SIGNAL | September 15, 2016
By J. Wayne Lloyd
When it comes to cybersecurity, I have heard many people express consternation and wonderment as to why the government cannot protect the Internet. It boils down to two things: No authorization, and officials only have visibility into a scant number of networks under their control.
Last week, the Shadow Brokers hacker group made national headlines by leaking zero-day firewall vulnerabilities, and offering additional exploits for sale through auction. In response, the RedSeal team produced:
A blog post on how major infrastructure vulnerabilities produce the same questions – and how digital resilience puts organizations in the best position to respond. A […]
Last month, Wallace Sann, the Public Sector CTO for ForeScout, and I sat down to chat about the current state of cybersecurity in the federal government. With ForeScout, government security teams can see devices as they join the network, control them, and orchestrate system-wide responses.
Many of our customers deploy both RedSeal and ForeScout side […]
An anonymous intelligence agency had a problem.
Their vulnerability assessment program was expensive and sub-optimal. The program was run by two internal employees and 16 contractors. Going to data center to data center, each assessment could take anywhere from 2 months to a full year to conduct.
First, they had to inventory each data center […]
This blog post first appeared in Signal on April 6, 2016
Federal agencies clamor for industry best practices to implement findings resulting from last year’s 30-day “Cybersecurity Sprint,” part of the administration’s broader effort to bolster federal cybersecurity. A new mandatory directive for all civilian government agencies, the Cybersecurity Strategy Implementation Plan (CSIP), provides a […]
Federal agencies are clamoring for information about best practices about to implement the findings of last year’s cybersecurity “sprint.” This new directive, the Cybersecurity Implementation Plan, is mandatory for all federal civilian government agencies. It addresses five issues intended to shore up agency cybersecurity and ensure network resiliency.
So when agencies are done with their […]
Blue vs Red. No, not the Rooster Teeth series for the Halo fans out there. For those that do not know how the reference pertains to cyber security: Blue teams can be looked at as the good guys (cyber defenders) and Red teams are the bad guys (attackers). Not to say the Red teams are […]
by Wayne Lloyd, Federal CTO RedSeal
Not too long ago I had a customer, “Joe”, explain to me how he overcame organizational challenges and got his network team to operationalize the findings from RedSeal.
Joe started by taking advantage of RedSeal features that can be leveraged immediately upon deployment, such as the Best Practice and STIG checks. He generated […]