The smart tech threat to CEOs

TechRadar | November 7, 2019

The cybersecurity industry talks a lot about the importance of “board-level buy-in” for projects and a security-by-design culture led from the “top down”. What does that actually mean? It means CEOs and senior managers who “get” security: leaders who know that security done right can be a competitive differentiator and growth driver, not a block on innovation.

The reality is that most still do not.

Book Review: Digital Resilience, by Ray Rothrock

Tag Cyber | November 1, 2019

By Edward Amoroso

There was a time in America, decades ago, when one would feel obliged to possess a good working knowledge of science and technology to be considered a well-rounded adult. This is how physicists like Einstein became mainstream celebrities, attending film openings with Charlie Chaplin, and being hailed for scientific contributions. Years later, NASA engineers were treated accordingly, especially by young people hoping to someday design rockets.

Cyber Attacks Are Inevitable. How Do We Protect Ourselves?

Supply Chain Brain | November 1, 2019

RedSeal CEO Ray Rothrock joins Bob Bowman, managing editor of SupplyChainBrain, to discuss cybersecurity and protecting ourselves with resilience.

The SupplyChainBrain Podcast features in-depth conversations with industry practitioners, academics, consultants and other experts on every aspect of supply-chain management and international trade.

Cybersecurity: Ray Rothrock – Prepare, Protect, Respond

Public Utilities Fortnightly | November 1, 2019

RedSeal CEO Ray Rothrock was interviewed in a Cybersecurity Special Feature for Fortnightly Magazine, and discusses his security recommendations for the leaders of utilities and regulators, segmentation, NERC CIP compliance and more.

Hackers access Bed Bath & Beyond customer data

Digital Commerce 360 | October 31, 2019

For a shopper who was impacted, she should ensure she doesn’t use the same password for her Bed Bath & Beyond account elsewhere. In fact, not reusing passwords is one way consumers can protect themselves from fraud, says Mike Lloyd, chief technology officer from cyber security firm RedSeal Inc.

“It’s important to realize that if you use the same password at your bank as you use for less important services like social media or video streaming, then a bad guy only has to break into whichever company has the weakest security, then steal your passwords and use them everywhere else you go,” Lloyd says.

What Do You Do When You Can’t Patch Your IoT Endpoints?

Dark Reading | October 29, 2019

Question: What do you do when you can’t patch your IoT endpoints?

Dr. Mike Lloyd, CTO of RedSeal: Internet of Things devices are great because they aren’t as complicated as phones, laptops, or servers. General-purpose computers cause headaches. Unfortunately for security, IoT devices are also a curse for the same reason – precisely because they aren’t flexible. The security toolchain and ecosystem we’ve built up assumes we can put stuff on network endpoints, but IoT “things” are different. Agents? Scanning? Patching? Antivirus? None of that works in the new world of IoT widgets. Worse, many of these devices are built en masse by companies focused on price point, with no intention of supporting patching.

7 Technology Books Every Entrepreneur Should Read

Forbes | October 8, 2019

Malware, ransomeware, phishing attacks, viruses…are just some of the cyberthreats facing society. And they are getting more destructive.

What to do? Well, Ray Rothrock–who is a venture capitalist and is on the board of Check Point Software–has some solid answers. In his book, he goes over key areas like assessing networks, identifying threats and how to spruce up defenses. He also stresses that security can never be 100% but there are still actions to take that will greatly increase the odds of avoiding a hack.

Back to Basics: Why Asset Inventories are Key to Cyber Security

TAG Cyber | October 4, 2019

During a recent call, RedSeal’s Chief Product Officer, Kurt Van Etten, referenced an enterprise challenge that is too familiar. He shared with Ed Amoroso and me that maintaining and understanding one’s network asset inventory, both hardware and software, is the key to maintaining a strong cyber security program. It’s not sexy, and not what gets the most attention in media or at conferences, but companies must know what they have, where it is, and who has access.

DOE Sets Sights on Accelerating AI (and other) Technology Transfer

HPC Wire | October 3, 2019

All the panelists commented on workforce issues. There was general agreement that AI is developed most effectively in multi-discipline environments.

“The cyber industry is about a $126 billion [market]. There are 3,000 products out there. A typical large corporation probably like Exelon has 50 or 60 cyber products and only five or 10 people to operate it. Well, that number, it’s a crushing situation. And while you need engineers, for sure, you also need technicians. They don’t need all need a four-year degree, they need a piece of it,” said Rothrock.

On Cybersecurity: Two Scoops of Perspective

New York Times | September 29, 2019

Ben Cohen, the co-founder of Ben & Jerry’s Ice Cream, calls spending huge amounts on the effort “a tragic waste.” Another urges creation of a cabinet-level agency to deal with threats.

To the Editor:

Glenn S. Gerstell’s article identifies the magnitude of the digital juggernaut and brilliantly lays out the difficulty of the challenge. It is this very complexity that underscores the need for a cabinet-level agency dedicated to cybersecurity to ensure coordination and resilience in the face of threats.

The Department of Homeland Security was created after the 9/11 tragedy, coordinating 180,000 employees working in the country’s intelligence, defense and law enforcement agencies. Similarly, in the 1970s, as Americans dealt with an energy crisis, President Jimmy Carter created the Energy Department to consolidate American energy policy and ensure a consistent supply of energy and protect the country from threats to our economy and readiness.

If desperate times call for desperate measures, then surely risky and rapidly changing times call for measures that are resolute. The United States must prioritize cybersecurity, just as we do homeland security and energy. Let’s not wait until the revolution is lost.

Ray Rothrock
San Jose, Calif.
The writer is chief executive of RedSeal, a cybersecurity company, and the author of “Digital Resilience: Is Your Company Ready for the Next Cyber Threat?”