Get ready for 2026 Budgeting with a Rapid Assessment!

Is Your Business SASE?

Posted on by Bob Schweiss, Bluewave Solution Advisor

When I was growing up, hospitals had huge smokestacks that were part of a power plant. When many of these hospitals were built, the power grid was not robust enough or reliable enough to support the hospital’s power needs. Having your own power plant mitigated the risk of using utility power. As the power grid evolved, these smokestacks became a relic and reminder of just how far power utilities have evolved.

A similar trend is happening in Information Technology as it relates to communications networks. With the evolution of technology, our communications networks are evolving into utilities. No longer do we need to build and maintain our own networks; we can subscribe to networking from providers who specialize in being the best at what they do—communications networks!

SASE Networks are the latest iteration of a modern technology infrastructure. SASE (Secure Access Service Edge) is a network architecture that combines wide-area networking (WAN) with comprehensive security services, all delivered through the cloud. This convergence ensures that users, regardless of their location, have secure and efficient access to applications and data. This has become particularly important in a post-pandemic world with employees working outside of traditional workplace environments.

What is Secure Access Service Edge?

SASE is not a product. It is a suite of products that interoperate with each other to provide both security and connectivity.

  • SD-WAN (Software Defined Wide Area Network)
  • SWG (Secure Web Gateway)
  • ZTNA (Zero Trust Network Access)
  • FWaaS (Firewall as a Service)

The SASE suite of technologies works together to provide secure access to users sitting in an office or working remotely, ensuring the same level of security, access, and performance. A SASE network design with proper network segmentation ensures that employees and devices only have access to applications and resources required to perform their respective job functions.

SASE Mitigates Exposure

Today, various solution providers may need access to your environment to update software on devices like copiers or manufacturing equipment. A SASE environment and proper network segmentation offer additional protection that limits access to a very limited cross-section of your network. A SASE environment mitigates the exposure of your entire network to a threat actor who may gain access to your network with compromised credentials or a compromised device. A properly deployed SASE solution would allow for easier detection of malicious activity, remediation, and restoration, limiting your business’s financial and operational impact.

Use Case for SASE

Several years ago, a large US-based retailer provided access to a vendor to manage HVAC platforms at hundreds of their retail stores. Unfortunately, credentials were compromised, and a threat actor could gain access to the point-of-sale platform in every store. They compromised the credit card processing devices and stole the credit card information of tens of thousands of customers. Removing and restoring the environment to a secure state took several weeks. More importantly, the retailer’s brand and revenue damage continued for a number of years.

Bluewave Can Help with Your Network and Security Environment

Bluewave works with our customers to analyze current security and networking elements within their environments and recommend solutions and service providers to deliver a SASE environment. Depending on the current makeup of your network and the cost associated with many legacy technologies, this can often result in cost neutrality or cost reduction, all while advancing the security posture of your information technology environment. Frequently, businesses make the mistake of attempting to weave together a collection of point solutions to specific security challenges; this approach often can be more costly and leave accountability gaps between various vendors’ solutions.

Companies employing SASE today realize the tremendous benefits of simplifying their technology ecosystem and improving connectivity and security. Additionally, repurposing valuable IT staff and aligning those resources improves support for revenue-generating elements of the business.

Any company not considering a SASE solution to support its communication needs is putting its data and infrastructure at risk today. When you’re ready to get the right SASE solution for your organization, you’re ready for Bluewave.

Get in touch!

Follow us on LinkedIn

Cyber Trends 2025: The Impact of a Shrinking ‘Time to Ransom’

Posted on by Bluewave

TL;DR:

Ransomware gangs can now encrypt data within six hours of breaching a network, far faster than the current 7-10 day average detection window. Security teams must accelerate detection, tighten access, and harden response plans to keep pace. An independent technology advisor can help. 

The Countdown Has Begun 

Like the sands through an hourglass, so are ransomware breaches. 

The image of sand running through an hourglass perfectly illustrates the countdown companies face during a cyberattack. Each grain of sand represents the dwindling time organizations have to detect, respond, and defend before damage is done.  

From Dwell Time to Time-to-Ransom: A Shrinking Window  

Five years ago, Mandiant’s M-Trends report highlighted a median dwell time of 24 days. Dwell time is the number of days a threat actor could lurk inside an organization’s IT environment before being detected. Other studies suggested dwell times as high as 230 days—that’s over seven months of undetected access. 

Advances in cybersecurity tooling, like Extended Detection and Response (EDR), and AI-driven security operations have shortened dwell time significantly. Today, average dwell times hover in the 7–10 day range. A clear improvement. 

But here’s the problem: when defenders raise the wall, attackers just build a taller ladder. According to recent Department of Homeland Security briefings, the most active ransomware groups now have a Time to Ransom (TTR) of just 6 hours. For the broader landscape of threat actors, the average TTR is 17 hours—still less than a single day. 

That means within half a workday of compromising a system, attackers can encrypt files and deliver ransom demands. So, while organizations may detect breaches faster, attackers are acting even faster.  

Defending Against a Shorter TTR 

All is not lost. The cybersecurity community is nothing if not adaptive. Defenders must continuously improve their security posture across every layer of their program. Think in terms of completeness and continuous improvement, using elements of the NIST Cybersecurity Framework 2.0 as a guide: 

  •  Identification 
  • Protection 
  • Detection 
  • Response 
  • Recovery 
  • Education 
  • Governance 

13 High-Impact Actions to Cut Ransomware Threats 

Here are some high-impact actions every organization should take: 

  1. Implement XDR or EDR on every endpoint possible. 
  2. Aggregate security logs into a SIEM for analysis. 
  3. Conduct proactive threat hunting. 
  4. Control and monitor access and privilege tightly. 
  5. Use MFA everywhere conceivable. 
  6. Segment your networks. 
  7. Leverage threat intelligence. 
  8. Perform frequent vulnerability scanning and patch quickly. 
  9. Develop and test incident response plans. 
  10. Perfect detection and response—or leverage Managed Detection and Response (MDR) services. 
  11. Adopt automation but always validate results. 
  12. Run employee security awareness training and measure effectiveness. 
  13. Consult and align with leading security frameworks.

This list could go on, but frameworks exist for a reason: they capture the collective expertise of the security community. They’re not just compliance checkboxes; they’re battle-tested roadmaps for resilience. 

Navigate the Complexity with an Independent Technology Advisor

The cybersecurity marketplace is crowded and fast-moving, making it difficult to select and implement the right tools in the right order. Bluewave’s independent technology advisory helps organizations identify gaps, shrink unknowns, and accelerate time to protection and value.

Contact us!

 

AI & Cybersecurity with Philadelphia Business Journal

Posted on by Bluewave

See what Tony Scribner has to say about Artificial Intelligence and Cybersecurity in your business.

AI is rewriting the rules. Who is securing your future?

Bluewave understands your concerns around control, security, and compliance. Every day, we work with organizations of all sizes to design security solutions that address their business and regulatory needs, while leveraging the power of the cloud for a competitive edge. Now’s the time to adjust your security strategy — don’t wait before your perimeter defenses are no longer effective against cyberattacks. Let Bluewave and our managed service partners identify threats and vulnerabilities, minimize risk, and best support your data and business needs.

Check out the article!

Philadelphia Business Journal AI Q&A with Tony Scribner 2025

Tony Scribner on AI Table of Experts in Louisville Business Journal

Posted on by Bluewave

See what Tony Scribner has to say about Artificial Intelligence in this Louisville Business Journal Table of Experts article.

Three top experts share advice on how to implement AI tools into your business today.

AI adoption is no longer a futuristic concept—it’s happening now, and businesses that hesitate risk falling behind. But for many companies, the biggest hurdle isn’t deciding if they need AI; it’s figuring out where to start.

Check out the article!

Louisville Business Journal Table of Experts 2025

Your CIO Has Had It with “Let’s Try AI”

Posted on by Steven Blumberg, VP of Client Operations

A Smarter Approach to Next-Gen Technology Deployment

AI adoption is everywhere—but not every AI initiative delivers real value. Too often, companies jump in without a clear strategy, leading to runaway costs, wasted resources, and minimal impact.

AI Isn’t Free—And the Costs Go Beyond Dollars

AI requires more than just budget—it demands time, talent, and ongoing maintenance. Custom solutions can quickly turn into six-figure investments, diverting high-value resources from core business priorities.

Hidden costs add up fast. AI-driven automation can flood cloud storage with unstructured data, driving up costs. Employees may spend hours building or troubleshooting AI tools that will never be adopted. Without careful planning, what starts as an efficiency play can become a resource drain.

AI Without a Clear Outcome Is Just a Science Project

Deploying AI for the sake of innovation is risky. Every initiative needs a well-defined business outcome—whether it’s improving efficiency, reducing risk, or driving growth.

Recently, we helped a client implement AI automation to extract insights from contracts and invoices. Before our client invested in a specific tool, we guided them through a manual process (that would eventually be automated), conducted a Proof of Concept, and built a backlog of clean, structured inputs for testing. Without this groundwork, AI would have been an expensive distraction rather than a powerful accelerator.

Identifying the Right Team is Critical

Like any critical initiative, AI success depends on having the right team in place. There’s a wide gap between signing a service order and actually achieving meaningful outcomes. Based on our experience, here are a few key roles organizations should identify before kickoff:

  • Product Manager – Defines requirements, prioritizes outcomes, and ensures AI projects avoid scope creep while delivering real value.
  • Prompt Engineer – AI needs context to function effectively. This role fine-tunes prompts, mitigates errors, and ensures AI-generated outputs align with business goals.
  • Enterprise Architect – Oversees security, data pipelines, storage, and integrations to prevent AI from becoming a liability. Uncontrolled AI deployments can expose sensitive data, clutter data warehouses with low-quality outputs, and create long-term risk.

Going Beyond Surface-level AI Testing

The AI boom isn’t slowing down, but smart businesses are digging deeper. That’s where Bluewave’s Assess, Advise, and Advocate approach comes in:

  • Assess: Identify the right technologies to solve real business challenges.
  • Advise: Build high-ROI use cases and connect you with the best-fit partners.
  • Advocate: Simplify contracts, align stakeholders, and ensure long-term value.

We take a holistic approach, factoring in data center impacts, security, and cost control to keep AI investments on track.

So next time you’re at a conference hearing about the latest AI breakthroughs—give us a call.

Your CIO will thank you.

Book a free consultation.

Would You Overpay $200 for Dinner? Don’t Let It Happen to Your IT Budget

Posted on by Steven Blumberg, VP of Client Operations

Imagine this:

You’ve just wrapped up a perfect Valentine’s Day dinner with your significant other. The ambiance was great, the food was outstanding—the steak cooked to perfection, the wine paired beautifully, and dessert arrived at just the right time. You leave satisfied, pay the bill without a second glance, and head home happy.

Fast forward a few weeks, and your credit card statement arrives. Something doesn’t add up—you’ve been charged $500 for dinner. Confused, you check the receipt and realize the waiter accidentally charged you for a $200 bottle of wine you never ordered—it was meant for the table next to you. Now, instead of reminiscing about a great night, you’re stuck in a frustrating loop of phone calls with the restaurant and your credit card company, trying to correct a mistake you never noticed.

While this might be an annoying one-time hassle in your personal life, businesses face these kinds of billing errors every single day when purchasing technology—often at a much higher cost.

Avoiding Costly Mistakes in IT Deployments

At Bluewave, we recently worked with a well-known luxury retailer opening a new store—where a similar billing nightmare almost became their reality.

For IT teams in retail, technology deployments come with major challenges:

  • On-site staff aren’t IT experts. When a network technician asks about demarcs or telco closets, confusion can delay progress and add unexpected costs.
  • Missed technician appointments cause setbacks. Store openings have a lot of moving parts and IT delays can push timelines back by weeks.
  • Billing errors are common. Service charges often start on activation, but without careful tracking, businesses can end up paying for services they never used.

No Surprises, No Overcharges: Bluewave’s Proactive Approach

For this client, everything seemed set—the IT team secured the right bandwidth, and technicians were scheduled well in advance. But when installation day arrived, the technician was a no-show, and the billing clock had kicked off.

That’s where Bluewave stepped in. Our Client Success Manager immediately escalated the issue, securing a next-day dispatch. We worked directly with on-site staff to confirm activation, keeping all stakeholders accountable and ensuring the project stayed on track.

When the first bill arrived, our proactive review caught a ~$2,000 overcharge. Billing had started too early, and extra technical visits were mistakenly charged. We proactively jumped on the phone, resolved the issue, and ensured our client only paid for what they actually received.

For this luxury retailer, Bluewave’s advocacy meant a store opening delivered on time and on budget, with the critical technology in place for success.

That’s the Bluewave difference—we proactively advocate for our clients every day, so there are no surprises.

Book a free consultation.

© 2025 Bluewave Technology Group, LLC. All rights reserved.