Pratum Blog

On January 3, 2018, two new high severity vulnerabilities were disclosed. The vulnerabilities are named Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 & CVE-2017-5715). The vulnerabilities are inherent to certain computer processors and how memory is protected. Specifically, the vulnerabilities target how malicious applications could access protected memory reserved for an operating system kernel, thus causing leakage of protected sensitive data.

Intel has reported they have been working with various developers of operating systems such as Microsoft Windows and Linux distribution for several months to address these issues. A press release from Intel states they were planning to release this information the week of January 8, 2018. We believe this indicates that Microsoft was likely planning to issue a patch during the normal January 9, 2018 patch cycle. The patch for Windows 10 from Microsoft was released out of cycle and became available at 5PM EST yesterday, January 3, 2018. Customers who are not using automated Windows Updates should apply this patch as soon as possible. Patches for other Microsoft operating systems have not been released yet.

Customers should continue to monitor security updates from vendors of operating systems to determine when a patch will become available for their products.

At this time, there are no other actions users can take to mitigate this issue. Affected hardware and software will need to be patched once vendors release these security updates. Once these updates are released, vulnerability scanners will be updated to identify systems which are missing these patches.

Pratum advises all customers to continually update vulnerability scanning signatures and profiles to check for existence of these patches. Customers of Pratum’s managed vulnerability scanning service will automatically receive these updates and no additional action is needed.

Pratum customers who have questions or concerns about these vulnerabilities should contact the support team at This email address is being protected from spambots. You need JavaScript enabled to view it.. If you are not a current customer of Pratum but would like guidance on how to address this or other vulnerabilities, please contact This email address is being protected from spambots. You need JavaScript enabled to view it..

Three cyber security questions every business leader should ask their technology teams.

Due diligence is always a concern after a data breach. The amount of liability a company has with a data breach can often be determined by the level of effort and emphasis the organization placed on securing the data. To ensure your organization is mitigating its security risk, and reducing its liability, here are three cybersecurity questions every business leader should ask their technology team.

  1. How would we know a data breach occurred?

  2. There are some obvious answers you could expect to hear, such as “We know our systems really well, so we will know if there is a problem” or “If our data is missing, we will know there’s been a breach.” These are not acceptable answers. The technology team should be held to a higher standard and should be expected to provide concrete evidence revealing how they would know if a data breach occurred.

    Listen for answers that include things like 24/7 security event monitoring and advanced threat detection. If these types of security activities are happening, your technology team will be able to provide months of event logs (SIEM reports) that have been reviewed for anomalies or malicious activity. Challenge them to provide you with those security reports and to explain them to you. This will hold your team accountable to security best practices and provide you with the knowledge needed to make appropriate risk-based business decisions.

  3. When was our last risk assessment and what progress has been made to mitigate the risks identified during that assessment?

  4. The goal here is to make sure an assessment is completed every 18-24 months and that incremental progress has been made to address the identified risks. Technology, and the way we use it, evolves daily. Ensure your team is in tune with the risks that face your organization, and make sure they are acting on the knowledge gained in the assessment.

  5. Do we have expertise on staff to deal with the changing threat and regulatory landscape?

  6. This will help identify if the team needs help with capacity or training. Perhaps you already have a security team. Great, but do they have the skill needed to fully protect the organization? If not, can they get them? Should they? Are contracts or retainers with cybersecurity experts a better solution? The goal here is collaboration. You want to make sure the team knows you’re more focused on solving the problem rather than laying blame. This will encourage them to discuss areas of high risk with you.

Business leaders that get answers to these three questions will be far ahead of many of their peers and competition. While there is a “right” answer to every one of these questions, the “right” answer will be different for everyone. The important part is to ask the questions and then ensure the “right” answers are supplied.

Through this process, if you discover that you need some cybersecurity expertise, Pratum is available to help. We can perform everything from IT Risk Assessments to full on Virtual CISO services.

Contact Pratum
Integrity is now Pratum. We are the same company with the same owner and employess, but we've changed our name.

ANKENY, IA (October 3, 2017) - Integrity Technology Systems, Inc., Ankeny, IA -based information security consulting and managed security services firm, today announced the launch of its new identity. Effective immediately, Integrity Technology Systems, Inc., will operate under the name Pratum™.

"As our company grows nationally, yet remains rooted in the Midwest, we wanted to select a name and logo mark that properly communicates our brand," said Dave Nelson, owner and CEO. Pratum™, which in Latin means prairie, will be breaking ground on a new headquarters to accommodate additional staff as the business continues to see strong growth. Not-so-coincidentally, the new office building will be located on SW Prairie Trail Pkwy in Ankeny, IA.

The old name made it difficult to differentiate from the thousands of other US companies using a similar moniker. "We loved the name Integrity, but the name was ubiquitous and not in a good way. All types of organizations, from financial advisors to painters, are using it," explained Nelson. The name Pratum™ is unique and the rebrand affords the firm the ability to grow its national presence.

Pratum™, which will be celebrating its ten-year anniversary in 2018, helps customers solve information security challenges based on risk, not fear. The firm remains under the same ownership with the same portfolio of services, but along with the rebrand will come an increased focus on Pratum's Virtual Chief Information Security Officer (vCISO) offering. As the firm's flagship information security service expands nationally, Pratum™ will continue to grow its vCISO consulting team and remain vigilant about maintaining its open line of communication with clients. "We are as much a part of our vCISO client's business operations as their internal staff. It is our priority to provide them with quality security leadership and guidance when and where they need it," states Nelson.

Rebrand key elements:

  • Name and logo mark
    Pratum is the new name for Integrity. Cybersecurity and managed security services firm.
  • Website - Launching of pratum.com, the new website will showcase the Pratum™ brand and key services offerings.
  • New Corporate Headquarters – Pratum™ will be relocating to the District area of the growing Prairie Trail development in Ankeny, IA. The building, which will house only Pratum™, is designed to accommodate for the firm's growing team. Pratum™ is based in Ankeny, IA and has offices in Dallas, TX and Kansas City, KS.
    Pratum office building on SW Prairie Trail Parkway, Ankeny, Iowa.

Please contact us if you have any questions about Pratum.

Contact Pratum
Get our blog posts delivered to your inbox:

The information we track while users are on our websites helps us analyze site traffic, optimize site performance, improve our services, and identify new products and services of interest to our users. To learn more please see our Privacy Policy.
Privacy Policy Ok