Posts

Cyber Protection Teams – Hands On

By Aaron Gosney, RedSeal Senior Sales Engineer and Dave Lundgren, RedSeal DOD Technical Account Manager

To help Cyber Protection Teams (CPTs) understand how RedSeal helps them secure cyber terrain, we’ve developed a hands-on scenario-based workshop. We’ve held this workshop for different parts of the DOD, and, more recently for federal civilian cyber operators at CyberScoop’s DC Cyber Week.

While lots of people talk about incident response and investigation, it’s always more effective to show how important RedSeal and digital resilience can be.  We use a scenario to teach CPTs that there is a faster way, even if they don’t know that it’s possible. In fact, many attendees don’t know much about RedSeal. Even those who are aware of RedSeal typically have a limited idea of what the platform can do.

Before the workshop starts, we put a laptop in front of every participant and tell them what they’re going to experience. Attendees are excited to “drive” RedSeal in a real-world environment and avoid a dry lecture. This hands-on, non-formal format is popular and effective. It creates lots of interactive moments and good conversations among the attendees.

RedSeal in the Real World

The workshop’s mission concept is to assess, correct, and maintain the overall cybersecurity of a location that will be used by leaders of many countries gathered for sensitive discussions and negotiations.

Attendees are asked to imagine that they’re part of a team has been sent to this remote location. They’ll have to evaluate cloud, traditional, IOT, and IIOT networks. We guide each person through the process of analyzing network access and vulnerability exposure across the network, prioritizing remediation efforts, and verifying that the network is secure.

RedSeal for Network Mapping and Automation

We show attendees how, in a matter of hours, RedSeal can collect and analyze all the network and vulnerability information to create actionable intelligence. They see that attempting this process manually would be impossible given the time constraints. It would take years to manually review the millions of lines of text in the combined config files of an entire enterprise network. RedSeal automates this process and generates accurate, up-to-date network context that is essential to an effective cybersecurity program.

We also show them that RedSeal’s network topology map is not static but can be moved around and adjusted. Attendees organize all the network information into an easy and clear graphic representation of the devices and how they connect with each other. Then they can query for potential network access or vulnerability exposure.

The workshop generates a lot of discussion. We are asked for deeper information about deploying RedSeal at scale in an enterprise and for more information on our integrations with products from vendors such as Cisco, Tenable, Splunk, and ForeScout.

We get great feedback from workshop attendees.  One said, “this is one of the most realistic scenarios I’ve seen in a cybersecurity workshop.”  Another said, “I wish more vendors would do events like this.” And, a cyber analyst said, “Wow. This helped me to understand how powerful RedSeal is.”

We will continue to refine the workshop so that it continues to engage people and demonstrate what is possible with RedSeal.

Why Digital Resilience Is The Most Important Cyber Metric for 2019

Government Technology Insider  | January 19, 2019

The cybersecurity industry is not generally known for the quality of its metrics. In a field where the absence of something happening is the best possible result, it’s been hard to find a meaningful way to communicate how prepared an organization is to withstand a cyber attack, or even to tell if a cyber team is getting better at what it does.

And the Cybersecurity Survey Says…Federal Cyber Teams Share Challenges, Perspectives and Vision

Government Technology Insider  | January 16, 2019

Cybersecurity experts often like to tell the federal government what it needs to be doing better to deliver on the mission. But how often do they listen to federal government cyber teams to find out what their principal challenges are? And, moreover, how often is that insight collated, analyzed, and shared across civilian and military agencies?

To Build the Federal Government’s Digital Resilience, Focus on Integration

Government Technology Insider  | January 2, 2019

With Wayne Lloyd, RedSeal Federal CTO

As anyone who works in any government IT field can tell you one of the greatest frustrations they face is integrating their many products. Regardless of whether an agency has begun its migration to the cloud or is just operating data centers, silos undermine the potential of technology and can even compromise an agency’s ability to meet its mission.

Trade group pushes voluntary cybersecurity standard for defense contractors

The Washington Post | December 13, 2018

With Kimberly Baker, RedSeal Senior Vice President and GM Public Sector

As the U.S. military tries to ensure its military assets are as secure as possible against cyberattack, the U.S. defense industry is gathering behind a new set of standards to spot cybersecurity laggards within its own supply chain.

The Aerospace Industries Association (AIA), an Arlington-based trade association that lobbies on behalf of defense contractors, on Tuesday released a set of voluntary standards designed to help U.S. aerospace companies ensure the weapons systems they make for the U.S. military are secure from hackers.

Does Improving Cybersecurity Begin with Improving the Acquisitions Process?

Government Technology Insider | December 11, 2018

With Kimberly Baker, RedSeal Senior Vice President and GM Public Sector

The ability to secure federal data, networks, and assets is impacted by the ability of agency cyber leaders to access required technology. They need to continually respond to well-resourced adversaries that are constantly evolving the mechanisms of attack.

Because of the acquisitions process, requests to upgrade existing cyber defenses or acquire the tools that can keep pace with this constantly evolving threat environment can take months if not years. During that time – from request to approval and deployment – critical systems and data are vulnerable to a breach.

Using RedSeal to Fix Cracks in the Foundation          

Written By Nate L. Cash, RedSeal Senior Network Security Engineer

A house is only as strong as its foundation. You want to ensure that water can’t enter your foundation, or it will compromise the strength of the house. In technology that foundation is your network and hackers are the water. Like water, hackers will slowly and methodically test your foundation. As they carefully look at the perimeter of your foundation to find a place to get in, they’ll find your cracks and nooks. And, once hackers are in, they will cause damage.

RedSeal’s platform provides a good way to test and check the foundation of your network technology stack automatically. It compares your device configurations with industry best practice guidelines to ensure that your foundation is solid. Whenever you import devices, RedSeal will compare their configurations with these guidelines and flag those that need to be remediated.

When they first start this process, most of our customers feel overwhelmed by the number of devices that need remediation. This points to an easily fixable process problem. Begin by updating any centralized configuration templates for your devices. You are using one, right? If not, a centralized configuration template is a baseline. It’s a checklist to ensure that all network devices are configured with the same basic security configurations. You start here because you don’t want to keep adding devices to your network that don’t comply with industry best practices.

“The man who moves a mountain begins by carrying away small stones.”- Confucius

Next, pick out some easy wins. For example, enabling Secure Shell and disabling telnet. These have low network impact, but high security value for your organization. Knock out these configurations first. Our customers choose to run reports between analysis, so they can follow along as the number of failed devices go down and passed devices go up. Note – this is a fantastic reporting metric to use because it shows a quantifiable decrease in risk. You’re patching and fixing cracks in your foundation.

I’ve saved the best part for last — RedSeal custom checks. If you’re passionate about securing your organization, ensuring your foundation is free of cracks, then you know the manufacturer settings are a baseline. You want to move past that bar to your own hardening standards, without adding additional overhead. This is where the RedSeal custom checks excel.

A RedSeal administrator can take your hardening standards and create custom rules that align. Every time RedSeal imports a device, it will run your custom checks alongside standard guidelines. Once the definitions are in place, it’s an automatic process. It’s a low overhead and a high value add to your organization’s security posture.

When you align RedSeal with your workflow, it’s easy to see how RedSeal will automate tasks that improve your foundational security. Comparing your devices with industry secure configurations and your own hardening standards is an automated way to ensure that your foundation is free from any cracks. Without adding a lot of overhead, it gives you the tools you and your team need to make a hacker’s job much harder.

RedSeal Named Bronze Award Winner for Best Network Security Solution at the 2018 ‘ASTORS’ Homeland Security Awards

American Security Today | November 29, 2018

American Security Today (AST) has named RedSeal the Bronze Award Winner in the category of Best Network Security Solution at the 2018 ‘ASTORS’ Homeland Security Awards.

The Annual ‘ASTORS’ Awards is the preeminent U.S. Homeland Security Awards Program highlighting the most cutting-edge and forward-thinking security solutions coming onto the market today.

Building a Cyber Resilience Plan: Insights and Tactics

Government Technology Insider | November 14, 2018

With Dr. Mike Lloyd, RedSeal CTO

In part one of our discussion with Dr. Mike Lloyd of RedSeal, he shared the steps that form the basis of a cyber resilience plan so that agencies can take to limit – and recover from – the impact of a cyberattack. Continuing the discussion, Lloyd drills deeper into steps any organization can take to become more resilient. 

Cyber resilience: not just bouncing back, but a strategy for effective cyber defense

Government Technology Insider | November 8, 2018

With Dr. Mike Lloyd, RedSeal CTO

Most discussions on cybersecurity focus on prevention, but not cyber defense. But, the unfortunate reality is, some attacks will be successful no matter how well you’ve protected your networks. The question then becomes, just how quickly can you get back online and back to business?

For the Government Technology Insider podcast, we asked Dr. Mike Lloyd, Chief Technology Officer for RedSeal about how to achieve “digital resilience” – the ability to prepare for and recover from a cyber attack.