Posts

Pets vs cattle: How to get cloud and DevOps security right

ITProPortal | September 25, 2020

A look at security, both on-premise and in the cloud.

By Dr. Mike Lloyd

In a world as nebulous as cloud computing and DevOps, analogies can sometimes help us to think more clearly. The idea of “pets versus cattle” was first used nearly a decade ago to help delineate the difference between traditional on-premises IT and the cloud, and has become a firm favorite in the DevOps community ever since. But there are also lessons here for cybersecurity teams, as long as they’re able to see through the limits of the analogy and understand where the main challenges are.

Don’t believe the hype: AI is no silver bullet

Computer Weekly | August 7, 2020

We want to believe AI will revolutionise cyber security, and we’re not necessarily wrong, but it’s time for a reality check

Chief information security officers (CISOs) looking for new security partners must therefore be pragmatic when assessing what’s out there. AI is helpful, in limited use cases, to take the strain off stretched security teams, but its algorithms still have great difficulty recognising unknown attacks. It’s time for a reality check.

3 Ways Social Distancing Can Strengthen your Network

Dark Reading | July 31, 2020

Security teams can learn a lot from the current pandemic to make modern hybrid business networks stronger and more resilient. Here’s how.

We all know the role social distancing plays in combating COVID-19. Most people also understand why this is our primary line of defense; it’s about slowing down the progress of the disease to prevent our healthcare defenders from being overwhelmed. Today’s network security teams live in a similar shifting landscape and need to apply these same ideas to avoid getting overwhelmed. Here are three tactics to help “social distance” your network.

Tactic 1: Focus on Flare-ups

Protect Your Business And Your Remote Staff From Hackers With These 16 Strategies

Forbes Technology Council |  July 7, 2020

9. Double-check remote access.

It’s time to double-check the security of your remote access. The rapid shift to working from home meant fast-paced change with intense pressure to get things working immediately. This is a perfect recipe for new security gaps and oversights. Map your network and make sure you’ve only opened up the access you wanted and nothing more. – Mike LloydRedSeal

13 Things Tech Leaders Need To Do To Prepare For Decentralization

Forbes Technology Council |  June 30, 2020

3. Remain in control with automation.

“Decentralized” should not mean “out of control.” You still need controls between your crown jewels and your users (both wanted and unexpected). The old medieval castle model didn’t work, but this means there are more perimeters everywhere now. You need automation to keep up and verify you’re only allowing the right access. You’re the mayor of a digital city, not the guard of a stone fort. – Mike LloydRedSeal

The Security Interviews: What CISOs can learn from Covid-19

Computer Weekly |  June 30, 2020

Mike Lloyd, CTO at Redseal, holds 21 cyber security patents and a PhD in stochastic epidemic modelling from Heriot-Watt University in Edinburgh, so is probably the man to talk to when it comes to cyber security in the world of Covid-19.

More than three months into the global Covid-19 coronavirus pandemic, we have all become familiar with the advice on how not to catch this mysterious and horrible disease, which some people seem to be able to shake off with ease, but for thousands of other survivors now appears to have life-changing consequences.

Digital Preparedness for Health Care

Health Tech Digital | June 23, 2020

Being prepared for the unknown is as important to the digital side of healthcare as it is to the medical side. Both require knowing your resources, preparing for likely scenarios and following good hygiene practices for advanced planning, health maintenance, and rapid intervention. There are established protocols in medicine and for digital infrastructure. The Center for Internet Security (CIS) publishes Critical Security Controls, which serve as a widely agreed upon set of solid, proven approaches to cyber readiness.

These start at the most basic level – understanding your inventory.

COVID-19 + Cybersecurity: Parallels and Lessons from a Pandemic

Nuclear Threat Initiative |  June 17, 2020

The following is a conversation between Dr. Mike Lloyd, an epidemiologist-turned-Chief Technology Officer of RedSeal, and Ray Rothrock, member of the NTI Board of Directors and its Science and Technology Advisory Group, and author of “Digital Resilience: Is Your Company Ready for the Next Cyber Threat.”

Ray: Mike, you’re a rare guy: you have both a PhD in epidemic modeling, and a long career in cybersecurity. Now both of your careers are relevant. Does this pandemic have anything to teach cybersecurity and technology?

What is the safest way to buy online?

Credit Donkey |  June 8, 2020

“Never re-use a password when shopping online from new sites. It’s practically impossible to remember all your passwords, but it’s really important to make sure a data breach on one store doesn’t affect your other accounts, so this is why it’s important to use some kind of password manager. I know I can’t remember all my passwords – I have to use software to do it for me,” said Mike Lloyd, RedSeal CTO.

AI is a double-edged sword for cybersecurity firms

San Francisco Business Times |  May 19, 2020

The world of cybersecurity is a war between cybercriminals attacking company computers and the protective measures installed by security companies. And fighting on both sides of this battle is artificial intelligence.

“Current AI mechanisms (machine learning and deep learning) are good at spotting patterns that they have been trained to recognize, but are bad at novel patterns, despite vendor claims, and are hopeless at generalizing or finding root causes,” said Mike Lloyd, CTO of RedSeal.