Cyber Security’s Big Data Problem

/by

eSecurity Planet | Dec 3, 2014

While Big Data promises to open new horizons in all aspects of business and analytics, there is an obvious downside. The more we digitize information and the more information we gather, the more doors we potentially open for hackers.   Many experts agree that organizations will need to automate integration of Big Data.

Mike Lloyd, CTO of RedSeal, likened the cyber fight to a World War II war room with a central map table and people on telephones pulling in information to add to the map.

Read Article

US parking operator: YEP, hackers got your names, credit card numbers, secret codes…

/by

The Register | Dec 2, 2014

Point-of-Sale systems have been hacked at major US parking garage operator SP+. The breach has resulted in the exposure of customer financial information. SP+ said it had learned of the breach from the firm that handles its payment card processing. The security flap follows a plethora of Point-of-Sale system breaches in the US this year affecting Home Depot, Subway sandwich restaurants, KMart, and more. “[The] announcement by parking garage operator SP+ should warn every organisation that accepts credit card payments that they are an active target,” said Steve Hultquist, chief evangelist at network visibility vendor RedSeal.

Read Article

10 Deadliest Differences of State-Sponsored Attacks

/by

CIO Magazine | Dec 1, 2014

A state-sponsored attacker is motivated by strategic gain, not financial. They’ll keep after a company, its employees, and its business partners, until they get in. A financially-motivated criminal wants to see the biggest return on their investment, so they’ll go after the least-defended companies first. “There are certainly plenty of targets,” said Steve Hultquist, chief evangelist at Sunnyvale, Cal.-based RedSeal, Inc. “I can just go on to the next one.”

Read Article

Speeding up breach detection

/by

BankInfoSecurity | Nov 25, 2014

Organizations looking to speed up breach detection on their own, rather than relying on others, need to improve their data analytics capabilities, prioritize the type of data they want to collect and analyze, and ensure they have appropriate staff who can take the time to review the data for suspicious activity.

The main problem with breach detection is the “sheer overload” of data that an organization has to comb through to find anomalies, says Mike Lloyd, chief technology officer at RedSeal, a network security firm.

Read Article

Nearly a Billion Records Were Compromised in 2014

/by

CIO Magazine | Nov 17, 2014

In first nine months of 2014, after 1,922 confirmed incidents, criminals managed to compromise 904 million records.  “Businesses today have a maze of complex dependencies on outside service providers and suppliers. This makes a complex attack surface, and that in turn makes defenses weak. The more complex our infrastructure, the harder it is for defenders to see it all and understand its weaknesses,” commented Dr. Mike Lloyd, CTO at RedSeal.

Read Article

Microsoft’s Newest Security Flaw

/by

Government Technology Magazine | Nov 12, 2014

Better late than never.  The software company patched a security flaw affecting Windows and Office on Nov. 11 that has been sitting in plain sight for 19 years.

“It’s too early to know what the impact of this will be”, said Stephen Hultquist, chief evangelist at Redseal Networks.

Read Article

Cybersecurity Industry Experts Weigh in on Alleged Russian Breach of White House

/by

Homeland Security Today | Nov 3, 2014

Cybersecurity experts said they aren’t at all surprised hackers US officials believe work for the Russian government were able to hack into at least unclassified White House computer networks in recent weeks.

“The reconnaissance attack on the White House is a dramatic reminder of a general truth: whenever we look for any kind of attack, we find that yes, indeed, it is happening,” said Dr. Mike Lloyd, CTO at RedSeal, a provider of end-to-end network visibility and analytics to prevent cyber attacks.

Read Article

White House cyber breach one example of ‘daily’ attacks

/by

Federal Times | Oct 30, 2014

A recent breach of the White House’s unclassified network caused a minor disruption in staffers’ workflows this week as security officials moved to mitigate disruption and any loss of data.

“Whenever we look for any kind of attack, we find that yes, indeed, it is happening,” according to Mike Lloyd, CTO at cybersecurity firm RedSeal, who described the recent breach as akin to “casing the joint.”

Read Article

The White House breach

/by

Federal Computer Weekly | Oct 29, 2014

Officials acknowledged that hackers breached the White House’s unclassified computer networks in the past few weeks, and a Washington Post report says the Russian government was the likely culprit.

Mike Lloyd, chief technology officer at RedSeal, said modern malware is often designed to do as little as possible in order to avoid detection.

“Adversaries understand the value of good information, of maps and the relationship of assets,” Lloyd said. “Such information can be extracted with a minimum of fuss, unless the person being scanned is very diligent and observant.”

Read Article

PCI Compliance Under Scrutiny Following Big Data Breaches

/by

CIO Magazine | Oct 22, 2014

As details filter out about the Home Depot hack (and many, many more data breaches), you can’t help but ask: How did this happen – especially when the company was supposed to adhere to specific safety regulations or else lose its capability to process credit card transactions?

That said, PCI standards aren’t perfect against preventing fraud. Mike Lloyd, CTO of RedSeal, a security risk management solutions firm, equates it to signs in bathrooms that tell employees they must wash their hands before returning to work.

Read Article