.png?width=220&height=44&name=Nuc-logo-sketched-1%20(1).png "Nuc-logo-sketched-1 (1)"){kind=logo}
In January 2022, we made a strategic investment to build and grow our cybersecurity offerings. As the cyber threat landscape continues to evolve, so do the layers of protection that we need to implement to defend our clients. We sat down with Daniel, Nucleus’ Security Consultant, to learn about his role and the cybersecurity frameworks, best practices and tools that provide our clients with the multi-layered defense they need today.
Can you speak to the evolution of your career path at Nucleus?
When I started working at Nucleus in 2019, I was hired as a Support Specialist. In this role, I was occasionally given opportunities to help out the Project Services team. It wasn’t long after that that I was spending more than half my time working on IT projects. Eventually, I accepted a full-time position on the Project team, before landing my current role as a Security Consultant in our Cybersecurity & Project Services division.
Nucleus is currently doing a push to ensure all clients adhere to security standards and best practices. As such, we’ve been focusing on performing security assessments that review IT infrastructure, policies, and systems for compliance and creating reports (we call these living documents Cybersecurity Scorecards) with recommendations to improve overall security posture. Once a client has signed off on an IT security assessment, I take the lead conducting the review and creating the Cybersecurity Scorecard.
What is our Cybersecurity Scorecard Based on?
Our IT security assessments are based on experience, trends, industry best practices and three cybersecurity frameworks: NIST 800-53, CIS Controls V8.1 and MITRE ATT&CK. Our Scorecards provide businesses with a simplified view of their cybersecurity posture which we then use as a baseline to help our clients mature and evolve their cybersecurity solutions and practices over time.
The Cybersecurity Scorecard is not a “set and forget” solution, but instead becomes an evolving document that is reviewed and refreshed year after year.
How did the Pandemic Impact Client Cybersecurity?
During the pandemic, Nucleus witnessed a widespread increase in clients concerned about their security posture. The two most common security-related IT projects, both directly necessary as a result of the shift to remote work were implementing multi-factor authentication and increasing email and collaboration security by implementing Microsoft Defender for Office 365 (MDO).
The IT projects and shift in security awareness culture that we saw among our client base throughout Canada was reflective of larger global trends.
“Businesses around the world have had to quickly pivot to remote work and many have discovered that they do not have the cybersecurity conscious culture and practices in place to effectively transition in a safe way. There has been an increase in phishing attacks, and even a heightening of privacy standards for the remote tools that employees use for work - such as Zoom. I think that businesses and their employees have realized just how important, and vulnerable, internet use is without the proper protections.” TechRadar Pro
A Tailored Approach to Cybersecurity
At Nucleus, we work in many different verticals, from law firms to hotel chains to construction companies. Every client is on a technology journey and at a different level when it comes to cybersecurity maturity. We strive to balance industry best practices, tools, standards with the client’s needs. We implement solutions tailored to their budget, operational capacity etc. and use our Cybersecurity Scorecards as a roadmap.
What do you enjoy most about working at Nucleus?
It has been an amazing 4 years. It is great having access to a full team of IT professionals with different skillsets, where everyone works to have the best interests of clients top of mind. My team provides me with all the tools and support I need. Ultimately, the people are really what makes us different.
What’s your favourite thing to do outside of work?
When not working I love to do anything that allows me to appreciate the beauty that we are surrounded by; walks, runs, a day at the lake, taking the SkyTrain somewhere new, a scenic route to a tourist spot, camping, hiking, snowboarding and finding good photo ops.
I balance my personal life with work by keeping jobs contained to working hours as much as possible.
We Can Help!
If you would like any additional information about our Managed Security Services or Cybersecurity Scorecards, please reach out to us.
