Blog

Cyber Security Predictions and the Industrial IoT

Starting a new year it is always interesting to read the industry experts predictions. One such article was published by TechRepublic who asked cybersecurity experts for their predictions...

Why Cyber Defense Automation is Needed

Cyber-attacks are a daily occurrence and the attacks as a whole are unrelenting. Day after day, hour after hour, our IT systems, both enterprise and personal, are probed, scanned and attacked...

Cyber Security in the Third Wave of the Internet

The first wave was about building the Internet, the second about building services and connecting devices. The third wave is all about connecting everything and stopping the bad guys. So what does this mean for security?

Cyber Security in the Age of a Presumed Breach

Every day we are reminded how vulnerable our information systems are to cyber-attacks. Massive data breaches have become routine and recent notable cases include the legal, banking, government, industrial, media and healthcare industries.

Dynamic Network Segmentation using Identity

Network segmentation is a best practice that is increasingly impractical to implement and maintain in large corporate environments. A new approach to segmentation is to apply identity-based access controls at the network transport layer to dynamically segment networks by blocking or allowing network connections.

BlackRidge Defensive Behavior for Common Attack Scenarios

BlackRidge addresses key aspects of an attack chain, from stopping scanning and reconnaissance to preventing unauthorized access to systems. First packet authentication of network sessions enables identity attribution prior to allowing access to network resources, providing unique and timely data to SIEM and analytic systems.

Experts say Hackers are also winning with APIs

While APIs are a significant source of breaches, there are other ways to ensure better security when using them. BlackRidge Transport Access Control is a technology that works at the TCP network layer by enabling First Packet Authentication, which in turn, keeps intruders from knowing where critical resources are on the network.

A New Dynamic Security Model for NFV and SDN

So what is up with BlackRidge and Network Function Virtualization (NFV) and Software Defined Networking (SDN)? We recently participated in the announcement of the Ciena Agility Matrix NFV solution for service providers and their enterprise customers.

Adopt New Cyber Defense Technologies Now

Why are computer systems being attacked? Because the attackers believe that their attacks will succeed and succeed with little risk of retribution. This is the current dynamic. From a strategy perspective, it often looks like the attackers have the upper hand

Cybersecurity Paralysis as a Dunning-Kruger Problem

Legend has it that 19th century laws in the midwest stipulated that if two trains arrived simultaneously at a crossing on intersecting tracks, neither should proceed until the other had gone ahead.

What’s more exciting than validating 100GbE performance?

We announced the success of our 100G Gateway demonstration done in in an independent, third party lab, the CTE Lab at the Quality Technical Services (QTS) facility in Sandston, VA., externally monitored by QTS and i2 Sentinel Associates.

Rising Data Breach Summary Proves More Protection Needed

You are probably astounded by the seemingly endless barrage of cybersecurity data breaches being reported. This is not just your imagination.  In fact, according to the ID Theft Resource Center (ITRC), 2013’s tracked breaches are up 30% over 2012.

Evaluating and Measuring Network Risk

Despite best efforts to secure and maintain trust on increasingly perimeter-less networks, it is difficult to maintain across network borders, especially in cloud environments, nor can it be sufficiently established with all the various devices accessing these services. These conditions and factors all contribute to the increased complexity and expense of being able to quantify and assure an acceptable level of business risk.

Who Is Watching You?

Are you being monitored?  No, this question isn’t about watching and monitoring you, the computer user; rather it is regarding the Internet and digital properties.  And the answer is, yes! Your networks and network resources can and are being scanned and monitored by botnets, malware and other organizational evil-doers. 

Comparing BlackRidge TAC vs. Port Knocking

We are occasionally asked if BlackRidge Transport Access Control isn’t just another form of port knocking. While both TAC and port knocking provide forms of authentication before allowing network packets to proceed, the similarities end there. Continue reading to learn more.

Securing BYOD

The explosion of mobile devices upon our everyday world has meant unprecedented security challenges for IT organizations, both qualitative and quantitative, especially in the context of BYOD. BlackRidge offers a solution, based on our patented Transport Access Control technology and mobile technologies can interact to enhance and extend the security posture of collections of mobile devices.

Security Industry at an Inflection Point

The security industry is at an inflection point, where the explosion of mobile and cloud computing is now outpacing the fortress-style model of security (perimeters and defense-in-depth), and attackers have increasingly larger attack surfaces with more resources at their disposal.

Is Identity the New Perimeter?

A recent Dark Reading article conceptualized ‘Is Identity the new Perimeter? BlackRidge agrees with the premise of the perimeter-less enterprise, and with using strong identity to establish trust. To take the argument further, trust needs to be established end-to-end, starting with a device, and be inclusive of all of the underlying resources being accessed and used.

Cloaking Cloud Resources

Cloud initiatives continue to gain traction across every industry and every company big or small. The administrators of these cloud solutions are faced with new challenges around network addressing and accessibility all while focusing on how to securely protect the cloud resources in this new elastic environment.   

Solving The Cyber Security Crisis

The cyber security crisis has dual root causes: insecure technology, and wishful thinking. We have become fiscally committed to technologies with inherent lack of protections: society is so completely dependent on them that they cannot be supplanted by secure alternatives for any rational amount of money.

Ready, set, go

Lights, camera, action! Get ready, get set, go! Ready, aim, fire! There are many statements that convey the expression of movement, or a march. In these expressions the first command is the signal, the second command is the alignment and the third command is the result.

A Cloudy Déjà vu

Last week we attended the RSA Conference Europe held in London. The conference had record attendance, with attendees coming from every imaginable Western and Eastern European country, and a significant contingent from even further afield. Cyber threats and security were a major conference topics.

Trend Setting

My whole career has been about innovating, prototyping, developing and launching new technologies. Earlier this year, I decided a new perspective was in order and now I spend my days with fellow technologists and their innovations.

Definition: Identity Domains

A few years ago, data centers were actually places you would visit, walk around and physically touch servers, storage and networking gear.  Not to mention, who doesn’t love seeing a refrigerator sized (or bigger!) uninterruptible power supply (UPS) sitting proudly and in wait on a raised floor.

A Connected World

Unlike the land, sea, air and space where the laws of physics do not change, cyberspace is a man-made creation that continually changes and evolves - operating securely in this kind of environment requires that we properly manage a wide variety of disciplines.

What’s Yours is Mine!

While working within the security community, we have learned that the universe of security can be described by certain laws, much as the physical universe is described by certain absolute statements. One of the classic articles of computer security came from Microsoft in an era when security was not their strong suit.