Tag Archive for: Wayne Lloyd

Simplifying and Securing Hybrid Clouds

GovLoop | October 26, 2021

President Joe Biden’s executive order (EO) on cybersecurity suggests the cloud will play a pivotal role in the federal government’s future; it urges agencies to maximize the technology’s flexibility and scalability rapidly and securely.

But what can happen if agencies embrace the cloud too rapidly? The answer is haphazard and insecure IT environments. These environments often occur when agencies combine on-premises and cloud-based IT in a hybrid model.

Cyber Readiness Pillars and RedSeal

Cybersecurity readiness is an excellent tool that has the ability to provide you with the right services. It has the ability for identifying, preventing and responding to cyber threats. This tool is required by organizations all over the world, and organizations that lack this strategy are prone to more cybersecurity threats.

The Cybersecurity and Infrastructure Security Agency (CISA) suggested and developed the Cyber Essentials for small businesses. Along with these businesses, the local government leaders are also provided with ideas on how to successfully make an actionable understanding of how to implement organizational cybersecurity practices.

CISA leaders offered a detailed awareness of how the pillars of Cyber Essentials are important. Building a corporate culture is required for cybersecurity and the organization which fails to do so faces cyber-attacks. During a webinar with the U.S. Chamber of Commerce on June 29, CISA provided a starting point for better flexibility considering cyber readiness.

“From human resources to marketing to sales and procurement, it is almost guaranteed that you rely on one or more digital platforms to facilitate the success of your business operations. The Cyber Essentials are a series of tools and practices that we have assembled to provide what we consider to be the basics of cyber organizational readiness,” Trent Frazier, deputy assistant director of the Stakeholder Engagement Division at CISA, said.

Every team requires to have a safe cybersecurity practice. If you don’t have a holistic approach towards it, then, you are one organization that is in danger. Great help from the global leader is what you require in this case. RedSeal is a company that you can depend on for sophisticated cybersecurity.

RedSeal as a force multiplier for every other security device within a network is indulged in cybersecurity. If you have short of skilled cybersecurity personnel, then, don’t forget to connect with us.

The 6 Pillars of Cyber Readiness 

Creation of Cyber Readiness Culture 

Pillar One 

Pillar one of cyber readiness is leadership. The leaders are always the backbone of an organization and a great help in maintaining the business culture.

That is why it is suggested that the leaders shouldn’t forget to keep the essential cybersecurity in mind. The leaders should not overlook the essential investment required in cybersecurity. They should also determine how much work is dependent on IT and have a trusted relationship with the sector partners and government agencies. It is required to have a trusted relationship so that the cyber threat information can get easily accessed.

Pillar Two

The second pillar of cyber readiness is the staff. The people associated with the organization’s system are an essential part of this readiness. This element’s task is developing awareness and alert about cybersecurity.

Systems and Data Environment in Cyber Readiness 

Pillar Three

The third pillar consists of systems and leaders being taught and trained on what is present in their network. Also, they are offered knowledge on how to maintain hardware and software assets inventories. It will help them in letting them know what is there and what things are at risk because of the attack.

Pillar Four 

The fourth pillar advises the leaders to have knowledge on:

  • The network
  • Maintenance of inventories of network connects including user accounts and vendors
  • Multiple-factor authentication for every user, starting with those who have privileged, administrative, and remote access

Pillar Five

The fifth pillar of cyber readiness is the data, intellectual property along with another delicate information present within the organization. In this case, the leaders and staff get tasked with learning how the data can get protected.

Respond to and Recover from a Crisis 

Pillar Six

Crisis response is the sixth and last pillar in the Cyber Essentials. It focuses on restricting the damage and rushing restoration of the normal operations after a cyber-attack.

The Cyber Essentials have given the authority and tasked leaders for the development of an incident response along with a disaster recovery plan. This plan should outline the roles and responsibilities and should get tested often for cybersecurity needs.

Leaders should know and be aware of the cybersecurity of the organization. Their assessment will influence the business impact as well. Also, the leaders should have proper security on which systems should be recovered at the earliest.

As a leader, the person should be well aware of who to call for help if they don’t have sufficient staff for it. Learn who should be the people that you should call for help first. These can include outside partners, government, technical advisors, and law enforcement.

If by any chance you are looking for cybersecurity services, then, our platform is the one. We offer the following cybersecurity services.

RedSeal Service Offerings 

  • Cloud Cyber Inventory Assessment
  • Cyber Visibility Assessment
  • Health Check Service
  • Secure Remote Work Assessment
  • Managed Service
  • Cyber Cloud Access Assessment

Our professional services are the solution to all your cybersecurity answers. We work as a team and offer skilled and trained cybersecurity personnel. Along with them, we offer cybersecurity products that make your investment more valued.

The Bottom Line 

Organizations need a cybersecurity strategy to protect both infrastructure and customer data from growing cybersecurity threats. The Cybersecurity and Infrastructure Security Agency (CISA) developed the Cyber Essentials as a guide for small businesses and local government leaders to develop an actionable understanding of where to start implementing organizational cybersecurity practices.

Behind the Firewall: 5 security leaders share incident response plans

Cybersecurity Dive | July 30, 2021

First, it’s good you have a plan to begin with. But have you tested it?

That is, have you gathered all your stakeholders, from the C-suite to the trenches, and run through your plan? And testing it once is not good enough. Your teams and networks are constantly changing, so your plan should evolve as well with time.

When an incident occurs, that is not the time to find out if your plan works. Testing turns up simple things, like having the ability to use outside communication mechanisms. If your system gets locked down by ransomware there is a good chance your address book in Outlook will be inaccessible.

Part of testing is also getting to know your network by modeling it and examining how it’s all connected. Having a continuously updated model of your network greatly speeds up your response time.

DOD’s Forecast Post-JEDI: Multi-Cloud with a Chance of Peril

NexGov | July 20, 2021

The Pentagon’s abandonment of the Joint Enterprise Defense Infrastructure, or JEDI, contract was an anticlimactic demise for the once visionary single-cloud network.

…the protracted legal battle pushed JEDI past viability. While the cloud titans fought for their slice of the pie, other actors within the federal government, most significantly the intelligence community, transitioned to a multi-cloud network. As a result, the decision to retire JEDI is best seen as an inevitable step toward DOD’s multi-vendor destiny.

EO Gives Momentum to Federal Cloud Movement

Communications Daily | May 27, 2021

President Joe Biden’s cybersecurity executive order will boost the federal government’s reliance on cloud services and information sharing, experts told us. The EO directs federal civilian agencies to “accelerate movement to secure cloud services,” including software as a service (SaaS), infrastructure as a service (IaaS) and platform as a service (PaaS).

“That’s really the best way for the government” to secure data, said RedSeal Federal Chief Technology Officer Wayne Lloyd. He expects the EO to drag agencies “kicking and screaming” into the cloud: “It’s something that’s long overdue,” from which the commercial sector has long seen the benefits.

After pipeline attack, former DHS cyber leader says ‘stop with the half measures’; security pros urge action in infrastructure bill

Inside Cybersecurity | May 11, 2021

“The President’s new infrastructure plan must incorporate cybersecurity or the new ports, electrical grids and rail systems it proposes will become a bonanza for hackers looking to exploit supply chains along with critical infrastructure,” said Wayne Lloyd, CTO of Federal at RedSeal.

“We live in a digitized world, and the facilities that would be constructed will add to the complexity of the critical infrastructure networks and further expose unintended access points,” Lloyd said. “These networks are increasingly exceeding the ability of humans to fully account for, making it essential that the White House secures the infrastructure by mandating compliance with existing NIST frameworks for the IT & OT systems and funding for technologies that can help automate and monitor the state of compliance for things such as network segmentation, or we’re going to experience another breach on the scale of SolarWinds.”

What You Need to Know About CMMC Certification

MSSP Alert | April 15, 2021

As the Cybersecurity Maturity Model Certification (CMMC) nears full implementation, affected organizations are scurrying to ensure they’ll pass the certification process.

The goal is simple: organizations must meet minimum cybersecurity standards, and in doing so, they do their part to improve national security. The stakes are extraordinarily high for the estimated 300,000 defense industrial base (DIB) organizations which will soon need to be certified to one of the five CMMC levels to be eligible to be awarded a federal contract. Simply stated: no certification, no contract. From the perspective of the U.S. Government and the Department of Defense, the stakes have always been high since the DIB plays such a critical role in the defense of our nation. The only way to ensure the protection of our data and the integrity of the supply chain is to hold industry to a higher standard.

What You Need to Know About CMMC Certification

Supply Chain Brain | October 7, 2020

As the Cybersecurity Maturity Model Certification (CMMC) nears full implementation, affected organizations are scurrying to ensure they’ll pass the certification process.

The goal is simple: organizations must meet minimum cybersecurity standards, and in doing so, they do their part to improve national security. The stakes are extraordinarily high for the estimated 300,000 defense industrial base (DIB) organizations which will soon need to be certified to one of the five CMMC levels to be eligible to be awarded a federal contract. Simply stated: no certification, no contract. From the perspective of the U.S. Government and the Department of Defense, the stakes have always been high since the DIB plays such a critical role in the defense of our nation. The only way to ensure the protection of our data and the integrity of the supply chain is to hold industry to a higher standard.

Supporting the DoD’s Defend Forward Initiative

 

What is Defend Forward?

The DoD’s Defend Forward operational concept has been rolling out over the past few years. Policy makers and cyber defenders in government realized that, as the situation in Afghanistan led directly to the rise of Al-Qaeda and the 9-11 attacks, the situation in cyberspace was going to lead to crippling cyber-attack of similar power.

However, unlike Afghanistan, where a power vacuum was created by the withdrawal of the Soviet Union, the Internet was designed from the outset to be open. By design, there are no police; no organization with the authority with the power to punish bad actors. The cavalry are stuck in the fort.

Something had to change.

Cyber Protection Teams (CPTs) working at the Department of Defense (DOD) were restricted to preparing for and responding to attacks on their own network. Hacktivists, cyber criminals, and nation state adversaries were not restricted in the same way. This unequal playing field was addressed by removing the restriction on CPTs and allowing them to operate, if asked, in the networks of foreign countries. This new operational concept is called Defend Forward.

The goal of Defend Forward is to move out into cyberspace and inflict costs on bad actors, especially other nation states. As most adversary cyber teams tend to use and reuse the same tactics, techniques, and procedures (TTPs), finding malware on foreign networks and publicizing it forces those cyber attackers to create new methods. This takes time, effort and money. By shining a light on these playbooks, friendly nations, other parts of government and civilians will know what to look for, further disrupting cyber attacked operations. Lastly, this serves as a signal to enemies that we know about their procedures and puts them on the defensive.

 

How Do We Protect the Base?

While Defending Forward is off to a promising start, it is only a part of the ongoing cyber war. A “whole – nation” effort is needed –involving both government and industry. Only 10% of the critical infrastructure networks in the U.S. are controlled by our government. Industry needs to do its part and protect the home base.

We need to know our networks better than the attackers do. We need to make sure our networks are set up securely as we intended. We need to find and mitigate the highest risk issues first. Our complex networks make this very hard to do without technical support.

RedSeal’s cyber terrain analytics platform and professional services help all organizations improve their resilience to security events by understanding what’s on their networks, how it’s all connected, and the associated risk. RedSeal verifies that network devices are securely configured; validates network segmentation policies; and continuously monitors compliance with policies and regulations. RedSeal continually checks to see if a network’s segmentation is working as designed, ranks end point vulnerabilities in order of risk, and adds knowledge of your network to determine how accessible the vulnerability is to untrusted networks and what it will expose if compromised.

Click here to view the webinar titled, “Defend Forward, But Protect Your Base” with Wayne Lloyd, RedSeal Federal CTO and Mike Lloyd, RedSeal CTO.

Contact us for more information about how RedSeal can help you support our cyber protection teams.

‘Red Teams’ Need to Deliver Context — Let’s Help Them

Working on a Red Team is frustrating. I know, I was on one.

Red Teams work hard penetrating systems, gathering data and presenting findings to senior management only to get strongly dismissive responses- “So what?” This is frequently followed by an order to not to share detailed information with the Defensive Cyber Operations (DCO) teams defending the network. Sometimes the reason is obvious. Sometimes not.

I came to realize that the underlying problem is that the findings don’t include enough information to make an impact on a culture of inertia that comes with the cybersecurity world. I have actually had executive leaders tell me they would lose plausible deniability.

This obviously sub-optimal situation hasn’t changed since my time serving on a Red Team.

The DOD Office of Inspector General just released a new report, “Followup Audit on Corrective Actions Taken by DoD Components in Response to DoD Cyber Red Team-Identified Vulnerabilities and Additional Challenges Facing DoD Cyber Red Team Missions.

This was a check up on the earlier report “Better Reporting and Certification Processes Can Improve Red Teams’ Effectiveness,”  a more easily understandable title.

They investigated three areas to see what had changed in eight years.

  • Did DoD Cyber Red Teams support operational testing and combatant command exercises?
  • Were corrective actions being taken to address DoD Cyber Red Team findings?
  • Did the assessed risks affect the ability of DoD Cyber Red Teams to support DoD missions and priorities?

The results? In a word: No.

The data generated by Red Teams and the teams conducting Defensive Cyber Operations is still not being shared. Worse, even with better procedures, part of the problem is that both the results and the analysis of the results of penetration testing and vulnerability management functions are superficial.

They don’t pass the “so what” test.

But, Red Teams can’t do their job well unless they have an accurate map of the cyber terrain to put information into a larger context. This context is more important for reducing the risk to missions.

Unique in the industry, RedSeal can model and evaluate Layers 2, 3, 4 and now 7 — application-based policies. And, it includes endpoint information from multiple sources.

If both Red Teams and the DCO teams tasked with defending the cyber battlespace can easily analyze 3-4 layers of complex attack depth to connect vulnerabilities exposed to the Internet with pivots and attack paths buried deep in a network’s hybrid infrastructure, their recommendations will be seen as worthy of immediate attention. This will lower the risk to mission in a real way.

Maybe then, senior management will listen, the process will radically improve, and the DOD Inspector General will not have to write a report saying nothing has changed in seven years.

For more information, click here to speak with a RedSeal government cyber expert.