How Do We Win the Cyberwar?


We’re losing the war against hackers, and it’s costing business billions. Alumni cybersecurity experts tell us how we can turn the tide

Your credit card has already been stolen. You just don’t know it yet.

Thomas knows it, though. (A 12-year IT security veteran, Thomas requested anonymity to protect the reputation of his employers, which have included Fortune 100 companies and several of New England’s biggest tech firms.) In the analogy of cyberdefense as a castle—a favorite of his—he tends to the moats, the walls, and the gates. Get past those, and he deploys the dogs. And he’s watched many people scale walls, break gates, evade dogs, and leave with your AmEx number.

RedSeal’s Rothrock: Cybersecurity must evolve, focus on resiliency to combat future threats


An ounce of prevention is worth a pound of cure. That’s a saying attributed to Ben Franklin.
But it’s a strategy that’s not working for cybersecurity, according to the CEO of a leading IT analytics company.

6 Steps to Increase Cybersecurity in the Age of Innocence

SIGNAL | May 10, 2016

Let’s face it—we have a lot to learn about cybersecurity. For weeks, the FBI and Apple squared off in an epic and public battle over encryption—the Holy Grail for cybersecurity warriors.

RedSeal CEO Ray Rothrock to Deliver Keynote Speech at Canadian Chamber of Commerce’s Annual International Trade Day Event

Learn Why Companies Need to Expand Beyond Cyber Protection to Building Resilient Networks While “Trading at the Speed of Light”

WHAT:  Trading at the Speed of Light: International Trade Day 2016: Every year, the Canadian Chamber of Commerce brings over 100 senior executives, thought leaders and public officials to Ottawa for a frank discussion on what Canadian businesses need to win in a rapidly changing global economy. This year’s focus is on the transition in trade done in an increasingly digital format. How can Canadian business harness digital to its full potential?

WHY: Cyber security and building resilient digital infrastructures have become more than just the concern of an individual organization; they are now national and international issues.

 As networks expand and become more complex, it becomes almost impossible to protect them from all incidents. Business leaders and policy makers with an interest in the digital economy need to learn why digital resilience – the ability to respond and rebound quickly – is critical.

 WHO: Ray Rothrock, CEO of RedSeal

WHEN: Thursday, May 19, 2016, 12:30 p.m. – 2:00 p.m. EDT

WHERE: Shaw Centre, Ottawa, ON, Canada


About RedSeal
RedSeal puts power in decision makers’ hands with the essential cybersecurity analytics platform for building digitally resilient organizations. RedSeal’s Digital Resilience Score, modeled after a creditworthiness score, measures how prepared an organization is to respond to an incident and quickly rebound. The company’s platform adds value to existing network devices by working with them and building a network model. With this, customers can understand the state of their networks, measure resilience, verify compliance, and accelerate incident response. RedSeal’s customers are Global 2000 corporations and government agencies that depend on the most sophisticated security. Founded in 2004, RedSeal is headquartered in Sunnyvale, California and serves customers globally through a direct sales and channel partner network.

Getting Federal Agencies Cyber Ready for CSIP

This blog post first appeared in Signal on April 6, 2016

Federal agencies clamor for industry best practices to implement findings resulting from last year’s 30-day “Cybersecurity Sprint,” part of the administration’s broader effort to bolster federal cybersecurity. A new mandatory directive for all civilian government agencies, the Cybersecurity Strategy Implementation Plan (CSIP), provides a series of actions to further secure federal information systems.
To shore up cybersecurity and work toward ensuring network resiliency, the CSIP addresses issues through a number of points, including prioritized identification and protection of high-value assets (HVAs), timely detection and rapid response to incidents, rapid recovery from breaches, recruitment and retention of a highly qualified cyber workforce, and effective acquisition and deployment of technologies.
However, the CSIP does not address other issues, such as how agencies should continuously measure, monitor and increase network resilience; how knowledge of network infrastructure increases the odds of a successful CSIP implementation; and how cyber incident training increases digital resilience.

Protecting high value information assets
The CSIP provides a clear definition of the HVAs that should be identified, prioritized and protected, and because of the dynamic nature of cybersecurity risks, recommends the efforts to safeguard that data be an ongoing activity. But it doesn’t pose a key question that agency officials must ask themselves: Do we need this data? In some cases, the answer is no. Agencies should eliminate unneeded data rather than spend resources protecting it. The nonessential data can be consolidated and isolated, with agencies continuously verifying that the data segmentation is implemented as intended.

Know your network terrain
Under the CSIP, it’s not enough to identify HVAs—the document also requires identification and knowledge of the agency’s network terrain. An agency’s HVAs probably will have hundreds of thousands of endpoints and vulnerabilities, which means agencies should create checklists to understand detailed impacts of cyber incidents on the assets, and ensure appropriate cybersecurity protections are in place. Checklist questions could include: Where are the vulnerable hosts? Is the network configured for security? What if defenses fail? And how resilient is my network? Answers will determine how prepared teams are to handle a cyberthreat.
The only way to effectively address these questions and really understand a network is to create a model and war game it, which can identify perimeter weaknesses; verify assets are segmented and protected; show where intruders can gain access; and pinpoint how to cut them off. Simulated model approaches help cybersecurity teams understand their entire, as-built network, including cloud and virtual networks, and achieve digital resilience to fight cybersecurity attacks.

Train and practice
The need to practice, and then practice again, rings true within cybersecurity as with other industries, from the rigorous training for firefighters to specialized professional athletes. Practice sessions must develop proficiency and specific skill sets necessary for success. Proper training and practice will not happen without management support, which means agencies must allocate time and resources and provide training and education to retain a qualified workforce.
Overall, to achieve network resilience and make rapid response capabilities a part of a CSIP-approved cyber plan, agencies must identify the HVAs worth keeping, model networks to put those assets into context, use standardized metrics to track resiliency and set up continuous training schedules.

For more on this subject, listen to our RedSeal webinar, “Is Your Agency Ready for CSIP?”