Cybersecurity: Duck and Cover or Stand Up and Do Business?

CEOWORLD | October 1, 2018

By Ray Rothrock, RedSeal CEO

Cybersecurity isn’t working today.  In 2016, the Ponemon Institute reported that each of the 383 companies it surveyed had a “26 percent probability of a material data breach involving ten thousand lost or stolen records” within the “next twenty-four months.” Take this beyond two years—say to the projected life of your business—and you must accept the certainty of data breach. If cybersecurity were working, that certainty would not exist.

What has gone wrong with cybersecurity?

The exponential development of digital technology has left it in the cyber dust.

“Zero Trust” Is the Opposite of Business

Infosecurity Magazine| September 14, 2018

By Dr. Mike Lloyd, RedSeal CTO

The term zero trust has been cropping up a lot recently, with even a small conference on the topic recently. It sounds like an ideal security goal, but some caution is warranted. When you step back and consider the reason security is important – keeping organizations running – it’s not so clear that zero trust is really what we want.

I see the label zero trust as an over-reaction to the challenges we face in security. To the extent that the term means “be less trusting”, I agree. Look at our lack of success in stopping breaches.

Big Companies Have An Achilles Heel

Cybersecurity Intelligence| September 10, 2018

“From a cybersecurity perspective, when you’re an insurance company and you’re writing a policy for somebody, how do you charge them for it? We measure the risk and give them the metrics to charge for that policy,” said Steve Timmerman, VP of marketing and business development at RedSeal, which offers enterprise software that builds a model of a company’s network, identifies vulnerabilities, and provides a digital resiliency score that allows insurers to write a cyber premium based on that score.

How do we build digitally resilient organizations?

CSO Online | September 4, 2018

So, what does a digitally resistant organization look like? In a recent column, Ray Rothrock, a CEO who has written a book on Digital Resilience, says: “Instead of cowering behind a wall and hoping for the best, those who lead digitally resilient businesses ensure that they know the strengths, weaknesses, gaps and vulnerabilities of their networks.”

Five Tips For Building Digital Resilience Into Your Business Plan

Chief Executive | September 3, 2018

By Ray Rothrock, RedSeal CEO

The security advisory firm Herjavec Group reports that cybercrime damages are set to cost businesses $6 trillion annually by 2021, with cybersecurity spending topping $1 trillion from 2017 to 2021. A trillion here, a trillion there … pretty soon you’re talking real money — more than enough to acknowledge that managing an organization’s cyber risk has truly become a CEO and Board-level responsibility.

It is essential today that enterprises build digital resilience into their business plans—and do so deep and wide.

Tip #1: Understand the difference between digital security and digital resilience.

Revealed: The cyber Achilles heel for large companies

Corporate Risk and Compliance | August 28, 2018

While a new survey from analytics firm FICO has found that the number of US companies with full-coverage cybersecurity insurance has skyrocketed from last year, 24% still reported that they did not have any cyber insurance. For those that remain uninsured, and the insurance companies with an eye on targeting these firms, a cybersecurity analytics platform has come up with a more effective way to price policies.

“From a cybersecurity perspective, when you’re an insurance company and you’re writing a policy for somebody, how do you charge them for it? We measure the risk and give them the metrics to charge for that policy,” said Steve Timmerman, VP of marketing and business development at RedSeal, which offers enterprise software that builds a model of a company’s network, identifies vulnerabilities, and provides a digital resiliency score that allows insurers to write a cyber premium based on that score.

Sarder TV with Ray Rothrock

Sarder TV | August 24, 2018

With Ray Rothrock, RedSeal CEO

Ray Rothrock is a venture capitalist and former partner at Venrock, he has invested primarily in the industries of infosecurity and energy. Rothrock is currently the CEO of RedSeal Inc. and serves on the board of directors of several other companies, as well as the board for the Northern California chapter of NACD.

We sit down for a full video interview to discuss cyber attacks, their impact on business and his journey to success.

Millions of businesses vulnerable to fax-based cyber attack

ComputerWeekly | August 13, 2018

Hackers could exploit security vulnerabilities in fax machines to launch cyber attacks in millions of organisations around the world, researchers warn, underlining the need for cyber resilience.

Ray Rothrock, chairman and CEO of security analytics firm RedSeal, said the Check Point research underlines the need for organisations to focus on resilience.

“We recommend that companies validate their segmentation policies and make sure there’s very limited access to their most valuable assets,” he said. “This isn’t a one-and-done exercise. Companies must remain vigilant, constantly monitoring all possible pathways within and between their network environments so they can quickly isolate a compromised device.

Check Point shows how faxes can be route into a company

iTWire | August 13, 2018

Fax machines, which are part of many all-in-one printers, can be compromised over the telephone line and used to attack Windows PCs on the networks to which they are attached, researchers from security firm Check Point say.

The exploit was demonstrated on Sunday in a talk titled “what the Fax?” at the DEFCON security summit held in Las Vegas. A detailed technical explanation of the methods used is available here.

Harvard Business School: Alumni and Faculty Books

Harvard Business School | June 2018

Digital Resilience: Is Your Company Ready for the Next Cyber Threat?
by Ray Rothrock (MBA 1988)

Amacom:
Rothrock lays bare tactics used by hackers, vulnerabilities lurking in networks, and strategies not just for surviving attacks but also for thriving even while under assault. This book helps businesses understand the threats they face, assess the resilience of their networks against attacks, identify and address weaknesses, and respond to data theft swiftly and effectively.