Network Critical - The Window to your Network

The New Battlefield: Cyber Space

Cyber warfare is real. It is happening now. In fact, while you are reading this blog, government and corporate cyber resources are under attack around the globe. Here are a few recent examples:

Department of the Navy - Hacked through contractors emails. 134,000 sailors have had their personal information and social security numbers stolen. This information will likely be sold for the purpose of identity theft. This is not just stealing information to make credit cards and buy stuff on a fictitious account. This hack is more. This is cyber warfare. This hack is compromising the families and distracting the focus of service men and women in the Navy.
National Security Agency - Hacked by the Shadow Brokers. This group actually hacked a hacking group within the NSA called the Equation Group. According to Kaspersky Labs, the code that was leaked by Shadow Brokers is used by Equation Group for its own hacking and decryption operations. This is real spy vs spy stuff but it is all done behind the cyber curtain. Today it is code vs code.

People’s Liberation Army Unit 61398 is a division of the Chinese military that is dedicated to hacking corporations and governments around the world. A report by computer security firm Mandiant provided detail on this organization and, after many diplomatic denials, the Chinese government actually confirmed the existence of the group.
The CIA and FBI have confirmed that Russian hacking groups have been very active in trying to influence the outcome of the 2016 United States election. Congressional investigations are being organized to gather more detail on the scope and influence of these efforts.

Following is a quote from former US President Obama on the subject: “America’s economic prosperity, national security, and our individual liberties depend on our commitment to securing cyberspace and maintaining an open, interoperable, secure, and reliable Internet. Our critical infrastructure continues to be at risk from threats in cyberspace, and our economy is harmed by the theft of our intellectual property.”

Cyber warfare is our biggest threat today. It is more effective than blowing up buildings and roads. It is more effective than killing and capturing opposing forces. It is the warfare of the 21st century. It is warfare that captures minds and hearts, not just bodies. The new bombs are fake news, leaked emails and violent propaganda. The United States spends hundreds of billions of dollars on new fighter jets, bombs and automatic weapons. Yet, the Marine Corps database, managed on contract with HP, was not secured. This is what allowed SQL injection breach to the Marine Corps Intranet by the Navy hackers noted above.

The latest budget proposal from Obama significantly increases the federal spend on cyber security to $14 Billion. While this is good news, the United States cyber security spend is still a tiny fraction of the overall military budget of almost $600 Billion. Imagine the future potential if the military budget included $2 Billion dollars of scholarships to West Point and Annapolis for promising students to study cyber security and cyber warfare. Imagine the potential of funding $1 Billion in research into cyber warfare initiatives. These should be the budget priorities of the future.

For the time being, however, it is also important to recognize and act on the urgent need for vigilant management of network security profiles, continuous training, and permanent monitoring and management with tools that are available now.

Tapping links and utilizing Firewalls, Intrusion Prevention Systems (IPS), Data Loss Prevention (DLP) and other threat landscape reduction tools are a promising start to deterrence of debilitating breaches from foreign governments as well as domestic hackers. Packet Brokers are capable of providing simplified connection of multiple security tools. These devices allow mapping of data flows to specific tools and provide fail-safe protection to the network in case one of the security tools goes off line. Further, tools may be connected redundantly for maximum security without compromising network availability.

Cyber warfare is the new battlefield. It is quiet but effective. It is hidden from public view but very much a public threat. We have some good tools to fight it now but must up our game for the future. Military investment must maintain our traditional fighting forces but must also support a rapid transition to fighting a new type of war.


Posted: 21/02/2017 16:54:58 by Network Critical with 0 comments

Why Network Critical Loves RSA


The first full day of exhibits at the RSA Conference opens on February 14, 2017. There will be many very smart men and women roaming the aisles, talking to experts and learning about the latest advancements in cyber security. Network Critical will once again have a presence at the show talking about TAPs and Packet Brokers, the window to network traffic inspection, analysis and protection.

Before we get into the technical stuff, however, I will remind you to be sure to call home this evening! I know that it is easy to get wrapped up in the planning and excitement of the event but February 14 is also Valentine's Day. Your spouse, significant other, better half, partner…someone who loves you…is likely at home helping kids with homework, cooking and taking care of home-oriented business. It can sometimes be tough being on the road at certain times but it is also tough taking care of things at home when your loved ones are gone. So, send flowers and call to say thanks for taking care of things while I am away and I LOVE YOU.

This brings us around to thinking about why we love RSA. There are a lot of trade shows around the globe all year long. RSA, however, is uniquely focused on cyber security and it is located in the global heart of cyber technology. The Silicon Valley is birthplace of solid state technology, The Intel 8080, ARPANET, Internet, the Mouse, GUIs, Ethernet and many other technological firsts.

So, now here we are at the RSA Conference, where the world talks security. A few of the seminars available include Securing the Converged Cloud, Advanced Information Risk Practices, Ransomware, Security Foundations and many more. One of the speakers on the Monday agenda will talk about Analytics, Intelligence and Response which brings us to the actual point of this blog. Why does Network Critical love RSA?

When we talk to security engineers, network managers, IT directors we hear that they are interested in learning more about advances in TAP and Packet Broker technology. It is not that they have never heard about TAPs. It is not that they are not up to date on the industry. It is often that they do not associate TAPs with cyber security. Many believe TAPs are physical. TAPS are for testing. TAPs are for diagnostics. TAPs are for trouble. This is all correct but TAPs are more.

Many security experts still do not recognize the importance of permanently connected, fail safe visibility for all security appliances. So, here at RSA, we get to share this important message…TAPs are for security. TAPs are non-invasive. TAPs are safe. TAPs help security tools operate more efficiently. TAPs are simple to deploy. TAPs are not very expensive. TAPs are the foundation of your security appliance platform.

We are surprised when we hear that many think that Packet Brokers are the same as TAPs. While some Packet Brokers can have integrated TAP functionality, their primary function is different. Packet Brokers add efficiency and simplicity to more complicated networks of security appliances. They also contribute to the efficiency of connected appliances as well as the reliability of the networks they serve. Packet Brokers are security appliances. Packet Brokers provide the foundation for building a robust security, analysis and performance appliance stack in more complicated networks.

Being at RSA and being in the heart of the Silicon Valley, gives us the opportunity to meet, educate and advise industry experts who will be driving internet security practices for our industry. From the early conferences at Stanford University to the much larger current events at Moscone Center, RSA has always been a conference focused on idea exchange and education over promotion.

We look forward every year to the RSA Conference for the opportunity to share best practices about utilizing multiple specialized appliances for robust, high availability network protection. We look forward to learning from others at the RSA conference so we can continue to improve our contribution to cyber security. For more information or to schedule appointments with our technical experts at the show visit www.networkcritical.com/contact-us.

Posted: 14/02/2017 17:14:30 by Network Critical with 0 comments

Yin and Yang of Buying and Selling


Heat and Cold. Male and Female. Dark and Light. Buying and Selling. Masculine and Feminine. These are all opposing forces of nature. In Chinese philosophy, however, Yin and Yang, which represents these opposing forces, are not exclusively oppositional. There is interaction, interplay and interchange between the two. Although they are in opposition of each other, they are also complementary of each other.

The masculine and feminine, for example, are opposites but they also need each other. The differing qualities of each, compliment each other and are necessary for each to become whole. Buying and selling is prime example of the Yin and Yang of business. The buyer has a need and the seller has a product or service to fulfill that need. There is interplay between the parties. If the proper balance is achieved during negotiation, the buyer receives value from the purchase and the seller receives currency in return.

Many think of the buying and selling relationship as adversarial. When approached correctly, however, it is actually complimentary. Just as the Yin and Yang interact and interplay, the key to a proper buyer and seller relationship is education, interaction and communication.

Buyer, Know Thyself - Being prepared for the process is critical to the buyer. The thought that the buyer should just call a sales person and learn everything he needs to know from that single interaction could be a costly shortcut. The sales person may enjoy that interaction because it potentially gives him the upper hand in creating a scenario that best fits the product he has to sell. The sales person can direct the conversation and influence the buyers position on the key requirements of the buyer. In fact, it is the responsibility of the buyer to know and prioritize his specific requirements prior to the sales conversation. This allows the buyer to better understand how the product that the sales person is presenting fits the buyers actual requirement priorities.

It is also desirable for the buyer to do some preliminary research on potential solutions prior to engaging the sales person. By investigating options from competitive companies, the buyer will have a better understanding of which solutions may be the most beneficial for his particular need. Then, when meeting with representatives from the prospective providers, the buyer will be in a better position to probe about strengths and weaknesses of the various proposals.

Seller, Listen Before You Talk - Taking a quote from Covey Leadership Center’s book about the habits of highly effective people, “Seek first to understand, then to be understood.” Many sellers start right off with a detailed presentation of their product and all the wonderful features that it contains without first asking the buyer about his primary needs. The buyer should actually be doing most of the talking during the first part of the presentation. The seller should be questioning and listening and understanding the needs of the buyer.

More experienced and expert sales representatives may even probe to understand non-product related potential buying motivations. Beyond product features, there may be undertones of politics, job preservation, brand loyalty or other emotional forces at play.

Finally, understand why this purchase is important to the prospective buyer. This question is key to focusing the presentation. The list of features is your menu. No one goes into a restaurant and orders everything on the menu. The sales rep needs to understand what menu items will satisfy the hunger of the buyer and match the meal to the hunger.

Yin and Yang are interactive. Buying and selling are interactive. The most productive business relationships develop around the cooperative interaction between the educated buyer and the interested seller. Obviously, there are many more details and complications in every business interaction. Both buyers and sellers learn with experience and training how to best navigate these relationships. Understanding the basic Yin/Yang philosophy, however, is a great foundation for developing beneficial relationships between vendors and customers.

Posted: 03/02/2017 13:52:39 by Network Critical with 0 comments