In order to provide you with the best experience possible we might sometimes track information about you. Sometimes this may involve writing a cookie. We use this information for things like experience enrichment, analytics and targeting advertising. We recommend allowing these functions to get the most out of your experience.
OK
Real World Versus Cyber Hygiene
/by Wayne Lloyd, Federal CTO, RedSealAs I watch the drama on the news unfold it is striking to me how similar the tactics for defending against a spreading virus are to cyber defense.
Washing your hands equates almost exactly to cyber hygiene tactics like patching.
Social distancing is nothing more than putting barriers up to prevent the spread of attacks, […]
A Resilient Infrastructure for US Customs and Border Protection
/by Wayne Lloyd, Federal CTO, RedSealThe Customs and Border Protection agency recently announced an official 2020-2025 strategy to accomplish their mission to “protect the American people and facilitate trade and travel.”
The strategy comprises only three goals, one of which is to invest in technology and partnerships to confront emerging threats. This includes an IT Infrastructure that provides fast and […]
Security Orchestration and Automation Response Solutions (SOAR) and RedSeal
/by Wayne Lloyd, Federal CTO, RedSealOver the past few years, Security Orchestration, Automation, and Response (SOAR) tools have emerged as multi-faceted and ever-present components in a Security Operations Center (SOC), enabling security teams to centralize incident management, standardize processes, and reduce response times through automation and artificial intelligence (AI).
The security orchestration, automation and response (SOAR) market, as defined by […]
Ten Cybersecurity Fundamentals to Reduce Your Risk of Attack
/by Wayne Lloyd, Federal CTO, RedSealDue to escalating tensions with Iran and recent cyber activity against a U.S. Government website, DHS’s Cybersecurity and Infrastructure Security Agency team has issued a bulletin warning organizations to be prepared for “cyber disruptions, suspicious emails, and network delays.” DHS recommends preparing by focusing on “cyber hygiene practices” to defend against the known tactics, techniques and […]
CDM Experts: Data Collection, Classification, Analysis Are Keys
/by Lauren StaufferRecently, RedSeal Federal CTO Wayne Lloyd was asked to participate in a panel organized by Meritalk on the federal government’s Continuous Diagnostics and Mitigation (CDM) program.
Wayne was joined by CDM experts from Veritas and Splunk. All offered candid assessments of the importance of data classification and collection as the CDM program moves to incorporate […]
How to Identify Your Boundary Defense Needs
/by Kes JeciusBy Kes Jecius, RedSeal Senior Consulting Engineer
The Center for Internet Security’s (CIS) twelfth control for implementing a cybersecurity program is for your organization to control the flow of information transferring between networks of different trust levels. The first sub-control states that an organization should maintain an inventory of all network boundaries. So, the first […]
CIS Benchmarks Bring Network and Security Teams Together
/by Kes JeciusBy Kes Jecius, RedSeal Senior Consulting Engineer
The Center for Internet Security’s (CIS) eleventh control for implementing a cybersecurity program is for your organization to actively track, report on, and correct the security configurations for network devices. This involves the use of a configuration management system and robust change control processes. What has been missing […]
Is Process Killing Digital Resilience and Endangering Our Country?
/by Wayne Lloyd, Federal CTO, RedSealAfter reading a Facebook comment on “Navy, Industry Partners Are ‘Under Cyber Siege’ by Chinese Hackers, Review Asserts,” I’m compelled to respond.
I work a lot with the Navy (and the DOD as a whole) as a vendor. I spent 26 years in the intelligence community as a contractor running datacenter operations, transitioning to cybersecurity […]
Understanding and Managing Your Attack Surface
/by Kes JeciusBy Kes Jecius, RedSeal Senior Consulting Engineer
The Center for Internet Security’s (CIS) ninth control for implementing a cybersecurity program is for your organization to manage the ports, protocols, and services on a networked device that are exposed and vulnerable to exploitation. The intent of the control is for your organization to understand, reduce and […]
The Network Dimension in Vulnerability Management
/by Kes JeciusBy Kes Jecius, RedSeal Senior Consulting Engineer
The Center for Internet Security’s (CIS) third control for implementing a cybersecurity program is to practice continuous vulnerability management. Organizations that identify and remediate vulnerabilities on an on-going basis will significantly reduce the window of opportunity for attackers. This third control assumes you’ve implemented the first two CIS […]