New year, new tactics to keep your personal info safe after Marriott data breach

Los Angeles Times  | January 14, 2018

As consumers, we’re thinking about data breaches all wrong. We ask how something like this can happen. We are shocked when 383 million people, more than the population of the United States, are potentially affected by digital evil-doers. We think nothing will happen to us. And we continue on our merry way. Wrong, wrong, wrong, and especially wrong, experts say.

To Build the Federal Government’s Digital Resilience, Focus on Integration

Government Technology Insider  | January 2, 2018

With Wayne Lloyd, RedSeal Federal CTO

As anyone who works in any government IT field can tell you one of the greatest frustrations they face is integrating their many products. Regardless of whether an agency has begun its migration to the cloud or is just operating data centers, silos undermine the potential of technology and can even compromise an agency’s ability to meet its mission.

Cybersecurity: The Hackers Are Already Through The Utilities’ Doors, So What’s Next?

Forbes | December 20, 2018

In a recent conversation on the topic of cybersecurity, Ray Rothrock – CEO of cybersecurity firm RedSeal, and author of the 2018 book Digital Resilience – offered some interesting and sobering insights on the state of the cyber world and utilities. He commented that hackers are already likely sitting in various U.S. utility systems and reconnoitering, in what the Department of Homeland Security calls an Advanced Persistent Threat mode. The critical question, then, is what to do about that fact, and how to create resilient responses.

Zuckerberg: How He Can Get Facebook Back On Track

Forbes | December 15, 2018

“Facebook rose to success at a time when most people made clear how little they cared about privacy – we would post anything, and we enjoyed the freedom and the sense of connection,” said Dr. Mike Lloyd, who is the CTO of RedSeal. “Unfortunately, like a vine growing up a building, Facebook has spent years attaching itself to the way people used to behave.  Its business model depends on people remaining incautious, and insensitive to privacy issues. But people are changing as we encounter more of the downsides of social networks.  We are getting more suspicious and less trusting.”

Best security software: How 25 cutting-edge tools tackle today’s threats

IDG | December 14, 2018

Threats are constantly evolving and, just like everything else, tend to follow certain trends. Whenever a new type of threat is especially successful or profitable, many others of the same type will inevitably follow. The best defenses need to mirror those trends so users get the most robust protection against the newest wave of threats. Along those lines, Gartner has identified the most important categories in cybersecurity technology for the immediate future.

Trade group pushes voluntary cybersecurity standard for defense contractors

The Washington Post | December 13, 2018

With Kimberly Baker, RedSeal Senior Vice President and GM Public Sector

As the U.S. military tries to ensure its military assets are as secure as possible against cyberattack, the U.S. defense industry is gathering behind a new set of standards to spot cybersecurity laggards within its own supply chain.

The Aerospace Industries Association (AIA), an Arlington-based trade association that lobbies on behalf of defense contractors, on Tuesday released a set of voluntary standards designed to help U.S. aerospace companies ensure the weapons systems they make for the U.S. military are secure from hackers.

Does Improving Cybersecurity Begin with Improving the Acquisitions Process?

Government Technology Insider | December 11, 2018

With Kimberly Baker, RedSeal Senior Vice President and GM Public Sector

The ability to secure federal data, networks, and assets is impacted by the ability of agency cyber leaders to access required technology. They need to continually respond to well-resourced adversaries that are constantly evolving the mechanisms of attack.

Because of the acquisitions process, requests to upgrade existing cyber defenses or acquire the tools that can keep pace with this constantly evolving threat environment can take months if not years. During that time – from request to approval and deployment – critical systems and data are vulnerable to a breach.

Scanning for Flaws, Scoring for Security

Krebs on Security | December 2018

“You can, of course, establish some important things about the quality of a building from a photograph, but it’s no substitute for really being able to inspect it from the inside,” Dr. Mike Lloyd told Dark Reading regarding the Chamber/FICO announcement in October.

7 Common Breach Disclosure Mistakes

Dark Reading | December 7, 2018

When a breach happens, speed and clarity are vital, adds Mike Lloyd, CTO at RedSeal. Organizations that have fared badly after a breach have always been the entities that mishandled the disclosure, took too long to disclose, miscommunicated the details, or tried to cover up the issues, he says.

“There is always a surprise factor when you realize someone has broken in, but the better you know your own organization, the faster you can respond,” Lloyd says.

Building a Cyber Resilience Plan: Insights and Tactics

Government Technology Insider | November 14, 2018

With Dr. Mike Lloyd, RedSeal CTO

In part one of our discussion with Dr. Mike Lloyd of RedSeal, he shared the steps that form the basis of a cyber resilience plan so that agencies can take to limit – and recover from – the impact of a cyberattack. Continuing the discussion, Lloyd drills deeper into steps any organization can take to become more resilient.