Taskforce 7 Radio | November 5, 2018
With Ray Rothrock, Chief Executive Officer
Ray Rothrock, the CEO of Redseal and Board Member of cyber security incubator Team 8 appears on Episode #55 of Task Force 7 Radio to talk about his new book, “Digital Resilience – Is Your Company Ready for the Next Cyber Threat” and why Digital Resilience is the only way to win the Cyber Security battle we are all engaged in on a daily basis.
ITSP Magazine | October 25, 2018
By Wayne Lloyd, RedSeal Federal CTO
After both the first and second Gulf wars, nation states such as North Korea, Iran, China and others came to the same conclusion: under no circumstances get into a shooting war with the United States military. The sole superpower in the world had a military so advanced and superior on the battlefield it left little doubt about the outcome.
The Hill | October 21, 2018
By Ray Rothrock, RedSeal CEO
The reason for the absence of meaningful dialogue and meaningful movement is that the two sides persist in choosing the wrong adjectives. They argue over preemptive federal legislation versus state legislation. They fight over tough legislation versus soft legislation.
What they should do is discard all of these modifiers and instead embrace, together, just one type of legislation: resilient. We need privacy regulation that promotes the resilience of data privacy and security. And we need it whether we run Google and Facebook or use Google and Facebook.
Dark Reading | October 16, 2018
Media, telecom, and technology firms are far more likely to experience a data breach in the near future than organizations in sectors including energy, construction, and transportation.
A score “taken from the outside looking in is similar to rating the fire risk to a building based on a photograph from across the street,” says Mike Lloyd, CTO of RedSeal. “You can, of course, establish some important things about the quality of a building from a photograph, but it’s no substitute for really being able to inspect it from the inside.”
DriveScale TechNow Podcast | October 3, 2018
With Ray Rothrock, RedSeal CEO
In this edition of TechNow with Tom Lyon, Tom talks to Ray Rothrock, venture capitalist, nuclear engineer, cyber security expert, and current CEO of RedSeal, a firm that helps organizations quantify their digital resilience.
CEOWORLD | October 1, 2018
By Ray Rothrock, RedSeal CEO
Cybersecurity isn’t working today. In 2016, the Ponemon Institute reported that each of the 383 companies it surveyed had a “26 percent probability of a material data breach involving ten thousand lost or stolen records” within the “next twenty-four months.” Take this beyond two years—say to the projected life of your business—and you must accept the certainty of data breach. If cybersecurity were working, that certainty would not exist.
What has gone wrong with cybersecurity?
The exponential development of digital technology has left it in the cyber dust.
CSO Online | September 4, 2018
So, what does a digitally resistant organization look like? In a recent column, Ray Rothrock, a CEO who has written a book on Digital Resilience, says: “Instead of cowering behind a wall and hoping for the best, those who lead digitally resilient businesses ensure that they know the strengths, weaknesses, gaps and vulnerabilities of their networks.”
Chief Executive | September 3, 2018
By Ray Rothrock, RedSeal CEO
The security advisory firm Herjavec Group reports that cybercrime damages are set to cost businesses $6 trillion annually by 2021, with cybersecurity spending topping $1 trillion from 2017 to 2021. A trillion here, a trillion there … pretty soon you’re talking real money — more than enough to acknowledge that managing an organization’s cyber risk has truly become a CEO and Board-level responsibility.
It is essential today that enterprises build digital resilience into their business plans—and do so deep and wide.
Tip #1: Understand the difference between digital security and digital resilience.
Sarder TV | August 24, 2018
With Ray Rothrock, RedSeal CEO
Ray Rothrock is a venture capitalist and former partner at Venrock, he has invested primarily in the industries of infosecurity and energy. Rothrock is currently the CEO of RedSeal Inc. and serves on the board of directors of several other companies, as well as the board for the Northern California chapter of NACD.
We sit down for a full video interview to discuss cyber attacks, their impact on business and his journey to success.
The drumbeat of media coverage of new breaches continues, but it’s useful sometimes to look back at where we’ve been. Each scary report of so many millions of records lost can be overwhelming. It certainly shows that our network defenses are weak, and that attackers are very effective. This is why digital resilience is key – perfect protection is not possible. But each breach takes a long time to triage, to investigate, and ultimately to clean up; a lot of this work happens outside the media spotlight, but adds a lot to our sense of what breaches really cost.
Today’s news includes a settlement figure from the Anthem breach from back in 2015 – a final figure of $115 million. But is that a lot or a little? If you had to pay it yourself, it’s a lot, but if you’re the CFO of Anthem, now how does that look? It’s hard to take in figures like these. So one useful way to look at it is how much that represents per person affected.
Anthem lost 79 million records, and the settlement total is $115 million. This means the legally required payout comes out just a little over a dollar per person – $1.46 to be exact.
That may not sound like a lot. If someone stole your data, would you estimate your loss to be a bit less than a plain black coffee at Starbucks?
Of course, this figure is only addressing one part of the costs that Anthem faced – it doesn’t include their investigation costs, reputation damage, or anything along those lines. It only represents the considered opinion of the court on a reasonable settlement of something over 100 separate lawsuits.
We can also look at this over time, or over major news-worthy breaches. Interestingly, it turns out that the value of your data is going up, and may soon exceed the price of a cup of joe. Home Depot lost 52 million records, and paid over $27 million, at a rate of 52 cents per person. Before that, Target suffered a major breach, and paid out $41 million (over multiple judgements) to around 110 million people, or about 37 cents each. In a graph, that looks like this:
Note the escalating price per affected customer. This is pretty startling, as a message to the CFO. Take your number of customers, multiply by $1.50, and see how that looks. Reasonably, we can expect the $1.50 to go up. Imagine having to buy a Grande Latte for every one of your customers, or patients that you keep records on, or marketing contacts that you track. The price tag goes up fast!