Red Lambda Blog

Posted In:
IT Security Industry Trends Network Security Cyber Threat Detection Technology

Cybercrime "Merchandizing" Heightens Threat Attack Probability

Posted on September 20, 2016 by Bahram Yusefzadeh, Chairman

(But not Necessarily Data Breach Frequency)

 

It wasn’t long ago when our attention in cybersecurity was focused on the growing sophistication and resources of well-financed, nation state sponsored, cyber attackers. Unfortunately, nothing stays the same very long in the world of cyber threats...

Read More

Posted In:
IT Security Industry Trends Network Security Cyber Threat Detection Technology

Ponemon Survey Says? It’s Time to Rethink Cybersecurity!

Posted on July 11, 2016 by Bahram Yusefzadeh, Chairman

The Ponemon Institute recently released its “2016 Cost of Data Breach Study: Global Analysis” and the report contains good news and bad news. Let’s start with the good news…

 

The report indicates that, “Since first conducting this research, the cost of a data breach has not fluctuated significantly.”

 

With all of the good news out of the way, everything else is pretty much bad news. Let’s hit a few of the high points (or low points, as the case may be.)

Read More

Posted In:
IT Security Industry Trends Network Security Cyber Threat Detection Technology

Early Adopters Will Lead the Way Into a New Cybersecurity Era

Posted on June 20, 2016 by Bahram Yusefzadeh, Chairman

Having built and brought a company public in the banking software space with technology that, at the time was considered a brash, supposedly unproven platform on which to run financial institutions, I’m well aware of the classic bell curve for the adoption of new solutions. Just like the introduction of any new disruptive technology to the market, there are always the innovators and early adopters, followed by the early majority, late majority and of course, the laggards.

 

One might believe that in the cybersecurity space, with such a heightened sense of urgency in trying to address the global challenges we are facing in this arena, the adoption rate for fresh, next generation solutions might be accelerated.

 

Unfortunately, the well-known bell curve still holds true. Some of the same approaches I saw take place in the banking industry are alive and well in the IT security space.

Read More

Posted In:
Network Security Cyber Threat Detection Cybersecurity Technology

Bangladesh Bank Cyberheist: Caught by a Typo, But Not Soon Enough

Posted on June 03, 2016 by Bahram Yusefzadeh, Chairman

When Cyberheist Fiction and Reality Merge

 

The attempted theft of nearly a billion dollars from Bangladesh’s account at the New York Fed reads like something out of the movie Ocean’s Eleven.

 

The thieves were definitely as brazen, bold, and audacious as the characters in the film. As details continue to emerge, it appears the heist involved:

  • Widespread, undetected malware infiltration
  • Weeks, possibly months, of planning
  • Laundering stolen funds through casino chips
  • The orchestration of multiple people, parties, and money transfers all working in tandem
  • An exploitation of international weekend differences
  • Widespread, pervasive communication failures between banks
  • The possible involvement of Pakistan’s intelligence service?

In the end the thieves made off with an astonishing $81 million, one of the largest cyber thefts on record. But even with this astronomical amount, bank officials can take some solace knowing it could have been much worse. If the nearly 35 fraudulent requests to move money had all been approved, the amount would have totaled $951 million.

Read More

Posted In:
Red Lambda Network Security Cyber Insurance Data in Motion Cyberthreat Detection Cyber Threat Detection Technology Cybersecurity insurance APTs

The Best Cybersecurity Insurance is Better Technology

Posted on March 21, 2016 by Bahram Yusefzadeh, Chairman

Today, there are many insurance options available for protecting organizations and their top executives against litigation. These include director and officer (D&O) insurance, errors and omissions (E&O) insurance which is sometimes called professional liability or malpractice insurance, and employment practices liability insurance (EPLI).  Newer on the scene is cybersecurity insurance.  When you add this to the mix, the confusion mounts.  With all its complexities and the evolving risk, cyber insurance makes it even harder to understand what is covered and who is protected in the event of a breach.

 

One thing we do know is that the risk to your company’s directors and officers is very real. If you hold such a position, the threat of cybersecurity has no doubt made your position more vulnerable to personal exposure than ever before.  Today, top executives can be held personally liable based on what they did or didn’t do to prevent or respond to the cyberattack, and suits can be filed by employees, shareholders, customers and even third parties.

Read More