How Defense Contractors Should Prepare for a Cyber Proxy War With Iran

ClearanceJobs | January 10, 2019

Eighteen months have passed since that day on June 27, 2017, when an IT administrator, working for the world’s largest shipping conglomerate, watched helplessly as one computer monitor screen after another in Maersk’s Copenhagen headquarters went black.

The question as we head into 2020 is, what lessons can we take away from that incident — and in particular, what should leaders operating federal agencies be doing differently today as a result?

What’s your agency’s cyber resiliency score?

FedScoop | January 8, 2019

Eighteen months have passed since that day on June 27, 2017, when an IT administrator, working for the world’s largest shipping conglomerate, watched helplessly as one computer monitor screen after another in Maersk’s Copenhagen headquarters went black.

The question as we head into 2020 is, what lessons can we take away from that incident — and in particular, what should leaders operating federal agencies be doing differently today as a result?

Network Resilience vs. Cyber Resilience

SIGNAL Magazine | January 6, 2019

There are certainly similarities between network resilience and cyber resilience. The foundation for both is the ability to maintain business or mission capabilities during an event, such as a backhoe cutting your fiber cables or a nation-state actively exploiting your network. But there are also significant differences.

Can the UK government’s efforts solve the cyber skills gap?

Computer Weekly | December 30, 2019

The scarcity of skilled cyber security workers in Europe is getting worse, with just under two-thirds of employers saying they are now short of staff, according to the latest report from (ISC)2.

Mike Lloyd, chief technology officer at cyber risk modelling platform provider RedSeal, says that what is required is a mix of “base technical skills, which means learning how the modern digital world works, for example, how websites can be attacked”, and developing an “adversarial mindset, which takes years of experience in playing cat and mouse games”.

It’s Time to Act: Establish a Secretary of Cybersecurity (Contributed)

Government Technology | December 19, 2019

All levels of government, as well as the private sector, face growing dangers from cyberthreats. That’s why there needs to be a centralized approach to cyberpolicies before a crisis occurs.

Today, the United States is in a very similar place when it comes to cybersecurity: cyberthreats challenge our economy, our military, our national security and our infrastructure, and it’s time for the federal government to act definitively.

Tips and Guidance For Educational Entities To Ensure The Safety and Security of Their IT Data

Education IT Reporter | December 17, 2019

Schools are especially prone to ransomware attacks, due to the combination of weak security protocols, out of date computer equipment, and a lack of skilled staff. Digital infections can spread among school computers much the same as biological germs spread among students. Security is unfortunately quite a lot like a treadmill – it never stops. You can never arrive at a state of solid protection, because what was good enough yesterday won’t be good enough tomorrow. New vulnerabilities are continually being found. The need to invest in basic online hygiene is constant.

Securing the Supply Chain Against Cyber Disruption

Loss Prevention Magazine | December 11, 2019

Just like a physical chain, a supply chain is only as strong as its weakest link. Today’s issues are about networks of interdependence. We extract major economic benefits from modern supply chains, because each organization can focus on its core mission or specialty. This narrowing of focus is very effective, allowing each organization to be the best at whatever it does—making widgets, transporting them, or adding value by assembling parts made by other specialists. But this same narrowing of focus on just one aspect of a system means the system as a whole becomes fragile.

Forget Cybersecurity

Corporate Board Member| December 6, 2019

Cyber risk is a board-level issue because a breach can crush a company’s stock price, tarnish its reputation and scare off customers and partners. A study by the Ponemon Institute revealed that a company’s stock price drops an average of 5 percent immediately after a breach is exposed. The study further found that companies lose an average of $3.92 million in revenue and a significant portion of their customers after a breach.

It’s no longer a question of whether a company will experience an attack, but when. Security is about hunkering down, while resilience means being able to operate after a breach. Here’s what directors need to know.

Get to Know NTI: Ray Rothrock

Nuclear Threat Initiative – Atomic Pulse | December 2, 2019

Ray Rothrock is a member of NTI’s Board of Directors and its Science and Technology Advisory Group. He has three decades of business leadership—investing in, advising and leading many of the technology and cybersecurity companies that form the fabric of today’s networks. He is partner emeritus at Venrock, the VC arm of the Rockefeller family’s efforts, and the CEO and chairman of RedSeal, which provides critical cyber and business insights via its cyber risk modeling platform to more than 50 government agencies and hundreds of commercial enterprises.

UK IT Pros: Brexit Will Increase Skills Shortages

Infosecurity Magazine | November 27, 2019

Over 90% of UK IT professionals believe Brexit will make chronic industry skills shortages even worse, according to new research from RedSeal.

The security vendor polled 502 IT professionals to gain greater insight into the skills challenges facing the country.

In total, 87% of CIOs and senior IT pros admitted that they are struggling to find cybersecurity professionals with the right expertise. In addition, 73% argued that Brexit-related uncertainty is adding to the challenge of hiring from outside the UK, and even more (95%) said that leaving the EU will only widen the current skills gap.