Why don’t we live in walled cities anymore?

/by

IT Pro Portal | April 27, 2021

Let’s analyze security and defense over the ages through a Covid lens.

From ancient Jericho through to medieval Constantinople, people built walls around cities as a main method of defense for around 10,000 years.  But we don’t live in walled cities any more – why not?  That’s a really big change, and it deserves an explanation.

Our companies aren’t walled cities, but they certainly had a strong tradition of being centralized and walled off.  A year ago, we suddenly found that we couldn’t do that any longer. I’ve spoken to many managers who were frankly surprised at how well it has worked to abruptly change the paradigm, and let people work out in the community, away from the supervisor’s beady eye, and outside the protective walls of the building or the network.

Read More

RedSeal Named Govies Winner for Network Security in 2021

/by

Security Today | April 19, 2021

RedSeal has been named a Platinum winner of Security Today’s Govies Government Security Award in the “Network Security” category. Security Today magazine is the only integrated product and technology magazine reaching the entire security market and the awards honor outstanding government security products in a variety of categories.

Learn More

What You Need to Know About CMMC Certification

/by

MSSP Alert | April 15, 2021

As the Cybersecurity Maturity Model Certification (CMMC) nears full implementation, affected organizations are scurrying to ensure they’ll pass the certification process.

The goal is simple: organizations must meet minimum cybersecurity standards, and in doing so, they do their part to improve national security. The stakes are extraordinarily high for the estimated 300,000 defense industrial base (DIB) organizations which will soon need to be certified to one of the five CMMC levels to be eligible to be awarded a federal contract. Simply stated: no certification, no contract. From the perspective of the U.S. Government and the Department of Defense, the stakes have always been high since the DIB plays such a critical role in the defense of our nation. The only way to ensure the protection of our data and the integrity of the supply chain is to hold industry to a higher standard.

Read More

Old Fortinet Flaws are being used to breach federal and commercial networks

/by


RedSeal Cyber Threat Series            

The Federal Bureau of investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) have released a joint advisory warning that 3 Fortinet CVEs (CVE 2018-13379, CVE-2020-12812, and CVE-2019-5591) are being leveraged to gain a foothold in government agency and commercial networks to be exploited in the future. The FBI and CISA observed attackers scanning for ports 4443, 8443, and 10443.

Enterprises should immediately patch their FortiOS software and follow the recommended configuration guidance.

RedSeal customers should:

  1. Run a custom best practice check to receive a list of vulnerable devices
  2. Create and run daily reports until all affected systems are patched.

For additional details, contact your RedSeal sales representatives or email info@redseal.net

References:

https://www.ic3.gov/Media/News/2021/210402.pdf

https://www.fortiguard.com/psirt/FG-IR-19-283

https://www.fortiguard.com/psirt/FG-IR-18-384

https://www.fortiguard.com/psirt/FG-IR-19-037

https://kb.fortinet.com/kb/documentLink.do?externalID=FD49410

 

 

16 Strategies To Prevent Your Team Members From Adopting ‘Shadow IT’

/by

Forbes | April 9, 2021

12. Take a Zero Trust approach.

I hate the phrase “Zero Trust” (and an increasing groundswell of security professionals agree), but the original ideas of the Zero Trust movement do make sense. Old networks were like castles, but today’s networks are like cities—security teams have to think like mayors, not feudal lords. It’s about mapping, coordination and preparation, not about thick stone walls. – Mike Lloyd, RedSeal

Read More

Digital transformation or digital evolution?

/by

Computer Weekly | April 1, 2021

Digital transformation is often associated with disruptive technology, but Mike Lloyd, chief technology officer (CTO) at RedSeal, questions whether the popularity of “disruption” is a positive thing, noting that in most other areas of life it’s a negative term.

“So why is ‘disruption’ seen as cool when it comes to tech?” he asks. “In part, it’s how you get your new idea noticed – the media and investors are always looking for the new-new thing, and see something like a tune-up or improvement of an old thing as boring. Customers see it the other way around – disruption is bad, what most people want to buy is incremental efficiency.”

Read More