Entries by Dr. Mike Lloyd, CTO, RedSeal

Understanding the UnitedHealthcare Data Breach: The Importance of Good Segmentation

After receiving a call from KCBS to comment on the UnitedHealthcare data breach, I was reminded of the critical importance of cybersecurity measures and proactive solutions like RedSeal in safeguarding sensitive information.

The Impact on Patients and Healthcare Organizations

The repercussions of the UnitedHealthcare data breach extend beyond the confines of the company itself. Patients […]

Finding Internet-facing Vulnerabilities: RedSeal Perspective on The Five Eyes Advisory

Today, the international cybersecurity consortium known as The Five Eyes (Australia, Canada, New Zealand, the UK, and the US) published a joint Cybersecurity Advisory. It’s a scary read, on several fronts. It details the top 12 vulnerabilities that are actively being exploited, in current breaches. The advisory doesn’t detail the breaches, because a lot of that […]

Accidental Cloud Exposure – A Real Challenge

The recent disclosure that Toyota left customer data accidentally exposed for a decade is pretty startling, but can serve as a wake up call about how cloud problems can hide in plain sight.

It’s not news that humans make mistakes – security has always been bedeviled by users and the often foolish choices that they make. Administrators are human too, of course, and so mistakes creep in to our networks and applications. This too is a perennial problem. What’s different in the cloud is the way such problems are hard to see, and easy to live with until something bad happens. Cloud isn’t just “someone else’s computer”, as the old joke goes – it’s also all virtual infrastructure.

National Cyber Strategy — What We Know So Far

I’ve run into several folks who wanted to ignore the Biden Administration’s recently announced National Cybersecurity Strategy – “isn’t that just for Federal agencies?”. That would be a dangerously flawed assumption! This is a major shift in strategy, and regardless of how small your organization is, it’s going to change how you get to a secure state, and how you show that you’re doing it.

The administration makes no secret of its goals, even if they are controversial. They openly describe a target of shifting the playing field, and as always, this creates winners and losers. You need to be agile to ensure you’re on the winner side of this equation! The tilted playing field is aiming for two effects. One goal is to change the economic risk/reward so that bad actors think twice. The other is a significant shift in the burden of defense, pushing it up from smaller mom-and-pop scale organizations, transferring it to larger, more capable companies.

IT/OT Convergence

Operational Technology (OT) systems have decades of planning and experience to combat threats like natural disasters – forces of nature that can overwhelm the under-prepared, but which can be countered in advance using well thought out contingency plans. Converging IT with OT brings great efficiencies, but it also sets up a collision between the OT world and the ever-changing threats that are commonplace in the world of Information Technology. 

On the Internet We’re All in a War Zone: Why it’s Time to Prepare for the Worst

Sadly, once again we find ourselves watching war as it unfolds. The truth is that, by accident or design, we’re all in a war zone online, because online conflict does not respect country boundaries or even physical distance. Western targets must prepare accordingly, by understanding their attack surface in granular detail, and probing for weaknesses that could be exploited by adversaries in the days, weeks and months to come. Resilience is the name of the game here, and that will only come about by plugging the highest risk gaps now across cloud and on-premises infrastructure.

Why Cloud Security Posture Management Is Essential to Your Overall Security Plan

I think we’d all agree the last year and a half has brought disruption, and cloud security wasn’t exempt. The Covid-19 crisis has dramatically expanded attack surfaces as companies transitioned to remote work and embraced the cloud. But let’s be clear: the cloud is not a magic bullet. Yes, the cloud is relatively new and exciting, and it does prevent some of the old security mistakes. And yes, the cloud does close off some previously vulnerable spaces. But at the same time, it opens up new ways to do things wrong.

Understanding What’s In My Cloud

Today’s business applications run in an environment that would be unrecognizable to IT professionals 10 years ago. The rise of virtualization and the cloud has finally cut the ties to specific hardware, and all but the most exotic workloads can now be run anywhere — on virtual machines in your physical buildings, or on a cloud vendor of your choice.