA-21-110A: Exploitation of Pulse Connect Secure Vulnerabilities
- AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities
- AA21-077A: Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool
- AA21-076A: TrickBot Malware
- AA21-062A: Mitigate Microsoft Exchange Server Vulnerabilities
- AA21-055A: Exploitation of Accellion File Transfer Appliance
- AA21-048A: AppleJeus: Analysis of North Korea’s Cryptocurrency Malware
- AA21-042A: Compromise of U.S. Water Treatment Facility
- AA21-008A: Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments
- AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations
- AA20-345A: Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data
- AA20-336A: Advanced Persistent Threat Actors Targeting U.S. Think Tanks
- AA20-304A: Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data