RCR Wireless | March 04, 2013
Reader Forum: The myth of BYOD – Why network access is the key to securityManaging the access between the wired and wireless networks to enforce exactly what access is allowed to BYOD devices has to be the first step in any wireless initiative – before any thought of managing the mobile device can be considered.
|
|
Dark Reading | February 15, 2013
More Intelligent Services Help Rein In Security PoliciesWhen setting and managing policies--whether using only on-premise technology or taking advantage of a service--companies should start by keeping the high-level goals in mind and do a complete inventory of their assets, says Mike Lloyd, chief technology officer for security-management firm RedSeal Networks. Following the initial creation of policies for the organization and technical policies for each device, the security team should also validate that each part of the network complies with policy.
|
|
Fast Company | February 13, 2013
Barack Obama Is The First Cyber War President, But A President Can't Win A Cyber WarRedSeal Networks develops security assessment software for government and large corporations, Another In-Q-Tel-backed company, Tenable, handles vulnerability management projects for large and small clients while even collaboration platform Huddle receives funding to make secure communication tools for government agencies. In-Q-Tel's Dan Geer wrote in 2010 that the CIA-linked venture capital firm's goal in cybersecurity investments is to pursue “the absence of unmitigatable surprise.” Once again, that defensive posture shows up.
|
|
Dark Reading | February 12, 2013
Taming Big Bad Data For Better SecurityFor companies, then, the first step is finding missing systems -- and missing data -- in their networks, Lloyd says. "What we found is that all security teams have dark space in terms of big data," he says. "If you don't have all your data, you can't do good big-data analytics."
|
|
(IN)SECURE | February 06, 2013
RedSeal 6.5 supports BYOD, SIEM and risk metrics“In an ideal world, CISOs, CIOs, IT security directors and administrators can take a look at their network and close any gaps that expose vulnerabilities, but the reality is, most organizations have ‘known unknowns’ – assets that are out of sight, not properly monitored or tracked, but important due to their downstream impact on other assets that are visible,” said Parveen Jain, president and CEO of RedSeal Networks. “You can’t protect what you can’t see.”
|
|
eWeek | February 06, 2013
RedSeal Targets Network 'Dark Space' With Big Data AnalyticsIn the latest release of the RedSeal Platform, version 6.5, the vendor addresses "dark space" – a term meant to describe the parts of the network infrastructure that is unmanaged, unmonitored and unseen by security tools because security administrators are unaware of its existence. With RedSeal 6.5, the company looks to solve this issue by enabling users to see a complete map of their infrastructure.
|
|
AFP | February 05, 2013
Twitter hit by 'sophisticated' cyber attack"The breach at Twitter is yet another wake up call -- have we had enough yet?" said Mike Lloyd, chief technology officer at security firm RedSeal Networks.
|
Dark Reading | November 28, 2012
7 Risk Management Priorities For 2013"Continuous monitoring will be taken up by [or required of] anyone doing business with the U.S. government, and will end the year closer to being a standard 'best practice' for all organizations," says Lloyd, CTO of Red Seal Networks
|
|
Tech Target | November 19, 2012
U.S. cybersecurity efforts down but not out after Senate voteWith so much of the critical infrastructure run by private companies, it's difficult to protect national interests, said Mike Lloyd, chief technology officer at security management firm RedSeal Networks Inc. These competitive, profit-driven companies often put security on the back burner, he said. "If your market competitor outpaces or underspends and takes imprudent risks, you have a nightmarish choice: Do you take risks too, or do you play it safe and lose market share in the hopes there will be a major incident for your competitor and not for you?" he added.
|
|
ReadWriteWeb | November 16, 2012
Cybersecurity Bill Dies, Obama Signs Cyberwar Directive. What's Next?"Global IT infrastructure is a world of glass houses, and there’s an escalating trend of people throwing stones,” Mike Lloyd, chief technical officer of RedSeal Networks, told ReadWrite in an email. "Sometimes it’s necessary to move beyond your own glass house to catch someone who is threatening or actually attacking your infrastructure. "
|
|
Government Computer News | October 29, 2012
Proactive, continuous monitoring key to thwarting cyber crimeCyber warfare is here and if we don't shift the way we think and strengthen our defenses, we will pay the price down the line, writes Jim Flyzik.
|
|
Dark Reading | October 26, 2012
Monitoring To Detect The Persistent EnemiesHaving more layers is a good thing, because attackers are always motivated to get a step ahead, says Mike Lloyd, chief technology officer with RedSeal Networks, a networking monitoring firm.
|
|
Business Insider | October 18, 2012
Here's How The US Invited Iranian Hackers To Attack America's BanksThe U.S. isn't in the best position to invite cyberwar. People in glass houses shouldn't throw stones. [And] unfortunately, it's not just that—very simple stones can break our glass windows. We have very thin defenses.
|
|
Dark Reading | August 31, 2012
ABCs Of Factoring Risk Into Cloud Service Decisions"Many organizations are stuck in either of two bad answers: either 'damn the torpedoes, we're going ahead with no idea what we're getting into,' or 'no way, no how,'"says Dr. Mike Lloyd, CTO of RedSeal Networks. "Both are clearly bad."
|
|
Stockhouse | August 23, 2012
McAfee Security Innovation Alliance Adds New PartnersCurrent McAfee SIA Technology Partners Cyber-Ark Software, RedSeal Networks, and Securonix have achieved “McAfee Compatible” status for additional integrations. McAfee has worked with these partners to test and validate their integrations for their adherence to best practices for integrating with McAfee products.
|
|
Dark Reading | August 22, 2012
5 Systems You're Forgetting To Patch"When a given database costs serious amounts of dollars per minute of downtime, the application owners are very reluctant to patch," says Dr. Mike Lloyd, CTO of RedSeal Networks.
|
|
Homeland Security Today | August 20, 2012
Finding New Infrastructure Solutions“People might assume that our critical infrastructure—for example, power generation and distribution networks—are all built from cutting-edge networked equipment, but the reality is the opposite,” Mike Lloyd, chief technology officer at RedSeal Networks, Santa Clara, Calif., noted. “Critical infrastructure is generally built for reliability, meaning an ability to stay up during natural disasters or other ‘unintelligent’ situations. This means, for the [information technology] equipment, the old and well known is strongly preferred over the new. But as we’ve all learned on our laptops, old software is very bad when considering smart attackers—old equipment has old misconfigurations and old vulnerabilities. It’s not at all uncommon to find antiquated operating systems, or industrial machines with open phone line access, and even vendor-supplied passwords.”
|
|
KLIV Radio | August 14, 2012
KLIV Interview with Dr. Mike Lloyd - Securing Critical InfrastructureCyber attacks are no longer just the work of criminals and mischievous hackers. There is a lot more going on where nation states have been launching attacks on other peoples' infrastructure. Simply put, in a world of glass houses it gets quite interesting when people start throwing stones.
|
|
Infosecurity Magazine | July 30, 2012
Cyberattacks on critical infrastructure increase 17-fold, says NSA chiefIn response to the New York Times story, Mike Lloyd, chief technology officer at RedSeal Networks, observed that “all infrastructure targets share a common defensive problem: too much complexity. As the attackers move to greater and greater automation, the defenders must do likewise, exhaustively testing their existing network defenses so they can find weaknesses before the attackers do.”
|
|
Broadcast Newsroom | July 30, 2012
New Report Shows Dramatic Increase in Uptake of Continuous MonitoringRedSeal Networks, the world's leading proactive enterprise security management provider, today highlighted results of the recent ESG Research Report, "Security Management and Operations," which found that a growing number of organizations are adopting continuous monitoring to improve protection of their electronic assets and validate compliance with required security policies.
|
|
Fast Company | July 18, 2012
The Messianic Spyware Buried In A Fake Daily Beast ArticleAccording to the CTO of security firm RedSeal, Mike Lloyd, “Mahdi should remind anyone of the old idea that people in glass houses shouldn’t throw stones. This latest malware does not show signs of being complex and expensive, but the relative simplicity of the weapon (compared, say, to Flame) does not mean it’s less effective at reaching its goals. Globally, our infrastructure is weak – there have been steady increases in complexity, and networks continue to become more interdependent. Research shows that easy attacks work, and are at the core of the majority of detected breaches. Attackers do not need major nation-state resources to compromise most defenses. The motivation behind this specific outbreak may be international espionage, but these techniques and others demonstrate how easily defenses can be compromised, including for corporate espionage, theft, or acts of war.”
|
|
Infosecurity | July 17, 2012
'Messiah' malware arises in the Middle EastCommenting on the discovery of Mahdi, Mike Lloyd, chief technology officer of RedSeal Networks, said that the malware “does not show signs of being complex and expensive, but the relative simplicity of the weapon (compared, say, to Flame) does not mean it’s less effective at reaching its goals….The motivation behind this specific outbreak may be international espionage, but these techniques and others demonstrate how easily defenses can be compromised, including for corporate espionage, theft, or acts of war."
|
|
Signal Magazine | July 11, 2012
The Future Landscape for CommunicationsPrem Iyer, vice president, North America Channel Sales, RedSeal Networks Incorporated, explained that there is no panacea solution to mobile security, and he talked about problems with applications security. Mobile devices also bring in another level of risk less common with large desktops or other traditional computing equipment—the ease with which mobile tools can be lost or stolen. Iyer stated that security has always been a challenge in the world of mobility, an issue that takes on increased meaning for warfighters. “Operations will always trump security,” he said. Security must become an enabler to use with developers integrating it into systems from the beginning, not adding it on at the end.
|
|
Market Watch | June 18, 2012
Bay Area News Group Showcases RedSeal Networks Among the Top 10 Workplaces for 2012"Every company's greatest resource is its people so this award holds particular significance as we've worked very hard to build a dynamic and rewarding workplace culture," said RedSeal Networks President and CEO Parveen Jain. "It's particularly gratifying to have been nominated for this award by our employees and hear just how much they love being a part of the RedSeal team. RedSeal has always been characterized by an incredible group of talented and committed contributors."
|
|
Federal Buyers Guide | June 18, 2012
Bay Area News Group Showcases RedSeal Networks Among the Top 10 Workplaces for 2012RedSeal Networks, the leading provider of proactive enterprise security management solutions, further cemented its bellwether status atop the IT security industry sector today in being named as one of the Bay Area’s Top Workplaces for 2012 by The Bay Area News Group (BANG).
|
|
Business Insider | June 05, 2012
CYBERSECURITY EXPERT: The US Is Vulnerable To Viruses Much Simpler Than Those It Used Against Iran"It's not about whether these fancy weapons, that look like we built, could be used on us," Dr. Mike Lloyd, Chief Technology Officer at Red Seal Networks said. "We need to take a step back and think, 'What kind of weapon would it take to hurt us?' And the answer is that simple weapons work today."
|
|
Computerworld | June 02, 2012
Government role in Stuxnet could increase attacks against U.S. firms"We now as a nation have painted a huge target on our back," said Mike Lloyd, chief technology officer at security vendor RedSeal Networks. By choosing to develop and use cyber weapons such as Stuxnet, the U.S. has basically exposed its own companies and networks to the same kind of threats, Lloyd said.
|
|
Market Watch | May 30, 2012
RedSeal Networks Wins Red Herring Top 100 Award"We are honored to be recognized by Red Herring as one of the most innovative and promising private companies in the United States today," said Parveen Jain, president and CEO of RedSeal Networks. "This award is simply another vote of confidence and affirmation for our growth strategy and the work we are doing to help our commercial and government sector customers proactively protect their network infrastructure and reduce overall IT risk."
|
|
Infosecurity | May 10, 2012
Drowning in data: Security professionals look to metrics for a lifeline“We are drowning in details; we have mountains of facts but very little useful information”, observed Mike Lloyd, chief technology officer with RedSeal Networks. “People agree that the right way to deal with this is using metrics”, he told Infosecurity.
|
|
Network Computing | May 04, 2012
The ABCs of APTs: How To Fight Advanced Persistent ThreatsWhile these companies--including Fidelis Security Systems, NetWitness (another EMC addition), Naurus, RedSeal Networks and Hewlett-Packard--promise that their products will help protect against APTs, many users are not aware of just what an APT is.
|
|
Sys-Con | May 04, 2012
Coordinating Security InformationMore interesting is the fact that, when you look at the responses by the role of the respondents, 53 percent of security managers, administrators and auditors expected to meet the Sept. 30 deadline, while only 28 percent of CIOs and chief information security officers expected to. Mike Lloyd, RedSeal's CTO, said, "This is an interesting finding, not what a cynic might expect."
|
|
Dark Reading | April 23, 2012
Why Don't Firewalls Work?"Even the best firewalls might fail an audit -- or get hacked -- if your enterprise doesn't follow proper change and configuration management practices."
|
|
SecurityWeek | April 23, 2012
Iran Took Systems Offline After Cyber Attack Hit Oil Industry“The real news here is that this type of campaign could clearly have a serious and detrimental impact- both financially and socio-politically,” said Dr. Parveen Jain, president and CEO of RedSeal Networks, who also holds a Ph.D. in Nuclear Engineering. “The reality is that many of the SCADA systems used through industries such as oil, electric and water systems are based on legacy computing technologies that were deployed before concerns of cyber threats were a reality."
|
|
GSN | April 10, 2012
Technology provides day-to-day window into security, says RedSeal CEOAlthough government, critical infrastructure and private network managers have worked hard to mitigate breaches and incursions over the years, they may not have a complete picture of what they’re up against day-to-day, according to the chief executive officer of an upstart network intelligence and security company.
|
|
Dark Reading | April 10, 2012
Utah Health Data Breach Affects Nearly 800,000State officials offered some details on the nature of their security defenses. Mike Lloyd, CTO at RedSeal Networks, said that based on those reports, the Utah security architecture may be prone to human error.
|
|
Dark Reading | March 23, 2012
Minimizing The Attack Surface Area A Key To SecurityWhile many security experts have talked about the end of the network perimeter, thinking about the attack surface as the new perimeter can help companies better secure their networks and data, says Mike Lloyd, chief technology officer for RedSeal Networks, a provider of security intelligence and management products.
|
|
SC Magazine | March 23, 2012
The seal of securityParveen Jain, president and CEO of Redseal Networks (and previously chief marketing officer at McAfee after his company, IntruVert Networks, was acquired in 2003), said he came out of retirement to lead Redseal, which he called "a CT or MRI scan for networks".
|
|
CRN | March 20, 2012
“CT scan” of IT security world issues channel war cryTalking to ChannelWeb, RedSeal chief executive Parveen Jain said SIs and VARs are a "huge fan" of the technology because it can be used to quantify what other security technologies end users need.
|
|
Government Computer News | February 23, 2012
A Self-Healing Network and Other New Technology for GovernmentRedSeal Network’s Proactive Security Intelligence system is designed to provide end-to-end security and automated network assessment, said Mike Paluzzi, managing director of the company’s federal business unit. The software-based system collects the data in routers and firewalls, gathers their files and parses out their rules sets to provide administrators with network situational awareness.
|
|
TechNewsWorld | February 10, 2012
US Plans Stricter Laws For Government Network Hacks“Taking the necessary precautions to avoid that insecurity is an absolute necessity in today's climate, according to Mike Lloyd, CTO of RedSeal Networks. "To prevent this, likely targets need to use automation to understand weaknesses; today, it's all too easy for those who feel like it is to use their own automation tools to deface, degrade or even destroy online infrastructure.”
|
|
Dark Reading | February 10, 2012
Five Tactical Security Metrics To WatchCompanies need to be able to look for solutions to problems that may be beneficial to multiple servers and workstations. A good metric to track that positive benefit is to focus on the impact of fixing a particular vulnerability, said RedSeal Networks CTO Dr. Mike Lloyd. "The highest impact I might have is not just by patching the most critical servers over and over again," said Lloyd. "I want to find a way to maximize the downstream impact of fixing some assets."Patching a dozen critical servers or updating firewall or intrusion-detection rules? Knowing the impact of each action is key.”
|
|
Government Computer News | January 17, 2012
Is CIO Confidence on FISMA Compliance Waning?"Everybody agrees that this is the right thing," said Dr. Mike Lloyd, chief technology officer at RedSeal Networks, with 64 percent of respondents saying that continuous monitoring and the security metrics it provides will improve IT security status. "This clearly is a technical problem."
|
|
Dark Reading | January 13, 2012
Five Principles To Improve Your Security Monitoring"Security is the absence of something, and that is hard to measure," said Dr. Mike Lloyd, chief technology officer at RedSeal Networks. "So what you have to measure is posture -- how far you are ahead of the next threat." Instead, companies should measure metrics that improve security, such as the number of vulnerabilities remediated. "The trick then is to make it quantifiable and repeatable," he says.
|
|
TechNewsWorld | January 09, 2012
Symantec Source Code Scattered to the Winds"Anyone who faces risk due to assets in someone else's control needs to establish a yardstick that the outside entity can use to show they have taken due care," said Dr. Mike Lloyd, chief technology officer at RedSeal Networks. The yardstick needs to be quantifiable objectively, must maintain some privacy for the organization being studied, and "must actually measure security posture, not just busy-ness," Lloyd concluded.
|
|
eWeek | January 08, 2012
Stratfor, Facebook Worm, Fujitsu Virus Lead Week's Security NewsSecurity experts were more concerned about the fact that Symantec lost its data through no fault of its own, since the code was on a third-party server. "It is not enough to ensure you follow best practices; in an interconnected world, you have to worry about the security of other organizations," Dr. Mike Lloyd, CTO of RedSeal Networks, told eWEEK.
|
|
Dark Reading | January 07, 2012
Hackers Claim Breach Of Norton Antivirus Source Code; Experts Say Claims Are Exaggerated"It is not enough to ensure you follow best practices; in an interconnected world, you have to worry about the security of other organizations," said Dr. Mike Lloyd, chief technology officer at RedSeal Networks. "Your business partners and strategic customers may be friendly, but they are not going to expose specifics to you about how well they protect themselves."
|
|
SearchSecurity | January 06, 2012
Symantec Source Code Theft: Threat is Low to Current Products, Vendor SaysIt's difficult for organizations to "understand the risk of a network you cannot see," said Mike Lloyd, CTO of Santa Clara, Calif.-based vendor RedSeal Networks. "As we steadily lose control of our own critical assets, and as attackers increasingly automate their attacks, we will need more baselines like this so that one organization can show another that it is well run."
|
|
PCAdvisor | January 06, 2012
Security roundup: DOD revving up cyber-defense; Microsoft to have big January Patch TuesdayHowever, Mike Lloyd, chief technology officer at RedSeal Networks, points out the breach does raises questions about addressing security of your own corporate data in the networks of business partners and others. "The fact that Symantec suffered a breach due to lax protections in someone else's network is a significant wake-up call," he said.
|
|
Government Computer News | January 04, 2012
Pessimism over FISMA Deadline Starts at the Top, Survey Finds"Other companies to watch in this sector include website vulnerability company WhiteHat Security Inc. and RedSeal Networks Inc. which combines vulnerability data with network access data to provide a picture of the overall health of a network, rather than pinpointing particular holes."
|
|
Dow Jones | January 03, 2012
Cyberthreats Evolve, Start-ups Responding"Everybody agrees that this is the right thing," said Mike Lloyd, chief technology officer of RedSeal Networks, which sponsored the survey in which some 64 percent of respondents said that continuous monitoring and the security metrics it provides will improve IT security status. 'This clearly is a technical problem.'"
|
Federal News Radio | December 23, 2011
Agencies Struggle with Continuous Monitoring Mandate"People are aware of the objectives, but when you map it down to practical technical concerns, people don't even agree on which technologies they will do the continuous monitoring in," said Mike Lloyd, CTO of RedSeal Networks. "There doesn't seem to be agreement that what we need to do is get, what those with a military background would call, situational awareness. We understand we need the situational awareness, but it is not a well settled question how to do that. These environments are extremely complex."
|
|
Dark Reading | December 21, 2011
7 Housekeeping Duties For Better Database Security In 2012"The databases that exist today have ultimately been designed to allow the easiest access from a multitude of devices and places. In many people's minds, they think you need to access a server with an application running on that, and that there is a measure of safety for the data sitting underneath the application because the application is secure," says Dr. Mike Lloyd, CTO of RedSeal Systems. "But your database is sitting out there, and, in many cases, when it came out of the box, it came configured to be connected to the Internet."
|
|
eWeek | December 21, 2011
Hackers Stole Emails From Employees in Chamber of Commerce BreachModern IT infrastructure can be very "porous" and it's difficult for security teams to "understand it all," Mike Lloyd, CTO of RedSeal Networks, told eWEEK. The Journal report highlighted "significant out-bound holes" as it appears the infiltrators were able to "exfiltrate" the data they found, Lloyd said. Most organizations build some defenses against in-bound attacks, but very few effectively know how to control out-bound traffic, he said.
|
|
TechNewsWorld | December 16, 2011
Power Grid Cybersecurity: Who's In Charge?"When it came to protecting clients in a number of instances, the advice from vendors was to unplug the SCADA solution from anything connected to the Internet or any public network," said Parveen Jain, President and CEO of RedSeal Networks. Still, "it's a big problem where you have old systems, sometimes unresponsive vendors, limited resources and yet [a technology that's] a tremendous source of risk to almost everyone."
|
|
Dark Reading | December 14, 2011
Study: Most Federal Agencies Uncertain About Meeting FISMA Security Monitoring Deadlines"Interestingly, the senior people that we surveyed -- the people who have the broadest view of the problem -- were the most pessimistic," says Mike Lloyd, CTO at RedSeal, which makes security monitoring solutions. "The people who can see the whole picture are realizing how difficult continuous monitoring is and how much more is still to be done."
|
|
TMCnet | November 16, 2011
RedSeal Networks Raises $10 Million from Investors"RedSeal is one of the most strategic and influential providers on the global security market based on its ability to solve the most acute challenges faced by every large enterprise security organization today, complexity and change," Ray Rothrock, chairman and Partner of Venrock, said. "The constant evolution of security infrastructure makes it nearly impossible for even the best professionals in any organization to maintain the visibility necessary to ensure compliance and critical asset protection, or measure their progress over time."
|
|
Wall Street Journal | November 16, 2011
RedSeal Networks Raises $10 Million in FundingRedSeal Networks has raised $10 million in additional funding from insiders to help companies and government agencies protect their networks against hackers, VentureWire has learned.
|
|
Network Computing | November 11, 2011
RedSeal Networks Upgrades Security Intelligence Software Offering"It's a count of activity, of all the processes that your people run that they record. How many times did you change the firewall? How many patches did you deploy? How many times did you update your antivirus signatures?" says Mike Lloyd, CTO for RedSeal. "The problem with this approach is that you're measuring your busy-ness, not your business."
|
|
Dark Reading | November 09, 2011
Product Watch: New RedSeal App Lets Enterprises Benchmark Security Risk, Attack Surface"Concepts like attack surface and overall risk can be very difficult for security to explain to top management, much less measure," said Dr. Mike Lloyd, CTO at RedSeal. "We're giving them some tools to help do that."
|
|
Dark Reading | October 24, 2011
Despite Stiffer Reporting Requirements Many Agencies Still Slow To Implement Continuous Monitoring"The move to monthly reporting was [former federal CIO] Vivek Kundra's effort to make it impossible to do security reporting as a bureaucratic exercise," says Mike Lloyd, chief scientist at RedSeal Systems, which makes security monitoring tools. "If you're doing it monthly, you can't do it with people pushing paper. He was trying to make reporting difficult enough to force agencies to move to automation."
|
|
Tech Herald | October 17, 2011
Security Teams Left in the Dark by Current Technologies and PracticesCan anyone be blamed for feeling like this? It seems like there is a new breach or incident reported in the news each week. Yet, most of the automated attacks are preventable. Technologies and policies that assess code development, user and process enforcement, and traffic analysis are all helpful when addressing these types of threats.
|
|
SearchSecurity | October 13, 2011
IT Security Pros Acknowledge Network Security Weakness, Configuration Issues"Security professionals all agree we are losing this war," said Mike Lloyd, chief technology officer at RedSeal. "This is not only a startling conclusion, but it's also interesting that security organizations are actually admitting this."
|
|
Dark Reading | October 13, 2011
Many Security Pros In The Dark About Their Own Environments, Study Says"On the one hand, it shows that, as an industry, we are growing up -- we're willing to admit we don't have all the answers," said RedSeal CTO Dr. Mike Lloyd. "On the other hand, it also shows that it's time for many organizations to wake up and smell the coffee -- they don't have some of the information they need to build a comprehensive defense."
|
|
CSO | October 12, 2011
You Just Can't Win When The Bad Guys Have Cooler Toys"Consistent application of network security controls across even medium sized networks has transcended human ability," RedSeal CTO Dr. Mike Lloyd said. "For many years there's been the notion of an arms race between IT security professionals and attackers; what this survey proves is that the good guys understand they're facing a truly daunting task to keep up."
|
|
Dark Reading | September 23, 2011
Sound Database Security Starts With Segmentation"If you cannot keep the "crown jewel" servers up to the minute with the latest patches, then you have to put these most critical assets inside a "zone" to defend them," said Dr. Mike Lloyd, CTO of RedSeal Systems. "This can be called the 'Boy in the Bubble' security model -- you have to secure these most sensitive machines, using an internal perimeter because patching frequently isn't an option."
|
|
Dark Reading | August 29, 2011
Unifying Compliance Initiatives To Make Budgets Last"Of course the response to that is to unify your controls. Look at the set of audits you have in place, about what they have in common, pass that once, and use the same report over and over," says Dr. Mike Lloyd, CTO of RedSeal Systems. "This doesn't come cheap, it takes effort to do this but it can be done."
|
|
Dark Reading | August 26, 2011
Web-Searchable Databases An Increasing Security Risk"Blaming Google for this is really getting it all backwards," said Dr. Mike Lloyd, chief technology officer at RedSeal Systems. "Google just makes it clear that there is a problem. If you left the door unlocked on a store room for years and then Google Maps came along and put a photograph showing there was no lock on the door, the fact that the photograph went up isn't the problem. The problem was that the door was unlocked for years."
|
|
USA Today | August 23, 2011
Hacking exposes large caches of personal data"With the addition of indexing data that is accessible via FTP, hackers can now identify wide-open FTP sites that may contain sensitive data or can be used to leapfrog to other machines on the company's internal network," says Tom Rabaut, RedSeal analyst. "Also, Google offers the ability to restrict searches to a single domain which will make it easier for hackers to limit their data mining to only target companies."
|
|
Security Week | July 20, 2011
RedSeal Systems Names Parveen Jain as CEO"Security professionals in organizations of all sizes are tasked to defend against escalating threats despite shrinking budgets. Addressing the complexity of today's networks and attacks requires the intelligence and operational insights that RedSeal uniquely delivers, along with the opportunity to optimize security spending," said Ray Rothrock, Chairman of RedSeal's Board of Directors. "Parveen will drive RedSeal to even greater success by providing organizations with the products they need to improve their network defenses and prevent the data breaches that dominate today's headlines."
|
|
Dark Reading | July 18, 2011
Enemy At The Loading Dock: Defending Your Enterprise From Threats In The Supply Chain"It's been about: I need to connect to this business partner, then that business partner, then that business partner, and then all the sudden, your great castle of defenses has a whole wall missing, because you have this wide path out to all these extranet partners," said Dr. Mike Lloyd, Chief Scientist at RedSeal Systems.
|
|
eWeek | July 15, 2011
Marine General Calls for Stronger Offense in U.S. Cyber-Security Strategy"The government agencies haven't gotten to that point of awareness yet," said Major General John Casciano. "We keep saying the same old things, senior officials are giving the same old briefings and we are not further along solving the problem."
|
|
eWeek | June 21, 2011
U.S. Congress Wants to Make Hacking Government Networks a Felony“The “emphasis on cyber-security by the Administration and Congress is commendable,” but progress has been practically non-existent, as the country hasn’t really moved forward towards enacting a comprehensive cyber-security law, said Major General John Casciano, an adviser on government security issues to security software producer RedSeal Systems. “We are not further along solving the problem than we were 20 or 25 years ago,” Casciano said.”
|
|
SC Magazine Product Review | June 01, 2011
RedSeal Network Advisor & Vulnerability Advisor 4.2"Strong integration, nice best practice and downstream impact capabilities. Very useful risk map with great visualization for the security team."
|
|
SC Magazine | April 20, 2011
Script kiddies take over from criminal 'masterminds': Verizon study"When attackers are using automated scripts, to a large extent, they don't care who you are. They care about what you have, and they are coming for you."
|
|
Dark Reading | April 20, 2011
Continuous Monitoring Still A Long Way Off For The FedsWith a federal agency deadline for Federal Information Security Management Act (FISMA) compliance reporting through the new automated CyberScope tool already five months past, many security experts believe the government still has a long way to go in its quest to establish standards and implement continuous monitoring across the board."
|
|
Dark Reading | April 19, 2011
Verizon Data Breach Report: Bad Guys Target Low-Hanging Fruit"If you look at the [Verizon report], you see that most attacks were not targeted at a specific company, but were designed to find the enterprises that were most vulnerable. Ninety-seven percent of the breaches could have been avoided by using simple controls."
|
|
Dark Reading | March 30, 2011
Searching For Security's Yardstick“If security is about prevention of leaks and attacks, then, what metrics should security departments show their bosses to prove that they are doing their jobs well?”
|
|
SC Magazine | March 28, 2011
Rise in federal cyberattacks partly due to better monitoring“The government is facing more sophisticated, targeted attacks launched for the purpose of cyberespionage. We should be worried about the attacks we are not detecting.”
|
|
Martin McKeay, Network Security Blog | February 14, 2011
NSP Microcast: Interview with Dr. Mike Lloyd at B-Sides SFDr. Mike Lloyd from RedSeal gave one of the opening talks at this year’s Security BSides San Francisco and through a series of unfortunate events there was no stream of his talk nor did it get recorded. But since I was scheduled to talk to him today anyway, heres a small taste of what his talk was like.
|
|
Threatpost | February 14, 2011
Common Security Mistakes Can Lead to Major Compromises“Security is hard and getting it right all the time is nearly impossible. But many of the mistakes that people make are simple, avoidable ones that can lead to serious intrusions and major network compromises.”
|
|
CSO Online | January 28, 2011
Telecom infrastructure faces daunting risks, TATA CSO says"Finding every potential configuration problem and vulnerability on our network is simply too big a job for human efforts alone. RedSeal took that whole process out of the equation and automated everything."
|
|
Information Week | January 14, 2011
CIA Invests In Secure Virtualization, Infrastructure Monitoring"The technology keeps IT administrators apprised of up-to-date security status information they can use to make cost-effective, risk-based decisions about IT systems, according to In-Q-Tel."
|
Dark Reading | December 23, 2010
Why Don't Firewalls Work?"Even the best firewalls might fail an audit -- or get hacked -- if your enterprise doesn't follow proper change and configuration management practices."
|
|
nextgov.com | December 17, 2010
Analysis: Cybersecurity's Double-Edged Sword"In the dynamic and ever-changing networks in which agencies operate, continuous monitoring simply can't be performed manually; it must be supported by software that provides powerful new weapons for defending against and thwarting attacks."
|
|
Federal News Radio | December 02, 2010
Does this audit make me look fat?"It's that time of the year for audits under the Federal Information Security Management Act (FISMA). But will your audit make your agency appear bloated with risks?"
|
|
Dark Reading | October 14, 2010
Security's Risk And Change Management Tools: Drawing A Picture Of Security Posture"It's a question that business executives love to ask -- and IT people hate to answer. "What's our security status?" If you've been around IT security for more than a week, then you know there's no definitive, empirical way to answer that question. Recently, however, some large enterprises have been getting a little closer to providing some metrics for security posture, using an emerging class of products that is coming into its own."
|
|
Network World Review | July 12, 2010
Firewall Operations Management"Overall, we were most impressed with RedSeal and Skybox, which cover all the basics, plus have the added benefits of being able to support multiple vendor vulnerability scanning products, which can calculate the network's risk scores and run vulnerability analyses on your whole network."
|
|
The Armed Forces Journal | June 01, 2010
Navigating the fog of cyberwarfare"The only hope for clearing the fog of cyberwarfare is to bring to bear automated systems that continuously monitor security posture and provide risk-based situational awareness to decision makers."
|
|
SC Magazine Product Review | May 18, 2010
SC Magazine Product Review - 5 Stars"A very nice operational risk solution that has everything needed to take control of security posture management."
|
|
Network World | May 12, 2010
Firewall audit and big-picture risk assessment"In a perfect world, everyone would have a tool like this."
|
|
SC Magazine Product Review | February 02, 2010
"This is enterprise-wide security peace of mind in a box.""This product solves a major problem for large enterprises: visibility of the enterprise's actual security configuration."
|