Data explosion offers challenges, opportunities to security pros

CSO | Jul 17, 2015

“Lots of mysterious black-box technologies are offered for this,” said Mike Lloyd, CTO at security analytics company RedSeal. They include genetic algorithms, machine learning, and artificial intelligence.

Nine Zoos Nationwide Suffer Point-of-Sale Breaches

eSecurity Planet | Jul 9, 2015

Steve Hultquist, chief evangelist at RedSeal, told eSecurity Planet by email that the SSA breach should serve as a reminder that organizations of every type are under attack. “The traditional defenses against attack are obviously insufficient, given the every-increasing number of breaches,” he said.

Hacking Team hacker identity linked to Gamma International attack

SC Magazine | Jul 7, 2015

Dr. Mike Lloyd, CTO at RedSeal said: “The great majority of breaches track back to basic, well-known issues that are obvious in hindsight, when filtered out from the vast amount of signal on what might go wrong. As an industry, we know a great deal about what to do to make solid defenses, but in practice, we build weak structures filled with gaps.”

Trump Hotels Payment Card System Hacked, Customer Data at Risk

Newsfactor | Jul 2, 2015

“The subtlety and length of the breaches that are publicly disclosed indicate the underlying goals to be moving away from ‘smash and grab’ of credit card number thefts towards more systemic damage, possible by simply waiting for information and continuing to probe for more content,” Steve Hultquist, chief evangelist, RedSeal, a security analytics company, told us.

C-Suite Execs Both Confident, And Confused, About Strategic Cyber Defense

Homeland Security Today | Jun 24, 2015

“It’s remarkable how many executives say their networks are secure—until we drill down into the issue, and it becomes obvious not only that there are vulnerabilities, but also that many organizations have no idea where those weak spots are,” said Ray Rothrock, chairman and CEO of RedSeal.

Regulators Monitoring Cybersecurity Preparedness

Bloomberg Vault | Jun 22, 2015

These high-profile cyber attacks demonstrate how vulnerable businesses and their customers are to hackers. “The ever-increasing complexity of networks, systems and data open every organization to vulnerability that is invisible,” said Ray Rothrock, chief executive officer of security analytics firm RedSeal, in an emailed comment.

Confusion, Lack of Visibility Plague Security Policy

info security | Jun 15, 2015

A study from security analytics company RedSeal of C-level CEOs, CIOs and CISOs/CSOs found that, after digging a little deeper, less than a third of all respondents, 32%, claim they have full visibility into their global network.

Survey Roundup: Execs Lack Visibility in IT Security

The Wall Street Journal | Jun 12, 2015

A survey of 350 C-suite executives by cybersecurity analytics company RedSeal found while 60% of respondents said they could “beyond a reasonable doubt” assure their boards the company was secure, 86% said there were gaps in their ability to see and understand all that was happening inside their networks. The report found 29% said they “know for a fact” their network is presently being attacked.

Execs Oblivious to Security Threats: Survey

CreditUnionTimes | Jun 11, 2015

Ray Rothrock, chairman and CEO of RedSeal, said. “This is exactly why corporations get breached so often even though they’ve invested in excellent security products.”

RedSeal Survey Uncovers Both Confidence and Confusion Regarding Strategic Defenses Needed for Network Security

While most C-Level executives are sure their infrastructure is safe, many more admit that better security will only come with enhanced visibility into the network

SUNNYVALE, Calif. — June 9, 2015 — RedSeal (redseal.co), the cybersecurity analytics company, today unveiled the findings of a comprehensive study that uncovers a high level of confusion regarding security issues in the network infrastructure. Nearly 60% of the 350 C-level executives surveyed believe they can “truthfully assure the board beyond a reasonable doubt” that their organization is secure, a surprising show of confidence in an environment where many reports reveal a high incidence of network breaches in up to 97% of all companies. The RedSeal study highlights one major reason for this disconnect: Less than a third of all respondents, 32%, claim they have full visibility into their global network.

In perhaps the most striking finding, a staggering 86% of the respondents acknowledge gaps in their ability to see and understand what’s really happening inside the network. At the same time, 79% admit that it’s impossible to effectively secure what can’t be seen and understood. When asked if they “know for a fact that their network is currently under attack by hackers,” 29% said yes. That leaves open the question of what the remaining 71% actually know regarding current threats. “It’s remarkable how many executives say their networks are secure—until we drill down into the issue, and it becomes obvious not only that there are vulnerabilities, but also that many organizations have no idea where those weak spots are,” said Ray Rothrock, chairman and CEO of RedSeal. “This is exactly why corporations get breached so often even though they’ve invested in excellent security products. Security is a strategic, top-level issue, and it needs to be treated as such by the entire organization. The network is the business.”

The RedSeal research also reveals a lack of understanding about what strategic security actually entails. Almost half the executives assert that security is strategic to their businesses, yet almost three-quarters, 72%, say that security products (anti-virus, firewalls, monitoring, etc.) are necessary but not strategic to their business. Meanwhile, fully 84% agree that intra-company siloes (separate groups for security and networking operations) and inter-product siloes (disparate products, technologies, reporting) create wide gaps that prevent a truly secure environment. Those are the very concerns that could be overcome with a more strategic approach.

The study’s findings make clear that to ensure optimal security, organizations need a strategic approach that blends top-tier technologies with operations and policies that enable full network transparency. Specifically:

  • 94% of the respondents say that “If I could clearly understand all the possible ways attackers can get in and out of my network — with clear, simple instructions about what should be fixed first, second, third etc. — that, to me, would be a strategic security solution and critical capability.”
  • 95% of the respondents say that “If I could get the kind of intelligence that would let me comprehensively see and verify our overall state of security that, to me, would be a strategic security solution.”
  • The vast majority of the respondents, up to 95%, say that to achieve critical and highly strategic security capabilities, enterprises will have to obtain “the kind of intelligence that lets them comprehensively see and verify their overall “state of security;” have the ability to tell ‘at a glance’ whether or not their security investments are working correctly or optimally; and gain the visibility to clearly see and understand all the possible ways attackers can get to high-value data—including the paths in and out of the network—with clear, simple instructions about what needs to be fixed first, second, third, etc.

“Cybercrimes have now become so commonplace that the issue sometimes doesn’t get the attention it should, and that’s a huge mistake,” said Richard Stiennon of IT-Harvest. “If you have high confidence that you will not be breached, you are doing something wrong, or more likely, not doing all you should be doing. Security should be addressed as a strategic concern by every high-ranking executive and board member.”

The RedSeal study surveyed more than 350 C-level executives. All of them are at organizations with 250 or more employees, and at least 20% lead companies with more than 1,000 employees. The responses offer a clear view into corporate America’s thinking regarding cybersecurity concerns and the different approaches enterprises take to the issue.

An infographic showing the study results is available for download at https://www.redseal.net/infographic

About RedSeal (redseal.co)
RedSeal provides a cybersecurity analytics platform to Global 2000 organizations that helps maximize digital resilience against cyber events. RedSeal’s advanced analytics engine creates functioning network modelstests networks to identify security risks, prioritizes needed actions, and provides critical information to quickly remediate issues. The result: measurable reduced cybersecurity risk and lower incident response and maintenance costs. With operations in North America, Europe, and Asia, RedSeal customers include leaders in finance, retail, technology, utilities, service providers, and government, all served by RedSeal’s channel partner network.

Visit redseal.co or call 1-888.845.8169 for more information.

– end –

RedSeal and the RedSeal logo are trademarks of RedSeal, Inc. All other names and trademarks are the property of their respective owners.

Press Inquiries:
Michelle Sieling
Finn Partners/Horn Group
+1 (415) 905-4013
michelle.sieling@finnpartners.com