RedSeal Cloud Security

On the Way to SDN and the Cloud: Building Resilient Networks

Willis H. Ware, a research scientist at the Rand Corporation working for the United States Air Force in 1967, predicted that ARPAnet would be a disaster if security wasn’t built into the project.

He was overruled.

In January 2013, the Final Report of the Defense Science Board Task Force on Resilient Military Systems and the Advanced Cyber Threat was issued and confirmed what Willis knew back in 1967.

The report’s findings made for sober reading:

  • The United States cannot be confident that our critical information technology systems will work under attack. This is also true for our allies, rivals, public and private networks.
  • The DoD and its contractor base are high priority targets that have already sustained staggering losses of system design information.
  • The DoD should expect cyber attacks to be part of all conflicts in the future, and should not expect enemies to play by our version of the rules.
  • There is evidence of attacks that exploit known vulnerabilities in the domestic power grid and critical infrastructure systems.
  • The impact of a destructive cyber attack on the civilian population would be even greater:
    • In a short time, food and medicine distribution systems would be ineffective.
    • Law enforcement and emergency personnel capabilities could be barely functional in the short term and dysfunctional over sustained periods.
    • Expect physical damage to control systems.
    • Months to years could be required to rebuild and reestablish basic infrastructure operation.

So… the current situation is really bad.

Does cloud computing and the rise of software defined networks (SDNs) make things better? Government and enterprises are receiving huge benefits by moving into the cloud.  You can quickly and efficiently create an SDN, but cloud computing and software defined anything is still software. And software will have errors. How do you test or QA it? Is your central control node secure? How much do you know, really?

If this word “software” doesn’t scare you, then you’re not thinking about it hard enough.

In the Defense Science Board Task Force’s report, the seventh recommendation is to build a cyber resilient force and a set of standards and requirements that incorporate cyber resiliency into the cyber critical survivable mission systems.

What is their definition of resilience?
Resilience: Because the Defense Department’s capabilities cannot necessarily guarantee that every cyber attack will be denied successfully, the Defense Department must invest in resilient and redundant systems so that it may continue its operations in the face of disruptive or destructive cyber attacks on DoD networks.”– Ash Carter, Secretary of Defense, April 2015

The report highlights a need to continuously model and test DoD’s systems to determine how resilient they are. This requires a measurement or a metric for resilience.

Managing and measuring cyber resilience Up until now measuring cyber resilience has been an impossible challenge. Now, RedSeal’s cybersecurity analytics platform has been deployed successfully by federal agencies and departments. With RedSeal you can:

Understand your cyber terrain
You have to understand your cyber terrain in order to secure it, defend it, and respond to incidents appropriately and swiftly.  Operating without understanding your network is like stumbling around your unlit house at night looking for the burglar that just broke in.

Model and measure
With a network sand table, defenders can now see where their high value assets (HVAs) are and answer important questions:

  • How can they be accessed?
  • How exposed are they?
  • Are defenses deployed in the appropriate places?
  • Exactly where are the sensor-reported incidents?

Verify compliance, establish and manage standard policies
RedSeal lets you know if your network is constructed as you think it is –to allow only authorized access to your data. RedSeal reads in information from devices on your network, including those parts hosted in the cloud. Then, it calculates the access actually allowed from any point on your network to any other and updates as changes are made, so you can verify and maintain compliance with regulations and policies.

 Understand the security impact of network changes
RedSeal enables you to simulate attacks before they happen.  You can understand your defensive posture by finding the weak points and measuring ease of compromise.

Understand access in hybrid networks
Cloud providers have cloud solutions to manage your cloud-based network. But most organizations don’t have a pure cloud network; their networks are hybrid. You have some infrastructure that you manage, some in the cloud, and some virtualized. We show organizations how all parts of their networks connect to everything else.

Cloud providers don’t know what your legacy environment looks like. You need to be able to draw together your physical and cloud infrastructure in more than just a picture.  At RedSeal, we believe you have to understand end to end behaviors of your networks. To do this, we do very deep access calculations based on the configuration files of all your network devices – virtual or not.  RedSeal determines how your infrastructure actually works, so you can continually validate that you built what you thought you were building.

You can ask all kinds of questions of your RedSeal network model. You can determine if the back end of your cloud infrastructure is accessible from the internet – and how. You can see paths that reach from the real world to the virtual world. We’ve invested a lot of time and effort at RedSeal, so you can see your cloud infrastructure and how it connects to your physical or virtual infrastructure.

RedSeal provides security metrics  
RedSeal gives you an overview of your network, measuring:

  1. The completeness of your inventory of assets and systems. It identifies devices you may not know about.
  2. All the connections between devices.
  3. How well your network devices are configured for security.
  4. The actual risk to your data, based on how accessible known vulnerabilities are.

RedSeal’s smartphone app provides a measurement and trend summary for executives or “on the go” security management.

Why is the RedSeal Digital Resilience Score important?

  • Gives you a measure of security effectiveness so you know where to allocate resources and funding.
  • Helps you understand your security posture: are you better today than you were yesterday?
  • Allows seniors staff to empirically understand network risk.
  • Grades different networks across various departments or agencies
  • Verifies networks are designed and operating for security as intended

For more on this subject, listen to the free webinar, On the Way to SDN and the Cloud: Building Resilient Networks.

RedSeal CEO: Executives Need “Visualization” to Help Determine Cybersecurity Effectiveness


The past two weeks have been affirming ones for Ray Rothrock and his team at RedSeal.

Just hours after his company shared their findings regarding corporate executives and their cyber naivete – including an alarming statistic showing more than 80 percent of CEOs are confident in their companies’ strategies even as cyber incidents continue to rise – officials from Yahoo announced they discovered a breach that originated three years ago and compromised the data of more than a billion users.

RedSeal Survey: CEOs Remain Confident in Their Companies’ Cybersecurity Measures Despite Increase in Attacks


RedSeal (, a leader in the cybersecurity analytics market, today released the results of a CEO study, which surveyed perceptions of – and confidence in – their cybersecurity posture.

The study found that more than 80 percent of CEOs are very confident in their firm’s cybersecurity strategies, despite the fact that security incidents have surged 66 percent year-over-year since 2009 according to PricewaterhouseCoopers’ 2017 Global State of Information Security Survey.


What Did Yahoo Know? And When Did They Know It?

SC MAGAZINE | December 16, 2016

Yahoo’s billion-user breach calls the company’s security practices into question.

A second massive and “distinct” Yahoo breach – affecting more than one billion users – that was disclosed Wednesday has raised a number of questions, primarily why the internet company didn’t suss out the intrusion earlier, how to mitigate a troubling pattern of attacks, and what this second disclosure might mean for Verizon’s impending acquisition of Yahoo….

…Those companies with greater visibility into their networks better position themselves “to address the concerns of consumers, business partners and shareholders” after an attack, RedSeal CEO and Chairman Ray Rothrock told SC Media. “Digital resilience – the ability to battle the bad guys when they are inside your network, continue your operations staying in business and protect high value assets like customer data – is the new gold standard,” said Rothrock, adding that “digital resilience scores – similar to credit worthiness scores – [could] provide a benchmark and support a cyberstrategy for improvement.”

RedSeal Recognized as Best Cyber Operational Risk Intelligence by GSN Homeland Security Awards Program

Government Security News | Dec 19, 2016

Government Security News announced today that RedSeal has been recognized for Best Cyber Operational Risk Intelligence as part of its 8th annual Homeland Security Awards Program.

Judging in this category is based on a combination of increase in client organization’s security, technological innovation or improvement, filling a recognized government IT security need, and the flexibility of a solution to meet current and future organizational needs.

Survey Roundup: “Naive” CEOs Put Firms at Cyberattack Risk

WALL STREET JOURNAL | December 16, 2016

CEO Disconnect: A survey of 200 chief executives by cybersecurity analytics firm RedSeal and data company 72 Point found 80% of the respondents operate with “cyber naiveté” that exposes their companies as ripe cyberattack targets. So while 80% of the CEOs said they were confident in their company’s cybersecurity strategies, half still prioritized the outdated view of keeping hackers out of their networks compared to 24% who are taking steps to deal with hackers who already have breached their networks.

“CEOs’ confidence reflects a disconnect with the reality of increased cyberattacks and the massive financial losses associated with them,” the survey report concluded. “In addition, their confidence is based on a strategy determined to be insufficient and out of date more than two years ago.”

(Subscription required)

Survey: CEOs Lack Metrics, Data on Cybersecurity

CYBERSCOOP | December 13, 2016

More than 8 in 10 American CEOs say they plan to spend more on cybersecurity next year, even though nearly 9 in 10 say they need a better way to measure the effectiveness of what they’re already spending.

The data come from a new survey of 200 U.S. CEOs released Tuesday by RedSeal, the cybersecurity analytics firm.

Yahoo Suffers Major Data Breach Deja Vu


Yahoo on Wednesday revealed that Net bandits stole data associated with 1 billion of its user accounts — one of the largest data breaches in Internet history.

The theft, which occurred in August 2013, is distinct from the theft disclosed earlier this fall, in which 500 million accounts were compromised, Yahoo CISO Bob Lord explained.


Security Central: Quest Diagnostics Suffers Breach, It’s Time to Disengage with “Security Deniers”

THE VAR GUY | December 15, 2016

Our second story takes a look at the roles that the end customer and the service provider play in inadequate cybersecurity. Think back over some of the biggest hacks and security breaches that have occurred over the year. Over and over again, companies big and small across almost every industry inevitably fall victim to a cyber-attack. This begs the obvious question, “How does this keep happening?” Or, in plainer, more blunt terms, who is falling down on the job?

“CEO Cyber-Naivety” Leaves Global Organisations Exposed to Major Cyber Attacks


New research* released today has revealed that CEOs are over confident when it comes to their cybersecurity approach, and are potentially leaving themselves at risk of attack due to outdated and unrealistic strategies. RedSeal, the cybersecurity analytics company, today released the results of a global CEO study. The results – based on the insights of Chief Executive Officers (CEOs) of 200 global companies- have demonstrated what RedSeal is calling “CEO Cyber-Naivety”, where more than 80 percent of CEOs were very confident in their firm’s cybersecurity strategies, despite the fact that security incidents have surged 66 percent year-on-year since 2009**.