Petya: Recommendations for defense and remediation

The CyberWire | June 29, 2017

What can enterprises do, now, to protect themselves against Petya and the other, similar attacks soon to follow? This won’t be a one-time thing: WannaCry wasn’t, and it’s reasonable to expect fresh ransomware campaigns to keep coming, hard and fast. The attackers get a good return on investment from repurposing tools and exploits. There’s no reason to expect them to stop.

For your coverage of Petya, Ray Rothrock, CEO of RedSeal, said in an email, “It’s happening again. This time in a slightly different form and name, but it’s the same. A new strain of Petya malware is going after unpatched Windows systems via EternalBlue, the same stolen NSA tool exploited by WannaCry.”

Review: RedSeal offers powerful, passive network protection

CSO Online | June 26, 2017

When CSO’s sister site Network World conducted its firewall manager review, the original plan was to invite RedSeal to participate. The problem was that while RedSeal originally did manage firewalls, their product has now evolved into something else. RedSeal shares some similarities to firewall managers, but is now in a separate, unique product group. We tested the RedSeal appliance to see where it fits into cybersecurity defenses.

RedSeal today is a digital resilience platform designed to discover all network vulnerabilities, including those that go around firewalls, and map attack vectors so they can be fixed. It also tracks network health and provides an overall vulnerability score that can be monitored by either executives or IT staff.

3.5M vacant cybersecurity roles by 2021, Cybersecurity Ventures report

SC Magazine | June 7, 2017

A look out at the jobs landscape shows that over the next five years, positions in the cybersecurity field will triple, according to “The Cybersecurity Jobs Report,” sponsored by Herjavec Group.

The global information security advisory firm predicts that – largely owing to increases in cybercrime – the number of cybersecurity job openings will hit 3.5 million by 2021.

Cybersecurity Faces 1.8 Million Worker Shortfall By 2022

Dark Reading | June 7, 2017

Over the next five years, the number of unfilled cybersecurity jobs will rise to a whopping 1.8 million, a 20% increase from 2015 estimates, according to a new (ISC)2 survey released today.

Driving this widening shortage is not only the often discussed lack of qualified workers but also a greater need to bring in more warm bodies to tackle the rapidly evolving ways that cybercriminals and attackers are launching their nefarious activities, according to the report. It’s getting easier for low-tech criminals to get into hacking, thanks to malware-as-a-service operations and crimeware kits.

Cybersecurity Talent Shortage Set to Hit 3.5M by 2021

SiliconANGLE | June 6, 2017

If you’re looking for a tech job that will be in abundance in the years ahead, the cybersecurity marketplace will be the ideal place to find one, according to a newly published report on the employment prospects in the sector.

The report, from Cybersecurity Ventures Inc., found that the skills shortage will get a lot worse in the coming years. It predicts there will be a gap of 3.5 million positions globally by 2021. Of those unfilled positions, 1 million will be in India alone, with the United States experiencing half a million unfilled vacancies.

When it Comes to Network Resilience, It’s the Little Things that Count

GDPR.Report | June 1, 2017

By Dr. Mike Lloyd, RedSeal CTO

Cyber attacks are the new normal for businesses across the globe. When one hits home it can cause major monetary losses and reputational damage for organisations, from which some struggle to recover. Many CEOs have gotten the message, forced into action perhaps by strict new regulatory compliance requirements coming from Europe, or concrete evidence linking severe data breaches to tumbling share prices. That means many have invested in expensive digital security systems. But are they effective, or even necessary?

New DISA Program Assesses Operational Risk

SIGNAL Magazine | May 22, 2017

By  J. Wayne Lloyd, RedSeal Federal CTO

As the Defense Information Services Agency (DISA) knows, a network that complies with standards is not necessarily secure. DISA’s new evaluation program, the Command Cyber Operational Readiness Inspection (CCORI), is designed to go beyond standards. Its goal is to provide site commanders and federal agencies an understanding of mission operational risks.

RedSeal CEO Joins Cheddar TV’s “Closing Bell” to Talk Resilience, WannaCry

Cheddar | May 18, 2017

 

RedSeal CEO Ray Rothrock joined Cheddar TV’s “Closing Bell” show, where he spoke about resilience, WannaCry and more. Ray’s segment starts at the 1:04:05 mark of the video.

“Prevention has been the strategy of the last 25, 30 years in cybersecurity…You’ve got to have prevention but you need more than that now. Attacks are inside the network – not at the firewall anymore – they are inside. And being inside means you need to know what’s going on inside. You’ve got to know what the network looks like.”