Securing the Supply Chain Against Cyber Disruption

Loss Prevention Magazine | December 11, 2019

Just like a physical chain, a supply chain is only as strong as its weakest link. Today’s issues are about networks of interdependence. We extract major economic benefits from modern supply chains, because each organization can focus on its core mission or specialty. This narrowing of focus is very effective, allowing each organization to be the best at whatever it does—making widgets, transporting them, or adding value by assembling parts made by other specialists. But this same narrowing of focus on just one aspect of a system means the system as a whole becomes fragile.

Forget Cybersecurity

Corporate Board Member| December 6, 2019

Cyber risk is a board-level issue because a breach can crush a company’s stock price, tarnish its reputation and scare off customers and partners. A study by the Ponemon Institute revealed that a company’s stock price drops an average of 5 percent immediately after a breach is exposed. The study further found that companies lose an average of $3.92 million in revenue and a significant portion of their customers after a breach.

It’s no longer a question of whether a company will experience an attack, but when. Security is about hunkering down, while resilience means being able to operate after a breach. Here’s what directors need to know.

Get to Know NTI: Ray Rothrock

Nuclear Threat Initiative – Atomic Pulse | December 2, 2019

Ray Rothrock is a member of NTI’s Board of Directors and its Science and Technology Advisory Group. He has three decades of business leadership—investing in, advising and leading many of the technology and cybersecurity companies that form the fabric of today’s networks. He is partner emeritus at Venrock, the VC arm of the Rockefeller family’s efforts, and the CEO and chairman of RedSeal, which provides critical cyber and business insights via its cyber risk modeling platform to more than 50 government agencies and hundreds of commercial enterprises.

UK IT Pros: Brexit Will Increase Skills Shortages

Infosecurity Magazine | November 27, 2019

Over 90% of UK IT professionals believe Brexit will make chronic industry skills shortages even worse, according to new research from RedSeal.

The security vendor polled 502 IT professionals to gain greater insight into the skills challenges facing the country.

In total, 87% of CIOs and senior IT pros admitted that they are struggling to find cybersecurity professionals with the right expertise. In addition, 73% argued that Brexit-related uncertainty is adding to the challenge of hiring from outside the UK, and even more (95%) said that leaving the EU will only widen the current skills gap.

The smart tech threat to CEOs

TechRadar | November 7, 2019

The cybersecurity industry talks a lot about the importance of “board-level buy-in” for projects and a security-by-design culture led from the “top down”. What does that actually mean? It means CEOs and senior managers who “get” security: leaders who know that security done right can be a competitive differentiator and growth driver, not a block on innovation.

The reality is that most still do not.

Book Review: Digital Resilience, by Ray Rothrock

Tag Cyber | November 1, 2019

By Edward Amoroso

There was a time in America, decades ago, when one would feel obliged to possess a good working knowledge of science and technology to be considered a well-rounded adult. This is how physicists like Einstein became mainstream celebrities, attending film openings with Charlie Chaplin, and being hailed for scientific contributions. Years later, NASA engineers were treated accordingly, especially by young people hoping to someday design rockets.

Cyber Attacks Are Inevitable. How Do We Protect Ourselves?

Supply Chain Brain | November 1, 2019

RedSeal CEO Ray Rothrock joins Bob Bowman, managing editor of SupplyChainBrain, to discuss cybersecurity and protecting ourselves with resilience.

The SupplyChainBrain Podcast features in-depth conversations with industry practitioners, academics, consultants and other experts on every aspect of supply-chain management and international trade.

Cybersecurity: Ray Rothrock – Prepare, Protect, Respond

Public Utilities Fortnightly | November 1, 2019

RedSeal CEO Ray Rothrock was interviewed in a Cybersecurity Special Feature for Fortnightly Magazine, and discusses his security recommendations for the leaders of utilities and regulators, segmentation, NERC CIP compliance and more.

Hackers access Bed Bath & Beyond customer data

Digital Commerce 360 | October 31, 2019

For a shopper who was impacted, she should ensure she doesn’t use the same password for her Bed Bath & Beyond account elsewhere. In fact, not reusing passwords is one way consumers can protect themselves from fraud, says Mike Lloyd, chief technology officer from cyber security firm RedSeal Inc.

“It’s important to realize that if you use the same password at your bank as you use for less important services like social media or video streaming, then a bad guy only has to break into whichever company has the weakest security, then steal your passwords and use them everywhere else you go,” Lloyd says.

What Do You Do When You Can’t Patch Your IoT Endpoints?

Dark Reading | October 29, 2019

Question: What do you do when you can’t patch your IoT endpoints?

Dr. Mike Lloyd, CTO of RedSeal: Internet of Things devices are great because they aren’t as complicated as phones, laptops, or servers. General-purpose computers cause headaches. Unfortunately for security, IoT devices are also a curse for the same reason – precisely because they aren’t flexible. The security toolchain and ecosystem we’ve built up assumes we can put stuff on network endpoints, but IoT “things” are different. Agents? Scanning? Patching? Antivirus? None of that works in the new world of IoT widgets. Worse, many of these devices are built en masse by companies focused on price point, with no intention of supporting patching.