Seven Cybersecurity Lessons the Coronavirus Can Teach the Armed Forces (and Us All)

/by

Cyber Defense Review | May 21, 2021

If we have learned anything from the COVID-19 pandemic, it is that very bad things can happen very quickly, especially if we are not sufficiently prepared. It turns out that everything we have been told about the pandemic is also relevant for cybersecurity; as such, the pandemic is an exceptional learning tool for cyber professionals.

Cyberattacks are like biological viruses in several ways: they can spread incredibly fast, their consequences can wreak huge economic damage, and the destruction they cause can be very difficult from which to recover. Viruses spread through human social networks and cyber-attacks exploit our online networks of trust.

Read More

AI, cyber terrain analytics improve hybrid multicloud security

/by

VenturebBeat | May 21, 2021

Typical hybrid cloud IT integration strategies have fundamental design flaws that CIOs and CISOs need to address if they’re going to avert another attack on the scale of SolarWinds.

…any network mapping platform needs to excel at visualization and provide insightful analysis at a graphical level to identify potential security anomalies and actual breach activity. Useful in understanding this is the following example of how RedSeal’s cyber risk modeling software for hybrid cloud environments works.

Read More

11 Tech Experts Share Smart Steps For Protecting Your Personal Information Online

/by

Forbes | May 18, 2021

10. Be especially careful with your money accounts.

Take extra trouble over your money accounts. Treat them as different from all your others. Don’t reuse passwords for financial accounts—ever. Ask anyone who has your money about “two-factor authentication,” and if they don’t offer it, move your account. If possible, push for two-factor that doesn’t depend on text messages (SMS)—it’s too easy to hack. – Mike Lloyd, RedSeal CTO

Read More

After pipeline attack, former DHS cyber leader says ‘stop with the half measures’; security pros urge action in infrastructure bill

/by

Inside Cybersecurity | May 11, 2021

“The President’s new infrastructure plan must incorporate cybersecurity or the new ports, electrical grids and rail systems it proposes will become a bonanza for hackers looking to exploit supply chains along with critical infrastructure,” said Wayne Lloyd, CTO of Federal at RedSeal.

“We live in a digitized world, and the facilities that would be constructed will add to the complexity of the critical infrastructure networks and further expose unintended access points,” Lloyd said. “These networks are increasingly exceeding the ability of humans to fully account for, making it essential that the White House secures the infrastructure by mandating compliance with existing NIST frameworks for the IT & OT systems and funding for technologies that can help automate and monitor the state of compliance for things such as network segmentation, or we’re going to experience another breach on the scale of SolarWinds.”

Read More

Why don’t we live in walled cities anymore?

/by

IT Pro Portal | April 27, 2021

Let’s analyze security and defense over the ages through a Covid lens.

From ancient Jericho through to medieval Constantinople, people built walls around cities as a main method of defense for around 10,000 years.  But we don’t live in walled cities any more – why not?  That’s a really big change, and it deserves an explanation.

Our companies aren’t walled cities, but they certainly had a strong tradition of being centralized and walled off.  A year ago, we suddenly found that we couldn’t do that any longer. I’ve spoken to many managers who were frankly surprised at how well it has worked to abruptly change the paradigm, and let people work out in the community, away from the supervisor’s beady eye, and outside the protective walls of the building or the network.

Read More

What You Need to Know About CMMC Certification

/by

MSSP Alert | April 15, 2021

As the Cybersecurity Maturity Model Certification (CMMC) nears full implementation, affected organizations are scurrying to ensure they’ll pass the certification process.

The goal is simple: organizations must meet minimum cybersecurity standards, and in doing so, they do their part to improve national security. The stakes are extraordinarily high for the estimated 300,000 defense industrial base (DIB) organizations which will soon need to be certified to one of the five CMMC levels to be eligible to be awarded a federal contract. Simply stated: no certification, no contract. From the perspective of the U.S. Government and the Department of Defense, the stakes have always been high since the DIB plays such a critical role in the defense of our nation. The only way to ensure the protection of our data and the integrity of the supply chain is to hold industry to a higher standard.

Read More

16 Strategies To Prevent Your Team Members From Adopting ‘Shadow IT’

/by

Forbes | April 9, 2021

12. Take a Zero Trust approach.

I hate the phrase “Zero Trust” (and an increasing groundswell of security professionals agree), but the original ideas of the Zero Trust movement do make sense. Old networks were like castles, but today’s networks are like cities—security teams have to think like mayors, not feudal lords. It’s about mapping, coordination and preparation, not about thick stone walls. – Mike Lloyd, RedSeal

Read More

Digital transformation or digital evolution?

/by

Computer Weekly | April 1, 2021

Digital transformation is often associated with disruptive technology, but Mike Lloyd, chief technology officer (CTO) at RedSeal, questions whether the popularity of “disruption” is a positive thing, noting that in most other areas of life it’s a negative term.

“So why is ‘disruption’ seen as cool when it comes to tech?” he asks. “In part, it’s how you get your new idea noticed – the media and investors are always looking for the new-new thing, and see something like a tune-up or improvement of an old thing as boring. Customers see it the other way around – disruption is bad, what most people want to buy is incremental efficiency.”

Read More

5 Things I Wish Someone Told Me Before I Began Leading My Company

/by

Authority Magazine | March 23, 2021

An Interview Between Charlie Katz and RedSeal CEO Bryan Barney

What do you think makes your company stand out? Can you share a story?
What makes RedSeal so great is we understand network paths better than anyone in the cybersecurity industry. Modern networks are so complex, no one really understands them. Companies don’t understand what is on their network, how everything is connected, or the security implications. You can’t secure what you don’t understand, and we allow people to understand their network environment. This is particularly important and urgent in the cloud environments that are quickly becoming the heart of all networks.

Read More

Prioritizing risk in M&A due diligence in the COVID-19 era, and beyond

/by

Cybersecurity Drive | March 22, 2021

The recession caused by the coronavirus pandemic had a chilling effect on economic activity, as companies determined next steps. For some, the solution to weather the contraction was to limit spending, while others accelerated innovation and technology adoption.

The good news is that there is nowhere to go but up. There is likely to be significant pent up demand in the coming year for M&As. In fact, a global survey of 250 senior M&A executives conducted by law firm White & Case LLP found dealmakers are optimistic about the outlook for M&A activity, with three-quarters saying they expect M&A activity to increase in their region in the coming year.

Read More