Security is a tough job – we invest so much effort, and yet the breaches keep on happening. The way forward is to find what you have, in the cloud and across your physical sites, see how it’s all connected, and understand where you can block incoming attacks.
All cybersecurity news events, like the recent disclosure of compromise involving SolarWinds Orion by APT 29, aka “Cozy Bear,” cause CISOs to ask the same initial questions:
Do I have this problem? Where? What are the consequences?
In this instance, the attack is extremely sophisticated, and quite alarming – it’s a supply chain attack, involving […]
Health Tech Digital | June 23, 2020
Being prepared for the unknown is as important to the digital side of healthcare as it is to the medical side. Both require knowing your resources, preparing for likely scenarios and following good hygiene practices for advanced planning, health maintenance, and rapid intervention. There are established protocols in […]
I’m delighted with the deal RedSeal just announced with STG. I’ve worked in several start-ups — from the earliest stage, when the whole company could share a single elevator, all the way through acquisition by huge global corporations. My favorite times are when we’re all actively engaged with customers and the company has a sense […]
The drumbeat of media coverage of new breaches continues, but it’s useful sometimes to look back at where we’ve been. Each scary report of so many millions of records lost can be overwhelming. It certainly shows that our network defenses are weak, and that attackers are very effective. This is why digital resilience is key […]
Warren Buffett recently made clear how risk-averse his business is when it comes to cyber insurance. Addressing his annual shareholder meeting, he summarized the state of play like this: “I think anybody that tells you now they think they know in some actuarial way either what [the] general experience is like in the future, or what […]
The Uber hack is a public lesson that a breach may be bad, but a cover-up is worse. (See Nixon, Richard.) It was a foolish mistake to try to hide an attack of this scale, but then, the history of security is a process where we all slowly learn from foolish mistakes. We live in […]
I just came across a WSJ Pro article titled “Inside the NSA: Companies Need to Follow the Basics,” and figured I could offer an “amen.” The NSA gets points for seeing things clearly – but then, I suppose that is their job, whether we like it or not! The area they discuss isn’t easy to write […]
FORBES | February 17, 2017
By Dr. Mike Lloyd, RedSeal CTO
The Internet of Things crashed into the old Internet on Oct 21st, and it wasn’t pretty. A specialized but fairly simple bit of malware known as Mirai was used to cause huge numbers of simple Internet-connected devices (cameras, home routers, baby monitors, etc.) to […]
Some people are surprised that Heartbleed is still out there, 3 years on, as you can read here. What this illustrates is two important truths of security, depending on whether you see the glass half full or half empty.
One perspective is that, once again, we know what to do, but failed to do it. Heartbleed is […]