Bayshore SecurityView

It took Detroit almost 20 years to fix their quality problems….how long will it take the largest security vendors to do the same?? Last week it was RSA, this week it’s McAfee…

The biggest security vendors are facing very serious credibility issues with their customers. We know and have been saying Layer 3 security products from incumbent security vendors simply don’t work for customers…it is becoming clear that the same products that generate billions of dollars of revenues for the incumbent security vendors are useless in defending security vendors’ own networks!!! So, what have they been selling all these years??!!

The $30 billion-dollar cyber security industry is facing its biggest credibility test. As an emerging player with the industry’s leading Layer 7 security platform, Bayshore Networks is urging the largest players such as McAfee, RSA, Cisco, Symantec, and Juniper to take a hard look at their security product portfolio and start selling products that can actually secure the networks and applications. Perhaps they can start from their own networks, and deploy Layer 7 security internally.

Detroit finally did it, with a visionary CEO (at Ford) and two government bailouts (at GM and Chrysler). Let’s hope our industry can do much better than that.

Full Network World article here (read more…)

ICS-CERT, Industrial Control Systems Cyber Emergency Response Team (which is under the DHS umbrella) issued security vulnerability alerts that could potentially impact hundreds of thousands of SCADA industrial controllers/sensors at power plants and other civil infrastructure. ICS-CERT went one step further and recommended “Users minimize network exposure for all control system devices. Control system devices should not directly face the Internet”.

Bayshore Networks SingleKey™ Industrial Edition are currently in POC deployment at U.S. government agencies to secure our nation’s critical civil infrastructure. SingleKey™ IE is a Layer 7 firewall custom-built for SCADA environment and can protect the interfaces between IP networks and non-IP industrial control networks. We are working with security researchers, academics, industrial conglomerates, and government agencies to set the initial security standards and best practices to secure industrial control networks. We believe a network-based approach (using SingleKey™ IE Layer 7 firewall) provides the most flexible and scalable architecture to secure the SCADA infrastructure. In contrast, a host based approach (such as the one proposed by McAfee using embedded software on the sensors/controllers) requires software updates on the decade-old controllers/sensors in the field and could create huge headache for the very thin IT staff at the power plants and other civil agencies.
(read more…)