Tag Archive for: Mike Lloyd

Finding the Right Approach to Cloud Security Posture Management (CSPM)

Dark Reading | October 29, 2021

New strategies are surfacing to respond to new problems. Dr. Mike Lloyd, RedSeal’s CTO, reviews one of the latest: CSPM.

Cloud security is maturing — it has to. We’ve had too many face-palm-worthy incidents of organizations hearing “hey, I found your data in a world readable S3 bucket” or finding a supposedly “test” server exposed that had production data in it. Happily, we are emerging out of the Wild West phase, and some order and maturity is emerging, and along with it, new lingo.

How to Mitigate Security Risks in the the Cloud

CloudTweaks | August 3, 2021

Enterprises continue to spend billions annually on security technology, yet cyber breaches continue to come fast and furious. So what exactly is going on here? Why are the odds stacked against the good guys?

It turns out there are some pretty good reasons why security remains so elusive. Many organizations simply don’t have the staffing resources to do battle with a heavily automated enemy.

The Real Reason for Breaches (and How to Avoid Them)

Security is a tough job – we invest so much effort, and yet the breaches keep on happening.  Why?  In a word, complexity. 

The digital world brings so many great efficiencies and innovations – the pressure to move fast and exploit opportunities is irresistible to every organization.  But crossing all these online frontiers brings the unavoidable frontier challenges – lawlessness, chaos, and rapid change.  Security is easiest in mature, well understood, and above all, in simple infrastructures.  Every added bit of complexity and change moves away from security, and towards chaos.  The security professional has a thankless task – we cannot simply demand that our employers be more orderly or cease changing.  Instead, we have to adapt constantly, and try to keep up with all the new territory that is constantly opening up, with new threats and new ways to get it all wrong.

When you analyze any of the major breaches in detail, you find they are always multi-component – there is never just one simple, single cause.  Attackers are stealthy, persistent, and they move from one foothold to another.  This means that when a breach happens, it’s a system-level failure, not just one component that could have been isolated and fixed.  Worse, even if you put all your effort into fixing as many components as possible, you’ll never get to 100% secure and impervious to attack.  The bad guys will search and search for anything you missed, then exploit it, gain a new foothold, and work outwards from there.

Clearly, the road to security doesn’t come from finding and fixing everything – it’s impossible to fix every issue in your network today, and even if you could, there will be new defects tomorrow, because the rate of change is so high.  Instead, we have to learn to thrive in a world with inherent vulnerability, just the way animals and people do in the biological world.  Biological systems are resilient rather than perfectly protected – they can adapt and bounce back from infection, since Mother Nature long ago learned that blocking every pathogen just wasn’t going to work.  Of course, this doesn’t mean you should give up and just accept every possible attack – biological systems still aim to be hard targets, they just actively maintain an immune system so they can detect, isolate, and remove the inevitable successful attacks.

So the way forward is to find what you have, in the cloud and across your physical sites, see how it’s all connected, and understand where you can block incoming attacks, as well as thwart lateral movement for attackers who do make it past your defenses.  The first goal is a complete inventory – in itself, that’s a hard challenge because of the diverse and changing fabric we use to get the work done.  The second goal is to harden any assets that are exposed.  The third goal is based on recognizing that perfect hardening at step two won’t happen, so instead, it’s essential to understand what is connected to what, so that you can stay ahead of attacks and block them before they get a chance to spread.  This is why RedSeal focuses on these three disciplines – gather and map the network in all its hybrid complexity, then harden the individual elements, then help our customers conduct war games where they can think at a system level, and prioritize their defensive efforts to become a resilient hard target.

For further details on how RedSeal tackles cloud security, check out our solution brief: “Redseal Ensures Your Critical Cloud Resources Aren’t Exposed To The Internet”

Dr. Mike Lloyd Named a Gold Globee Chief Technology Officer of the Year

IT World Awards | June 15, 2021

RedSeal’s Chief Technology Officer Dr. Mike Lloyd was named a Gold Globee winner for Chief Technology Officer of the Year, Security Hybrid in the 16th Annual 2021 IT World Awards honoring achievements and recognitions in the information technology and cyber security industries worldwide.

More than 65 judges from around the world representing a wide spectrum of industry experts participated in the judging process. The IT World Awards are open to all Information Technology and Cyber Security organizations from all over the world and their end-users of products and services.

 

Security Think Tank: Printer risks go deep into IT history

Computer Weekly | June 9, 2021

Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs does pose security risks both technological and physical. What does a print security strategy need to take into account?

…This east-west traffic in local areas is the bane of the security professional. It makes the network harder to manage as it sprawls outwards, often in the uncontrolled IT equivalent of a shanty town. This, in turn, created the ecosystem in which security threats evolved, moving from viruses spread by floppy disks to those that spread directly over the network, and their descendants we see to this day, such as ransomware spreaders that can take over oil pipelines.

Seven Cybersecurity Lessons the Coronavirus Can Teach the Armed Forces (and Us All)

Cyber Defense Review | May 21, 2021

If we have learned anything from the COVID-19 pandemic, it is that very bad things can happen very quickly, especially if we are not sufficiently prepared. It turns out that everything we have been told about the pandemic is also relevant for cybersecurity; as such, the pandemic is an exceptional learning tool for cyber professionals.

Cyberattacks are like biological viruses in several ways: they can spread incredibly fast, their consequences can wreak huge economic damage, and the destruction they cause can be very difficult from which to recover. Viruses spread through human social networks and cyber-attacks exploit our online networks of trust.

11 Tech Experts Share Smart Steps For Protecting Your Personal Information Online

Forbes | May 18, 2021

10. Be especially careful with your money accounts.

Take extra trouble over your money accounts. Treat them as different from all your others. Don’t reuse passwords for financial accounts—ever. Ask anyone who has your money about “two-factor authentication,” and if they don’t offer it, move your account. If possible, push for two-factor that doesn’t depend on text messages (SMS)—it’s too easy to hack. – Mike Lloyd, RedSeal CTO

16 Strategies To Prevent Your Team Members From Adopting ‘Shadow IT’

Forbes | April 9, 2021

12. Take a Zero Trust approach.

I hate the phrase “Zero Trust” (and an increasing groundswell of security professionals agree), but the original ideas of the Zero Trust movement do make sense. Old networks were like castles, but today’s networks are like cities—security teams have to think like mayors, not feudal lords. It’s about mapping, coordination and preparation, not about thick stone walls. – Mike Lloyd, RedSeal

Digital transformation or digital evolution?

Computer Weekly | April 1, 2021

Digital transformation is often associated with disruptive technology, but Mike Lloyd, chief technology officer (CTO) at RedSeal, questions whether the popularity of “disruption” is a positive thing, noting that in most other areas of life it’s a negative term.

“So why is ‘disruption’ seen as cool when it comes to tech?” he asks. “In part, it’s how you get your new idea noticed – the media and investors are always looking for the new-new thing, and see something like a tune-up or improvement of an old thing as boring. Customers see it the other way around – disruption is bad, what most people want to buy is incremental efficiency.”

Security Think Tank: CNI operators are in an unenviable position

Computer Weekly | March 15, 2021

The operators of critical national infrastructure (CNI) are in an unenviable position, between the devil and the deep blue sea, as two very different worlds collide.

Most critical infrastructure was built up over a century or more of careful, incremental steps by civil engineers, and they focused on the primary threat they faced – lack of availability. If you deliver power, water, or anything else that lives depend on, you focus your attention on making sure the service is never interrupted.

You think through scenarios such as natural disasters, extreme weather, even longer-term risks such as climate change. It’s always you against Murphy’s Law – you assume each element will eventually fail, and so you build in double or triple redundancy.