Tag Archive for: Digital Resilience Book

Digital Resilience: Book Review by Azure Yu

By Azure Yu, Titans Briefs, The University of Texas at Austin McCombs School of Business

Summary:

Cyberattacks are inevitable and costly in today’s intensively connected world. Undergoing cyberattacks will be the norm rather than the exception for all kinds of organizations, and these attacks will usually have devastating consequences. To survive in this hostile environment, companies have implemented necessary security measures such as firewalls and anti-malware, but these measures are insufficient against the inherent risks of digital networks. Greater connectivity comes with more vulnerability. Rothrock points out that C-suites must use “digital resilience” as a whole-business strategy. Digital resilience allows companies to survive attacks, contain breaches, recover, and continue to operate while under attack. Lack of digital resilience can lead to severe consequences – the 2013 Target breach was an example.

The book describes digital resilience in detail. It covers the history of networks, the technical fundamentals, and the distributed nature of the current state. It paints a vivid picture of the inevitability of a successful attack, given that over a trillion Internet of Things (IoT) devices are connected to the network and each node creates vulnerability. It provides actions business leaders can take toward achieving digital resilience. Here are the eight steps listed in the book to build deep knowledge of your data and networks:

  1. Verifying that the device configurations comply with relevant regulation and industry best practices.
  2. Modeling the network by collecting configuration and operation data of the network devices as often as necessary and without burdening the network.
  3. Visualizing end-to-end access and path details to see intended and unintended access among all parts of the network.
  4. Measuring network resilience and managing it. Rothrock explains the resilience scoring in his RedSeal system in Chapter 6.
  5. Identifying hidden areas of the network to manage risks in those areas – the “scary parts” and unknown part of the network can be significant security risks.
  6. Prioritizing vulnerability patching to allocate resources to patch the most urgent network situation.
  7. Verifying network security policy. It is essential to know if security policies are implemented properly in order to measure the real resilience of a network.
  8. Prioritizing network change control. Businesses need the capability to assess the security impact of potential or proposed changes to the network.

Cyber Security Hub: How Digitally Resilient Is Your Company?

Cyber Security Hub | November 7, 2018

Unlike the game Whack-a-Mole, where the object is to clobber a mole as it pops its head out of a hole, cyber threats are becoming more targeted and harder to whack, said Ray Rothrock, CEO of RedSeal, and author of the book, Digital Resilience: Is Your Company Ready for the Next Cyber Threat? on Monday’s episode 55 of Task Force 7 Radio. Rothrock was the guest of host George Rettas, the president and CEO of Task Force 7 Radio and Task Force 7 Technologies.

Podcast: Why Digital Resilience Is The Answer

Taskforce 7 Radio | November 5, 2018

With Ray Rothrock, Chief Executive Officer

Ray Rothrock, the CEO of Redseal and Board Member of cyber security incubator Team 8 appears on Episode #55 of Task Force 7 Radio to talk about his new book, “Digital Resilience – Is Your Company Ready for the Next Cyber Threat” and why Digital Resilience is the only way to win the Cyber Security battle we are all engaged in on a daily basis.

Resilient regulation can help end the tech-consumer stalemate

The Hill | October 21, 2018

By Ray Rothrock, RedSeal CEO

The reason for the absence of meaningful dialogue and meaningful movement is that the two sides persist in choosing the wrong adjectives. They argue over preemptive federal legislation versus state legislation. They fight over tough legislation versus soft legislation.

What they should do is discard all of these modifiers and instead embrace, together, just one type of legislation: resilientWe need privacy regulation that promotes the resilience of data privacy and security. And we need it whether we run Google and Facebook or use Google and Facebook.

DriveScale TechNow Podcast with Ray Rothrock

DriveScale TechNow Podcast | October 3, 2018

With Ray Rothrock, RedSeal CEO

In this edition of TechNow with Tom Lyon, Tom talks to Ray Rothrock, venture capitalist, nuclear engineer, cyber security expert, and current CEO of RedSeal, a firm that helps organizations quantify their digital resilience.

Cybersecurity: Duck and Cover or Stand Up and Do Business?

CEOWORLD | October 1, 2018

By Ray Rothrock, RedSeal CEO

Cybersecurity isn’t working today.  In 2016, the Ponemon Institute reported that each of the 383 companies it surveyed had a “26 percent probability of a material data breach involving ten thousand lost or stolen records” within the “next twenty-four months.” Take this beyond two years—say to the projected life of your business—and you must accept the certainty of data breach. If cybersecurity were working, that certainty would not exist.

What has gone wrong with cybersecurity?

The exponential development of digital technology has left it in the cyber dust.

How do we build digitally resilient organizations?

CSO Online | September 4, 2018

So, what does a digitally resistant organization look like? In a recent column, Ray Rothrock, a CEO who has written a book on Digital Resilience, says: “Instead of cowering behind a wall and hoping for the best, those who lead digitally resilient businesses ensure that they know the strengths, weaknesses, gaps and vulnerabilities of their networks.”

Five Tips For Building Digital Resilience Into Your Business Plan

Chief Executive | September 3, 2018

By Ray Rothrock, RedSeal CEO

The security advisory firm Herjavec Group reports that cybercrime damages are set to cost businesses $6 trillion annually by 2021, with cybersecurity spending topping $1 trillion from 2017 to 2021. A trillion here, a trillion there … pretty soon you’re talking real money — more than enough to acknowledge that managing an organization’s cyber risk has truly become a CEO and Board-level responsibility.

It is essential today that enterprises build digital resilience into their business plans—and do so deep and wide.

Tip #1: Understand the difference between digital security and digital resilience.

Sarder TV with Ray Rothrock

Sarder TV | August 24, 2018

With Ray Rothrock, RedSeal CEO

Ray Rothrock is a venture capitalist and former partner at Venrock, he has invested primarily in the industries of infosecurity and energy. Rothrock is currently the CEO of RedSeal Inc. and serves on the board of directors of several other companies, as well as the board for the Northern California chapter of NACD.

We sit down for a full video interview to discuss cyber attacks, their impact on business and his journey to success.

Harvard Business School: Alumni and Faculty Books

Harvard Business School | June 2018

Digital Resilience: Is Your Company Ready for the Next Cyber Threat?
by Ray Rothrock (MBA 1988)

Amacom:
Rothrock lays bare tactics used by hackers, vulnerabilities lurking in networks, and strategies not just for surviving attacks but also for thriving even while under assault. This book helps businesses understand the threats they face, assess the resilience of their networks against attacks, identify and address weaknesses, and respond to data theft swiftly and effectively.