Cybersecurity’s Ceiling

Dark Reading | August 14, 2017

Security spending and staffing are rising, but restrained resources are tempering market growth.

The IT security market is often painted as a non-stop growth curve with no end in sight. But many analysts who have studied market trends say despite recent increases in spending and hiring, the market paradoxically is being slowed by a shortage of resources.

In some cases, upper management is putting a cap on spending and hiring. In the recently published 2017 Black Hat Attendee Survey, most security professionals say they are increasing hiring and spending. Yet, some 71% of security professionals do not feel they have enough people to handle the threats they will face in the coming year. Fifty-eight percent say they don’t have enough budget.

Counting the Cost of Mega Cyber Risk

Computer Business Review | August 10, 2017

It’s clear that corporations want to buy insurance to reduce their exposure to losses from cyber-attacks, and insurers have responded to the need.  However, most buyers are dissatisfied – the coverage amounts are low, and the covered events are too narrow.  From the insurer’s point of view, it had to be this way, due to historic challenges with visibility into cyber risk and liability.

When everyone wants the same kind of policy, the insurer has to think about the systemic risk, and if that systemic risk is poorly understood, each individual policy has to stay small.  Think of everyone in a Medieval town wanting to buy fire insurance at the same time – individually, they all want the same thing, but the insurer can’t take on the combined risk without understanding whether the houses are all in the same town, or made of the same flammable material.

Time For CFOs to Get Serious About Cybercrime Prevention

TechTarget | July 31, 2017

Payment risks and email scams are too complex to pass off to an insurance provider. They call for C-level involvement in making sure the entire trading partner network is secure.

Some CFOs and corporate treasury managers lack a sense of urgency about the need for cybercrime prevention and about the financial hits that could come from cybercrime attacks. Scanning conference rosters, I see an emphasis on cyberinsurance, which ostensibly transfers the risk of loss to someone else, all for the price of a policy. But an effective cybercrime prevention strategy requires much more than that. It requires CFOs to be proactive about making their networks secure.

SC Media asks the industry: Is cyber attack insurance worth it?

SC Media UK | July 13, 2017

Featuring Dr. Mike Lloyd, RedSeal CTO

UK financial services body the Prudential Regulation Authority (PRA) has issued a warning to insurers regarding the risk of claims for damages arising from cyber-attacks on their customers.

The PRA recommendations include the carrying out of stress testing of their capability to respond to a large number of claims at once – no doubt inspired by the recent WannaCry and notPetya attacks.

CSO Online: RedSeal Named in Top Security Tools of 2017

CSO Online | July 11, 2017

Threats are constantly evolving and, just like everything else, tend to follow certain trends. Whenever a new type of threat is especially successful or profitable, many others of the same type will inevitably follow. The best defenses need to mirror those trends so users get the most robust protection against the newest wave of threats. Along those lines, Gartner has identified the most important categories in cybersecurity technology for the immediate future.

Business Agility And Security Automation (Or, How The Government Sometimes Gets It Right)

Forbes | July 11, 2017

By Dr. Mike Lloyd, RedSeal CTO

A healthy, growing business is a risky business. Why? Modern businesses must innovate, change and grow continuously to stay ahead of the competition. Normally, we look at business agility as a good thing — a differentiator; a challenge to be embraced; a way to shake the invisible hand that drives our world. But from a security viewpoint, all this change is a problem, especially for cybersecurity.

RedSeal CEO Joins Cheddar TV’s “Closing Bell” to Talk Petya, Cyberattack Impact on Business

Cheddar | July 6, 2017

 

RedSeal CEO Ray Rothrock joined Cheddar TV’s “Closing Bell” show to discuss the impact of cyberattacks on sales and stock prices, and our own government’s ability to be resilient.

Ray’s segment starts at the 1:25:24 mark of the video.

Petya: Recommendations for defense and remediation

The CyberWire | June 29, 2017

What can enterprises do, now, to protect themselves against Petya and the other, similar attacks soon to follow? This won’t be a one-time thing: WannaCry wasn’t, and it’s reasonable to expect fresh ransomware campaigns to keep coming, hard and fast. The attackers get a good return on investment from repurposing tools and exploits. There’s no reason to expect them to stop.

For your coverage of Petya, Ray Rothrock, CEO of RedSeal, said in an email, “It’s happening again. This time in a slightly different form and name, but it’s the same. A new strain of Petya malware is going after unpatched Windows systems via EternalBlue, the same stolen NSA tool exploited by WannaCry.”

Review: RedSeal offers powerful, passive network protection

CSO Online | June 26, 2017

When CSO’s sister site Network World conducted its firewall manager review, the original plan was to invite RedSeal to participate. The problem was that while RedSeal originally did manage firewalls, their product has now evolved into something else. RedSeal shares some similarities to firewall managers, but is now in a separate, unique product group. We tested the RedSeal appliance to see where it fits into cybersecurity defenses.

RedSeal today is a digital resilience platform designed to discover all network vulnerabilities, including those that go around firewalls, and map attack vectors so they can be fixed. It also tracks network health and provides an overall vulnerability score that can be monitored by either executives or IT staff.

3.5M vacant cybersecurity roles by 2021, Cybersecurity Ventures report

SC Magazine | June 7, 2017

A look out at the jobs landscape shows that over the next five years, positions in the cybersecurity field will triple, according to “The Cybersecurity Jobs Report,” sponsored by Herjavec Group.

The global information security advisory firm predicts that – largely owing to increases in cybercrime – the number of cybersecurity job openings will hit 3.5 million by 2021.