The Pandemic Is a Catalyst for Better Board Discussions About Cybersecurity

/by

NACD Directorship | January/February 2021

By Mike Lloyd and Ray Rothrock

Cybersecurity is a universal challenge because there is an appreciable
part of every modern organization’s business that is digital
and therefore vulnerable to cyberattack. And this really is a war,
albeit with blurred front lines and unclear rules of engagement.
But the perennial challenge for directors is to clear away the fog.
The cyber landscape is exceptionally difficult because it is constantly
shifting—and winning depends on those who can best act
on imperfect information.

Read More

7 tips for modernizing data management

/by

CIO | January 25, 2021

Data is an enterprise’s most valuable and enduring asset, serving as the foundation for both digital strategy and transformation. Yet maintaining a strong grip on rapidly spiraling amounts of data scattered across public and private clouds, as well as in on-premises environments, requires a new and innovative management approach

2. Inventory and map all data assets

Before moving forward, return to the basics. “If you can’t nail down where your data assets are and what’s protecting them, you won’t be able to answer whether the access granted is appropriately limited or wide open to the internet,” warns Mike Lloyd, CTO at cybersecurity technology developer RedSeal.

Read More

Simplifying security: how to navigate the integration challenge

/by

Computer Fraud & Security | January 2021

We deploy a lot of security technology, but breaches continue. Either we’re bad at this or the game is stacked against us.

It turns out it’s the latter – there are structural reasons why security remains so elusive. We’re short staffed, up against a heavily automated group of adversaries, and our IT infrastructure is fragmenting. Mike Lloyd at RedSeal suggests that we need to find a better way to target investments in security to where they are most needed, and then integrate a single view of our ever-widening attack surface.

Read More

Key learnings, how to prepare and the next big thing in security

/by

VM Blog | January 15, 2021

The rules of the security game keep changing. We were finally getting close to perfecting the art of securing data centers and VPNs, when along came cloud, multiple cloud environments, and a pandemic forcing many of us to work remotely, disrupting all aspects of work and home life.

From a data center point of view, there was a great migration of who needed access to what, from where. Here are some thoughts of what to expect in security in 2021, some of the key lessons from the year and how businesses can prepare for the new year.

Read More

 

Security Think Tank: The year of the work-from-home hangover

/by

Computer Weekly | 4 January 2021

After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes?

Read More

How Can We Vaccinate Our Networks?

/by

Security Weekly | December 29, 2020

 

The news is flooded with updates regarding the COVID-19 vaccine.  Cyberattacks are targeting the vaccine supply chain.  Phishing attacks are exploiting sign-ups for the vaccine.  There are even attacks to get access to vaccine data.  Sounds a lot like our enterprises every day!  We’re all learning about human immunology from the headlines, but what are the equivalent defenses for our networks? How do we achieve resilience at scale, when we don’t really have a network immune system?

Read More

The List of Known SolarWinds Breach Victims Grows, as Do Attack Vectors

/by

Data Center Knowledge | December 23, 2020

 

The SolarWinds breach story continues to get worse.

The list of known victims now includes US departments of Commerce, Defense, Energy, Homeland Security, State, the Treasury, and Health.

More worrisome for those responsible for cybersecurity at enterprise data centers, however, are the technology vendors that allowed the compromised SolarWinds Orion software into their environments.

Read More

Network Middle East: The Next Big Thing in Security

/by

Network Middle East | December 2020 (Page 29)

Dr. Mike Lloyd, CTO at RedSeal, on “the next big thing in security”

We are in unprecedented times and no one can truly predict what lies ahead. What do we know is that threat actors are on the lookout for vulnerabilities and the sudden move to remote operations may have left loopholes that they can leverage. We sat down with security experts to understand how the security landscape may shape up next year.

Read More

Tool Sprawl – The Cybersecurity Challenge of 2021

/by

Solutions Review | December 14, 2020

It’s not news that the pace of change in IT is extremely fast. What’s less well-known is the downside — tool sprawl. IT teams innovate at a breakneck pace, picking up whatever innovations suit their immediate needs. Security, in contrast, must protect the old applications that are still around, plus the new ones, plus the different platforms those new applications are built on. It creates a juggling challenge – how many different technologies can your security team juggle at once? If you have too many, how do you decide which are most important and which you must drop?

Read More

7 SecOps roles and responsibilities for the modern enterprise

/by

SearchSecurity | December 7, 2020

Security operations, or SecOps, has had a direct, if increasingly challenging, mandate since the dawn of enterprise networking: detect, respond to, predict and prevent cyberattacks. But SecOps roles and responsibilities are shifting to accommodate growing interest in an offensive, rather than defensive, approach to cybersecurity. By staying ahead of threats and anticipating bad actors’ next moves, security leaders aim to thwart attacks before they happen.