Cyber Protection Teams – Hands On

By Aaron Gosney, RedSeal Senior Sales Engineer and Dave Lundgren, RedSeal DOD Technical Account Manager

To help Cyber Protection Teams (CPTs) understand how RedSeal helps them secure cyber terrain, we’ve developed a hands-on scenario-based workshop. We’ve held this workshop for different parts of the DOD, and, more recently for federal civilian cyber operators at CyberScoop’s DC Cyber Week.

While lots of people talk about incident response and investigation, it’s always more effective to show how important RedSeal and digital resilience can be.  We use a scenario to teach CPTs that there is a faster way, even if they don’t know that it’s possible. In fact, many attendees don’t know much about RedSeal. Even those who are aware of RedSeal typically have a limited idea of what the platform can do.

Before the workshop starts, we put a laptop in front of every participant and tell them what they’re going to experience. Attendees are excited to “drive” RedSeal in a real-world environment and avoid a dry lecture. This hands-on, non-formal format is popular and effective. It creates lots of interactive moments and good conversations among the attendees.

RedSeal in the Real World

The workshop’s mission concept is to assess, correct, and maintain the overall cybersecurity of a location that will be used by leaders of many countries gathered for sensitive discussions and negotiations.

Attendees are asked to imagine that they’re part of a team has been sent to this remote location. They’ll have to evaluate cloud, traditional, IOT, and IIOT networks. We guide each person through the process of analyzing network access and vulnerability exposure across the network, prioritizing remediation efforts, and verifying that the network is secure.

RedSeal for Network Mapping and Automation

We show attendees how, in a matter of hours, RedSeal can collect and analyze all the network and vulnerability information to create actionable intelligence. They see that attempting this process manually would be impossible given the time constraints. It would take years to manually review the millions of lines of text in the combined config files of an entire enterprise network. RedSeal automates this process and generates accurate, up-to-date network context that is essential to an effective cybersecurity program.

We also show them that RedSeal’s network topology map is not static but can be moved around and adjusted. Attendees organize all the network information into an easy and clear graphic representation of the devices and how they connect with each other. Then they can query for potential network access or vulnerability exposure.

The workshop generates a lot of discussion. We are asked for deeper information about deploying RedSeal at scale in an enterprise and for more information on our integrations with products from vendors such as Cisco, Tenable, Splunk, and ForeScout.

We get great feedback from workshop attendees.  One said, “this is one of the most realistic scenarios I’ve seen in a cybersecurity workshop.”  Another said, “I wish more vendors would do events like this.” And, a cyber analyst said, “Wow. This helped me to understand how powerful RedSeal is.”

We will continue to refine the workshop so that it continues to engage people and demonstrate what is possible with RedSeal.

Why Digital Resilience Is The Most Important Cyber Metric for 2019

Government Technology Insider  | January 19, 2019

The cybersecurity industry is not generally known for the quality of its metrics. In a field where the absence of something happening is the best possible result, it’s been hard to find a meaningful way to communicate how prepared an organization is to withstand a cyber attack, or even to tell if a cyber team is getting better at what it does.

The next shift in cyber insurance that brokers need to track in 2019

Insurance Business America  | January 16, 2019

Ground-shaking earthquakes might topple buildings and displace communities, but they also bear some resemblance to the scale of cyber incidents witnessed in the past year that crippled networks and exposed consumer data, according to one cyber expert.

And the Cybersecurity Survey Says…Federal Cyber Teams Share Challenges, Perspectives and Vision

Government Technology Insider  | January 16, 2019

Cybersecurity experts often like to tell the federal government what it needs to be doing better to deliver on the mission. But how often do they listen to federal government cyber teams to find out what their principal challenges are? And, moreover, how often is that insight collated, analyzed, and shared across civilian and military agencies?

New year, new tactics to keep your personal info safe after Marriott data breach

Los Angeles Times  | January 14, 2019

As consumers, we’re thinking about data breaches all wrong. We ask how something like this can happen. We are shocked when 383 million people, more than the population of the United States, are potentially affected by digital evil-doers. We think nothing will happen to us. And we continue on our merry way. Wrong, wrong, wrong, and especially wrong, experts say.

Digital Resilience: Book Review by Mark Gorenberg

Book Review  | January 14, 2019

Mark Gorenberg, Founder, Zetta Venture Partners 

Wow. What an amazing read. I was mesmerized by the details and easily way you explained the Target breach all the way through the list of recommendations.  Really great work.

Digital Resilience: Book Review by Diana Chapman Walsh

Book Review  | January 8, 2019

By Diana Chapman Walsh, 12th President of Wellesley College

Fascinating, compelling, a beautifully-written page turner that draws the reader in immediately. I learned a whole new vocabulary—new words to convey new concepts in paragraph after paragraph—introduced elegantly and seamlessly so as not to disrupt the flow of the intriguing story you were unfolding. Concepts like “preemptive mitigation of damage” to augment existing security measures aimed at preventing breaches, which are inevitable. And that because of the “frictionless vulnerability” that accompanies the much-desired ability to communicate without friction. The difference (in time and consequence) between infiltration of the network and “exfiltration” of the data. On and on like this.

A whole fascinating world that reads more like a John Grisham novel than a technical treatise. That’s my comment on the pleasure of reading it; masterfully crafted prose and structure. Beyond that, you make an iron-clad case that (1) cybersecurity is among the most important issues of our time and (2) the digital resilience you describe is indispensable and also possible if senior leadership will educate themselves, institute the changes you advocate, and pay attention. I loved your dark energy-dark matter analogy at the opening of Chapter 7.

To Build the Federal Government’s Digital Resilience, Focus on Integration

Government Technology Insider  | January 2, 2019

With Wayne Lloyd, RedSeal Federal CTO

As anyone who works in any government IT field can tell you one of the greatest frustrations they face is integrating their many products. Regardless of whether an agency has begun its migration to the cloud or is just operating data centers, silos undermine the potential of technology and can even compromise an agency’s ability to meet its mission.