CEOs Give Predictions for 2015

/by

NBC Chicago | Jan 16, 2015

NBC Chicago taps Ray Rothrock to get his 2015 predictions.

Read Article

US & UK Joint Wargames – let’s not wait for Pearl Harbor

/by

The idea of the US and UK working together on war-games is a good one.  It recognizes that we are in a war, and that we are losing.  We need to improve our defensive game.  Chris Inglis, the former NSA director, has commented that the state of security today massively favors the attacker – he suggests that if we kept score, it would be 462-456, just 20 minutes into the game, because our defense is so poor.

The continuous stream of announcements of new breaches, along with the UK stats indicating the vast majority of large companies are suffering serious breaches, adds up to clear evidence of weak defense.  War games are a good way to get one step ahead, shifting to a proactive rather than purely reactive stance.  Nation states can do this with teams of people, but this is too labor intensive and expensive for most organizations.  This is why the security industry puts so much emphasis on automation – not just the automated discovery of weaknesses, but automating the critical process of prioritizing these vulnerabilities.  The inconvenient truth is that most organizations know about far too many security gaps to be able to fix them all.  War-gaming is a proven approach to dealing with this reality – find the gaps that are most likely to be used in a breach, and fix those first.  Perfect security is not possible, but realistic security comes from understanding your defensive readiness, stack-ranking your risks, and acting on the most critical ones.

Cyber Infrastructure – the Fifth Domain

/by

Cyber Infrastructure – the Fifth Domain
The last couple of years has seen an incredible rise in reported incidents of cyber attacks.  Research by many organizations, including Check Point Software and Verizon DBIR, indicate that it’s not a reporting bias, cyber attacks are indeed on the rise.  The good news for us all, as the New York Times reported, is that President Obama is stepping up the nation’s cyber defenses to meet this threat.

Our nation’s economy and well-being are totally dependent on our networks. To keep our economy moving, information flowing, and ourselves informed, we need to protect and defend these networks. Our cyber infrastructure has become the fifth domain a sovereign nation needs to protect – after air, land, sea and space.

Network Security isn’t a Safety Guarantee
Cyber defense isn’t trivial or easy or cheap.  And there are thousands of network security products to choose from. These products usually serve specific purposes in a defense strategy.  For example, firewalls, among many things they do, protect the gate through which information flows, like the locks on your door.   Intrusion detection on a network is like motion detectors in your home. They can tell you something is happening, but can’t always discriminate between acceptable and bad activity.

When networks are larger, they’re more complex, often overwhelming teams trying to make sense of a breach.  There are scores of reporting systems that provide real-time data about break-ins.  But even those are not always as useful as management would like. Dave Dewalt’s story on 60 Minutes recently is typical.

But even with the best people, plans, and essentially an unlimited budget like JP Morgan, companies still get hacked. Why aren’t our networks more secure? Why is a breach in the news every day?  Because, as our President agrees, it’s time to harden our networks.

Network Hardening: Getting Ahead of Cyber Attackers
Network hardening requires many things.  First, it means understanding your network — every element, every device and every path possible.  It means understanding potential threats and having outside intelligence about where the threats originate.  It means focusing your limited resources on the most important things you can do to protect your business.

RedSeal’s mission is to help Global 2000 organizations harden their networks. It gives you the detailed information you need — how your network routes traffic, detailed paths from everywhere to everywhere and how ready your equipment is.  It helps you determine where you should focus your resources and what exactly you can do to harden your network – from the most risky or vulnerable places to the least.  Prioritization is key to getting ahead of the cyber attackers.

US Centcom Twitter hack: ‘More of an embarrassment than a security risk’, says analyst

/by

The Telegraph | Jan 13, 2015

US Central Command’s Twitter and YouTube sites was hacked by Islamic State on Monday. Robert Capps, Senior Director at RedSeal Networks, said hacking a social media site is nothing like attacking a network. “If that happened, then we’ve got a much more difficult problem that we have to deal with,” said Capps.

Read Article

White House lays out ideas for information sharing

/by

Federal Computer Week | Jan 13, 2015

President Barack Obama sought to spur Congress to action on cybersecurity information-sharing legislation by announcing his own proposal on Jan. 13. Information security specialists welcomed the president’s proposal but said it was only one step toward improving situational awareness in the private sector. “If organizations hope to benefit from timely intelligence information, they will need to understand their own defensive posture and readiness,” said Mike Lloyd, chief technology officer at analytics firm RedSeal, in a statement.

Read Article

Security’s Nightmare: Negative Unemployment

/by

Unemployment is bad, so negative unemployment must be good, right?  Um, no.  (I’ll steal a line from Douglas Adams: “It’s unpleasantly like being drunk” … “What’s so unpleasant about being drunk?” … “Well, ask a glass of water.”)  Security as an industry is short-staffed – critically so, and it’s getting worse.

This came into sharp focus with the recent suit between MasterCard and Nike.  I’ve no comment on the specifics of the case, but the general lesson is clear: security geeks are in desperately short supply.  When I think of where this industry was just a few years ago, it would have been preposterous to imagine two household name, world class companies unleashing lawyers over such a fracas.

This is why security automation is such a big deal.  Security teams everywhere are drowning in unaddressed, basic problems.  We know plenty about what we need to do, but we just can’t get it all done – there aren’t enough fingers on the keyboards.  (Anyone remember “The 5,000 Fingers of Dr T”?)  We need machines to prioritize all the signal overload; there’s no other way to make headway.

Ray Rothrock, CEO of Redseal, talks about how companies’ increasingly complex networks enable opportunities for cyber attacks – and what to do about it.

/by

NBC | Jan 12, 2015

Google under fire over Windows zero-day disclosure

/by

ComputerWeekly | Jan 6, 2015

Google has come under fire for publishing a proof-of-concept attack exploiting a flaw in Windows 8.1 before Microsoft had released a security update. “Ethics aside, the Windows 8.1 flaw underlines that in modern enterprise network-connected systems, local exploits have enterprise-wide implications,” said chief evangelist at security analytics firm RedSeal, Steve Hultquist.

Read Article

Long-Running Cyberattacks Become The Norm

/by

InformationWeek’s Dark Reading | Jan 2, 2015

One thing that the depressing string of data breaches this year shows is that cyber attackers have become skilled at staging long-lasting data exfiltration campaigns. “We are beginning to realize in some cases that the situation is far worse than we realized,” says Stephen Hultquist, chief evangelist at RedSeal Networks. “In some cases attackers have been inside networks for months and even years without being discovered,” he says, pointing to the recently disclosed Regin APT threat as an extreme example.

Read Article

Reconnaissance is the name of the game in 2015

/by

SC Magazine | Jan 1, 2015

Steve Hultquist provides 2015 security predictions.

2015 will be the year that a growing number of more sophisticated organizations will add proactive strategies to their security arsenal, especially proactive analytics for attack prevention. This will help reduce their risk of attack while also showing them the reality of their environment–what today they don’t know they don’t know. With this newfound insight, they will make wiser investments and get greater value from them by placing them where they will do the most good.

Read Article