In order to provide you with the best experience possible we might sometimes track information about you. Sometimes this may involve writing a cookie. We use this information for things like experience enrichment, analytics and targeting advertising. We recommend allowing these functions to get the most out of your experience.
OK
Tales from the Trenches: Vol 7 — You Can’t Always Get What You Want
/by Bill Burge, RedSeal Professional ServicesWhile working with a large customer with multiple, interconnected, environments; their greatest fear was that infection in one environment might cross over one environment into the others. They had purchased a managed service, which meant I was the primary RedSeal Admin. They approached me with a request and it was obvious they were having a possible “incident”. It was obvious they didn’t want to provide TOO many details, but I’ve spent enough time on both sides of these topics that I was pretty sure what I was up against.
Purdue 2.0: Exploring a New Model for IT/OT Management
/by Dave Lundgren, Senior Sales EngineerDeveloped in 1992 by Theodore J. Williams and the Purdue University Consortium, the Purdue diagram — itself a part of the Purdue Enterprise Reference Architecture (PERA) — was one of the first models used to map data flows in computer-integrated manufacturing (CIM).
By defining six layers that contain both information technology (IT) and operational (OT) technology, along with a demilitarized zone (DMZ) separating them, the Purdue diagram made it easier for companies to understand the relationship between IT and OT technologies and establish effective access controls to limit total risk.
As OT technologies have evolved to include network-enabled functions and outward-facing connections, however, it’s time for companies to prioritize a Purdue update that puts security front and center.
When Moving to the Cloud, Don’t Overlook Resources On-Premises
/by Venkat Ayyer, Technical Marketing DirectorToday’s infrastructure is complex and constantly evolving. In the cloud, security controls are implemented by developers and DevOps teams while on-premises controls are implemented by the firewall/network operations teams. These can create significant knowledge gaps, leading to unknown attack points.
Most security spending these days is focused on the cloud and treated as a silo, but you can’t afford to ignore your on-prem resources and how the two entities work together.
Tales from the Trenches: Vol 6 — Barely-Passive Aggressive
/by Bill Burge, RedSeal Professional ServicesWhile working with a global reach chip manufacturer, a new member was added to those who helped manage RedSeal. As we were reviewing some of the RedSeal findings and giving him a tour of the capabilities of the deployment, it was pretty obvious he was neither impressed nor entertained. With his history of designing, building, and managing the network; he was almost offended that some product could tell him ANYTHING that he didn’t already know about his network.
How to Navigate the Shifting Healthcare Cybersecurity Landscape
/by Bob Schultz, Sales Director, Mid-AtlanticCyberattacks and data breaches in the healthcare sector are increasing at an alarming rate, especially during the pandemic when patient communications and records moved online. Between March 2021 and February 2022, over 42,076,805 healthcare records were exposed. Businesses lose an average of $10.10 million per healthcare data breach, while lost or stolen protected health information (PHI) and personally identifiable information (PII) cost the U.S. healthcare industry billions of dollars annually.
How Secure Is Your Pharma Research Data?
/by Joe Lando, Sales Director, SoutheastThe use of big data and advanced analytics is now essential for innovation across the pharmaceutical and healthcare industries. However, working with vast amounts of data — experimental data, clinical trial data, patient data — has become a double-edged sword as organizations face immense challenges in protecting data integrity and ensuring data security in today’s digital environment.
Tales from the Trenches: Vol 5 — Octet Dyslexia
/by Bill Burge, RedSeal Professional ServicesNumbers are a tricky business and more numbers equals more tricky, and sometimes our brains see what they want to see and not what is actually there.
Tales from the Trenches: Vol 4 — Leveraging the Tools You Already Have
/by Chris Naish, Senior Sales Engineer, FederalSometimes, you just need help understanding what you already have the ability to do. Often while walking with customers along their RedSeal journeys, they’ll ask me, “Hey, what’s this Risk tab?” so to prepare them for the coming screen of boxes of different colors and sizes, I preface the conversation by saying, “This might look intimidating at first, but I promise it’s not. It will make more sense shortly.”
Tales from the Trenches: Vol 3 — Security Operations and Network Operations are always at odds. Or are they?
/by Brad Schwab, Senior Security Solutions ConsultantSecurity Operations and Network Operations could easily be at odds – one is the brakes, the other the throttle. So, yes, they usually are at odds. Everything one wants can easily create work for the other, resulting in a back-and-forth pendulum of requests. RedSeal is in the unique position to work with both SecOps and NetOps and help both realize their Operational Goals and allow visibility into outcomes beforehand so that situations like the above don’t happen. This creates a positive working relationship between the teams.
Tales from the Trenches: Vol 2 — They have access to WHAT?!
/by Nate L. Cash, Senior Director, Federal Professional Services/ Director of Information SecurityI’m always surprised at the new use-cases we come up with on site with RedSeal. There is a lot of information about a customer’s environment that allows us to answer questions pretty easily, if you know where to look. One Monday morning as I showed up to the office, before I was able to grab coffee, a SOC analyst stopped me at the door to ask me a very simple question, “We have a bunch of site-to-site VPNs with a few business partners, what can they access?”