Cybersecurity is Failing—Time for a Reset?

Blog InfoSec | August 26, 2019

How to Identify Your Boundary Defense Needs

By Kes Jecius, RedSeal Senior Consulting Engineer

The Center for Internet Security’s (CIS) twelfth control for implementing a cybersecurity program is for your organization to control the flow of information transferring between networks of different trust levels. The first sub-control states that an organization should maintain an inventory of all network boundaries. So, the first question you need to ask is: where are your network boundaries?

Back in the days before the Internet was prevalent and mainframes dominated the IT landscape, these boundaries were very well defined. All the company’s information was warehoused in a mainframe centrally controlled by a small group of people. Getting access to the data was a very rigorous process and external links were not common. When external links were established, they were very tightly defined to exchange the minimum amount of information required to conduct business.

With the introduction of Local Area Networks, data started to be distributed within the organization. The IT department frequently was not involved in the deployment of these networks since they were seen as local resources and didn’t include external links. As these data resources grew, departments wanted to share information outside the boundaries of their local network. The Internet facilitated this connectivity, and IT departments needed to get involved to provide a control point for these data flows.

Now jump to the present where organizations have multiple internal data sources deployed in a distributed fashion, and the business owners of the data want to share this information with others to make their operations more efficient. The IT department now needs to understand the network boundaries and the security group needs to control and manage the boundary defense requirements.

To inventory these boundaries, the first step is to understand how your network infrastructure is connected. Assuming you’ve done a good job implementing CIS Control #1 (Inventory and Control of Hardware Assets), you have an initial base to identify all connections to external organizations and the Internet. A secondary pass through this information should focus on identifying internal connectivity. Understand where your organization allows data to flow and identify untrusted links within the organization, like guest wireless access.

The second phase of creating your boundary inventory is to leverage the data gathered in implementing CIS Control #2 (Inventory and Control of Software Assets). By understanding the systems running on your servers, you can start to understand where the users of the data are connecting to the enterprise. Then, map these flows to the hardware inventory to get an understanding of all network boundaries and determine where your organization should focus to implement appropriate security controls.

With automated tools and platforms in place from the first two controls, putting together the initial inventory of network boundaries should be a relatively easy process. Then your security group can start to improve overall boundary defenses as identified in the other sub-controls within the twelfth CIS control (Boundary Defense).

Although no single product can be the solution for implementing and managing all CIS controls, look for products that provide value in more than one area and integrate with your other security solutions. RedSeal, for example, is a foundational solution that provides significant value for understanding the networking environment and helping to identify the network boundaries that have already been deployed. This, in turn, will allow your organization to improve these boundary defenses in a cost efficient manner.

Download the RedSeal CIS Controls Solution Brief to find out more about how RedSeal can help you implement your cybersecurity program using the CIS Controls.

RedSeal Named New Product of the Year in Risk Management Software

Security Today | August 16, 2019

RedSeal was named 2019 New Product of the Year Award in the Risk Management Software category by Security Today. The award program honors the outstanding product development achievements of security equipment manufacturers whose products are considered particularly noteworthy in their ability to improve security.

RedSeal Named Winner in Black Unicorn Awards for 2019

Cyber Defense Awards | August 6, 2019

RedSeal, the leader in network cyber risk modeling for hybrid environments, announced that is has been named a Winner in the Black Unicorn Awards for 2019.

RedSeal competed over a five month period against many of the industry’s leading providers of cybersecurity products and services for this prestigious award.  The term “Black Unicorn” signifies a cybersecurity company that has the potential to reach a $1 billion dollar market value as determined by private or public investment and these awards showcase those companies with this kind of incredible potential in the cybersecurity marketplace.

“We judges felt that RedSeal deserved to be named a Black Unicorn Awards winner for 2019 because they have the team, technology, drive and hypergrowth curve to potentially become a cybersecurity unicorn,” said Judges Robert Herjavec of www.herjavecgroup.com, David DeWalt of www.nightdragon.com and Gary Miliefsky of www.cyberdefensemediagroup.com.

A dismal industry: The unsustainable burden of cybersecurity

ZDNet | August 2, 2019