Posts

What You Need to Know About CMMC Certification

Supply Chain Brain | October 7, 2020

As the Cybersecurity Maturity Model Certification (CMMC) nears full implementation, affected organizations are scurrying to ensure they’ll pass the certification process.

The goal is simple: organizations must meet minimum cybersecurity standards, and in doing so, they do their part to improve national security. The stakes are extraordinarily high for the estimated 300,000 defense industrial base (DIB) organizations which will soon need to be certified to one of the five CMMC levels to be eligible to be awarded a federal contract. Simply stated: no certification, no contract. From the perspective of the U.S. Government and the Department of Defense, the stakes have always been high since the DIB plays such a critical role in the defense of our nation. The only way to ensure the protection of our data and the integrity of the supply chain is to hold industry to a higher standard.

RedSeal Named Govies Government Security Award Winner for Two Categories in 2020

Security Today | March 18, 2020

RedSeal has been named a Platinum winner of Security Today’s Govies Government Security Award in both “Network Security” and “Security & Risk Intelligence” categories. Security Today magazine is the only integrated product and technology magazine reaching the entire security market and the awards honor outstanding government security products in a variety of categories.

How network modeling and cyber hygiene improve security odds for federal agencies

FedScoop | March 16, 2020

Agencies that have built network infrastructure over decades may not be doing enough to manage basic cyber-hygiene practices and stay ahead of modern threats, cautions a new report.

When out-of-date configuration rules lurk on networks, attackers essentially have a back door to walk into government systems. However, modern network modeling platforms, capable of integrating into existing infrastructure, can help agency IT departments identify and manage cyber risks and accelerate essential hygiene practices.

A Resilient Infrastructure for US Customs and Border Protection

The Customs and Border Protection agency recently announced an official 2020-2025 strategy to accomplish their mission to “protect the American people and facilitate trade and travel.”

The strategy comprises only three goals, one of which is to invest in technology and partnerships to confront emerging threats. This includes an IT Infrastructure that provides fast and reliable access to resilient, secure infrastructure to streamline CBP work.

So, of everything CBP wants to accomplish in the next five years, delivering a resilient, secure infrastructure is right near the top.

Both Verizon’s Data Breach Investigations Report and Crowdstrike’s Global Threat Report agree that more than 90 percent of intrusions are due to failures in basic, continuous cyber fundamentals. These include patching, ensuring network devices are deployed securely, and firewall rules and access control lists enforce the network segmentation you intended.

These cybersecurity fundamentals can be tedious and repetitive, but they are the foundation of security and beyond that, cyber resilience.

Cyber resilience has three parts:

  1. Being hard to hit
  2. Having the ability to detect immediately
  3. Responding rapidly.

RedSeal is a solution purpose built to improve and track resilience.

We give you a way to measure resilience and improve the security of your infrastructure.

RedSeal’s cyber terrain analytics platform identifies cyber defensive gaps, runs continuous virtual penetration tests to measure readiness, and helps an organization capture a map of its entire network infrastructure. The RedSeal platform delivers continuous monitoring through the collection and correlation of change, configuration assessment and vulnerability exposure information. Turning these capabilities into cyber resilience measurements gives managers, boards of directors and executive management the understandable and actionable security metrics they need to drive towards digital resilience.

Cyberattack surfaces and complexity are only expanding as all commercial, US government and DOD networks modernize and move to cloud and software defined networks (SDN). Automating the basics so organizations and departments can be digitally resilient continuously in the face of an attack has never been more necessary.

To ensure its IT infrastructure is resilient and secure as it is rolled out, the CBP needs to focus on mastering the cyber fundamentals and measuring that progress by deploying RedSeal’s cyber terrain analytics platform. Click here to learn more.

Ten Cybersecurity Fundamentals to Reduce Your Risk of Attack

Due to escalating tensions with Iran and recent cyber activity against a U.S. Government website, DHS’s Cybersecurity and Infrastructure Security Agency team has issued a bulletin warning organizations to be prepared for “cyber disruptions, suspicious emails, and network delays.” DHS recommends preparing by focusing on “cyber hygiene practices” to defend against the known tactics, techniques and procedures (TTPs) of Iran-associated threat actors.  This warning serves as another reminder that adversaries often compromise organizations through failures in assessing and implementing basic security practices.

Based on recent international activities announced by DHS, expectations of retaliation from a known adversarial nation state are more than likely to occur. This is an immediate risk to all public and private organizations in the United States. Organizations need to be able to assess their current security posture and accurately evaluate their cyber hygiene. They need to know what is on their networks, how it is all connected and the risk associated with each asset.

Whether you are hands-on-keyboard technician or an executive responsible for securing your organization, here are ten cybersecurity fundamentals you can implement.

  1. Identify critical data and where it is housed
  2. Know what assets – physical and virtual – are on your network
  3. Harden your network devices, making sure they are securely configured
  4. Review your endpoint data sources to make sure you have full coverage of all endpoints on your network
  5. Ensure that your vulnerability scanner is scanning every subnet
  6. Factor in accessibility to prioritize your highest-risk vulnerabilities and hosts
  7. Make sure only approved or authorized access is allowed, including any third-party access.
  8. Validate that all network traffic goes through your security stack(s)
  9. Identify unnecessary ports and protocols
  10. Identify rules on your network gear to determine if they are valid and applied appropriately

By focusing on cybersecurity fundamentals, RedSeal helps government agencies and Global 2000 companies measurably reduce their cyber risk. With our cyber terrain analytics platform and professional services, enterprises improve their resilience to security events by understanding what’s on their networks and how it’s all connected.

RedSeal verifies that network devices are securely configured; validates network segmentation policies; and continuously monitors compliance with policies and regulations. It also prioritizes mitigation based on each vulnerability’s associated risk.

We are proud to be trusted as the central cybersecurity platform in our customers’ defense-in-depth strategy.

CDM Experts: Data Collection, Classification, Analysis Are Keys

Recently, RedSeal Federal CTO Wayne Lloyd was asked to participate in a panel organized by Meritalk on the federal government’s Continuous Diagnostics and Mitigation (CDM) program.

Wayne was joined by CDM experts from Veritas and Splunk. All offered candid assessments of the importance of data classification and collection as the CDM program moves to incorporate a more robust integrated system of dashboards.

Wayne said it was important for organizations to thoroughly understand what their data environments look like. Once they do, data classification becomes easier.

“At RedSeal we help customers model their networks so they can understand what IP space they have and where the data may be residing,” he said. But all of these deployments reveal that the organization “doesn’t know their entire network,” he added.

On the subject of data classification and protection, David Bailey, senior director of U.S. public sector technical sales at Veritas said, “Mission critical data containing patient information for a hospital or the VA should be in tiered storage with the best, maybe multiple, forms of protection, with lots of role-based access controls.” He added that sometimes understanding what data needs to be protected the most is the most important priority.

Adilson Jardim, area vice president for public sector sales engineering at Splunk, said there should be an emphasis on the “continuous” part of CDM, and that it shouldn’t “be a program that ends in five years.”

Click here to read more: https://www.meritalk.com/articles/cdm-experts-data-collection-classification-analysis-are-keys/

To learn more about how RedSeal supports the DHS CDM program, visit “RedSeal and DHS CDM DEFEND

 — Lauren Stauffer, Sr. Director, Market Development

Podcast: How network modeling helps operations and security teams mitigate risk

CyberScoop Radio | June 17, 2019

RedSeal Named GSN HSA Platinum Winners In Two Categories

Government Security News | April 4, 2019

We are pleased to announce that RedSeal has been named the 2018 Homeland Security Awards Platinum winner for both Best Cyber Operational Risk Intelligence and Best Compliance/Vulnerability Assessment by Government Security News Magazine. Judging in this category is based on a combination of client organization, technological innovation or improvement, filling a recognized government IT security need and flexibility of a solution to meet current and future organizational needs.

The Importance of Speed in Incident Response


 

By RedSeal Federal CTO Wayne Lloyd

Have you seen CrowdStrike’s “Global Threat Report: Adversary Tradecraft and The Importance of Speed”?

Just released at RSA Conference 2019 this year, the key takeaway is that nation states and criminal organizations are increasing both the speed and sophistication of their cyber tactics. This isn’t a surprise, but the report presents more detail on just how little time we have.

CrowdStrike defines “breakout time” as “the window of time from when an adversary first compromises an endpoint machine, to when they begin moving laterally across your network.”

The report shows a more granular examination of breakout time by clocking the increasing average speed of major nation state actors, including the breakout speeds of Russia, China, North Korea, Iran, and others.

So what can you do?

According to the report, basic hygiene is still the most important first step in defending against these adversaries — including user awareness, vulnerability and patch management and multi-factor authentication.

The CrowdStrike report continues:

With breakout time measured in hours, CrowdStrike recommends that organizations pursue the ‘1-10-60 rule’ in order to effectively combat sophisticated cyberthreats:

  • Detect intrusions in under one minute
  • Perform a full investigation in under 10 minutes
  • Eradicate the adversary from the environment in under 60 minutes

Organizations that meet this 1-10-60 benchmark are much more likely to eradicate the adversary before the attack spreads out from its initial entry point, minimizing impact and further escalation. Meeting this challenge requires investment in deep visibility, as well as automated analysis and remediation tools across the enterprise, reducing friction and enabling responders to understand threats and take fast, decisive action.

RedSeal and the 1-10-60 Benchmark

A RedSeal model of your network – across on-premise, cloud and virtual environments — gives you the detail you need to quickly accelerate network incident investigation. You’ll be able to quickly locate a compromised device, determine which assets bad actors can reach from there – and get information to stop them. Since RedSeal’s model includes all possible access paths, you’ll see specific paths the network attacker could take to valuable assets. And, you’ll get specific containment options so you can decide what action to take — from increasing monitoring, to placing honey pots, to changing firewall rules, to simply unplugging the device — decreasing your network incident response time.

Network security incident response that used to take hours, if not days, to determine becomes available immediately.

Click here to learn more about RedSeal’s support of incident response teams and how it will improve your agency’s digital resilience.

By working together, our government can provide a unified front in the face of an evolving threat landscape

Nexgov | March 8, 2019

By RedSeal Federal CTO Wayne Lloyd

During the recent State of the Union address, President Trump spoke of many threats that face our nation, however, he missed a big one. Cyberattacks from China, Russia, Iran, other nation-state actors and cyber criminals alike are on the rise and have the potential to impact industry, our economy and the government functions many rely on. Cybersecurity is a growing part of our national security and the federal government must take steps to improve our preparedness and response times.