Posts

Venture Capitalist Ray Rothrock on WNPV’s AM Edition

WNPV’s AM Edition | March 1, 2019

RedSeal CEO Ray Rothrock joined Darryl Berger of Philadelphia’s WNPV for their morning drivetime program “AM Edition.” Ray discusses the evolving threats in cybersecurity, resilience in the physical and cyber world, and his book “Digital Resilience: Is Your Company Ready for the Next Cyber Threat?”

We’re All Going to Get Hacked

Harvard Business School  | February 13, 2019

In November 2014, Sony Pictures suffered a massive, high-profile data breach, with hackers breaking in and stealing everything from confidential employee data to unreleased films. And not long after, on a Saturday morning, Ray Rothrock’s cell phone rings. Rothrock (MBA 1988) is the CEO of the cybersecurity firm Red Seal, and a higher-up at Sony was looking for his help. After the breach, he told Rothrock, the company essentially hit factory reset on their entire network. The phones were down. They were doing payroll by handwritten checks. They had burned it all down. And now they needed someone to help them rebuild it.

Digital Resilience: Book Review by Mark Gorenberg

Book Review  | January 14, 2019

Mark Gorenberg, Founder, Zetta Venture Partners 

Wow. What an amazing read. I was mesmerized by the details and easily way you explained the Target breach all the way through the list of recommendations.  Really great work.

Digital Resilience: Book Review by Diana Chapman Walsh

Book Review  | January 8, 2019

By Diana Chapman Walsh, 12th President of Wellesley College

Fascinating, compelling, a beautifully-written page turner that draws the reader in immediately. I learned a whole new vocabulary—new words to convey new concepts in paragraph after paragraph—introduced elegantly and seamlessly so as not to disrupt the flow of the intriguing story you were unfolding. Concepts like “preemptive mitigation of damage” to augment existing security measures aimed at preventing breaches, which are inevitable. And that because of the “frictionless vulnerability” that accompanies the much-desired ability to communicate without friction. The difference (in time and consequence) between infiltration of the network and “exfiltration” of the data. On and on like this.

A whole fascinating world that reads more like a John Grisham novel than a technical treatise. That’s my comment on the pleasure of reading it; masterfully crafted prose and structure. Beyond that, you make an iron-clad case that (1) cybersecurity is among the most important issues of our time and (2) the digital resilience you describe is indispensable and also possible if senior leadership will educate themselves, institute the changes you advocate, and pay attention. I loved your dark energy-dark matter analogy at the opening of Chapter 7.

Digital Resilience: Book Review by Azure Yu

By Azure Yu, Titans Briefs, The University of Texas at Austin McCombs School of Business

Summary:

Cyberattacks are inevitable and costly in today’s intensively connected world. Undergoing cyberattacks will be the norm rather than the exception for all kinds of organizations, and these attacks will usually have devastating consequences. To survive in this hostile environment, companies have implemented necessary security measures such as firewalls and anti-malware, but these measures are insufficient against the inherent risks of digital networks. Greater connectivity comes with more vulnerability. Rothrock points out that C-suites must use “digital resilience” as a whole-business strategy. Digital resilience allows companies to survive attacks, contain breaches, recover, and continue to operate while under attack. Lack of digital resilience can lead to severe consequences – the 2013 Target breach was an example.

The book describes digital resilience in detail. It covers the history of networks, the technical fundamentals, and the distributed nature of the current state. It paints a vivid picture of the inevitability of a successful attack, given that over a trillion Internet of Things (IoT) devices are connected to the network and each node creates vulnerability. It provides actions business leaders can take toward achieving digital resilience. Here are the eight steps listed in the book to build deep knowledge of your data and networks:

  1. Verifying that the device configurations comply with relevant regulation and industry best practices.
  2. Modeling the network by collecting configuration and operation data of the network devices as often as necessary and without burdening the network.
  3. Visualizing end-to-end access and path details to see intended and unintended access among all parts of the network.
  4. Measuring network resilience and managing it. Rothrock explains the resilience scoring in his RedSeal system in Chapter 6.
  5. Identifying hidden areas of the network to manage risks in those areas – the “scary parts” and unknown part of the network can be significant security risks.
  6. Prioritizing vulnerability patching to allocate resources to patch the most urgent network situation.
  7. Verifying network security policy. It is essential to know if security policies are implemented properly in order to measure the real resilience of a network.
  8. Prioritizing network change control. Businesses need the capability to assess the security impact of potential or proposed changes to the network.

Cyber Security Hub: How Digitally Resilient Is Your Company?

Cyber Security Hub | November 7, 2018

Unlike the game Whack-a-Mole, where the object is to clobber a mole as it pops its head out of a hole, cyber threats are becoming more targeted and harder to whack, said Ray Rothrock, CEO of RedSeal, and author of the book, Digital Resilience: Is Your Company Ready for the Next Cyber Threat? on Monday’s episode 55 of Task Force 7 Radio. Rothrock was the guest of host George Rettas, the president and CEO of Task Force 7 Radio and Task Force 7 Technologies.

Podcast: Why Digital Resilience Is The Answer

Taskforce 7 Radio | November 5, 2018

With Ray Rothrock, Chief Executive Officer

Ray Rothrock, the CEO of Redseal and Board Member of cyber security incubator Team 8 appears on Episode #55 of Task Force 7 Radio to talk about his new book, “Digital Resilience – Is Your Company Ready for the Next Cyber Threat” and why Digital Resilience is the only way to win the Cyber Security battle we are all engaged in on a daily basis.

Resilient regulation can help end the tech-consumer stalemate

The Hill | October 21, 2018

By Ray Rothrock, RedSeal CEO

The reason for the absence of meaningful dialogue and meaningful movement is that the two sides persist in choosing the wrong adjectives. They argue over preemptive federal legislation versus state legislation. They fight over tough legislation versus soft legislation.

What they should do is discard all of these modifiers and instead embrace, together, just one type of legislation: resilientWe need privacy regulation that promotes the resilience of data privacy and security. And we need it whether we run Google and Facebook or use Google and Facebook.

DriveScale TechNow Podcast with Ray Rothrock

DriveScale TechNow Podcast | October 3, 2018

With Ray Rothrock, RedSeal CEO

In this edition of TechNow with Tom Lyon, Tom talks to Ray Rothrock, venture capitalist, nuclear engineer, cyber security expert, and current CEO of RedSeal, a firm that helps organizations quantify their digital resilience.

Cybersecurity: Duck and Cover or Stand Up and Do Business?

CEOWORLD | October 1, 2018

By Ray Rothrock, RedSeal CEO

Cybersecurity isn’t working today.  In 2016, the Ponemon Institute reported that each of the 383 companies it surveyed had a “26 percent probability of a material data breach involving ten thousand lost or stolen records” within the “next twenty-four months.” Take this beyond two years—say to the projected life of your business—and you must accept the certainty of data breach. If cybersecurity were working, that certainty would not exist.

What has gone wrong with cybersecurity?

The exponential development of digital technology has left it in the cyber dust.