Thought Leaders in Cyber Security: Ray Rothrock, CEO of RedSeal (Part 3)

Ray Rothrock: We have three factors that determine a number. The number is like a Personal Credit Score. It ranges from 350 to 850. We crunch those numbers with our proprietary algorithms, and we give you a metric on the piece of the network that you’re interested in. There are three things that go into that. Number one, is that the configuration files should be in good shape. There are best practices. There are all kinds of things we can look at the equipment to say, “You’ve got this properly configured.” The other thing is the vulnerabilities. Do you have hosts on your network that are at risk of being attacked based on where they sit on the network? The third is what you don’t know. This is what gets everybody’s interest.

When our software runs, we always find equipment, routes, and other pieces of the network that nobody knew existed. They were designed by somebody years ago and were long forgotten. We’ll show routes. It’s what you don’t know that will hurt you.

Those three factors combine into a scale. We tell you that number. Suppose, you’re the CEO of a good sized company. You run your RedSeal over the weekend. By Monday morning, let’s say, you’ve a score of 758. Then you run it again next week, and it’s a 658. That’s worse. Something changed to make your network more risky. You don’t have to understand cyber security, zero-day attack, or antivirus. It just changed, which indicates that something is wrong.

Likewise, if your score is 758 and it goes up to 800, then you know, you’re seeing something good. We measure that. It’s called a resilience score. It’s pretty popular. We’re already starting to get data from our customer. We just introduced this in July and it’s rolling out now. We’re getting some pretty interesting measurements from the marketplace. Some networks are as bad as 100 and some networks are as good as 825. It’s pretty interesting data.

Sramana Mitra: That’s quite fascinating. You quoted a number. You quoted 5,000 devices as a big number. I’m curious. Are we talking edge devices included, or are we talking about the routers?

Ray Rothrock: We’re talking about everything, anything that routes traffic. Cisco has about 80,000 devices. 80,000! Think about that.

Sramana Mitra: I expected a number like that when you’re talking about large companies as opposed to 5,000.

Ray Rothrock: This is the number of devices that runs in the network.

Sramana Mitra: That’s what I was asking. You’re scanning the network devices, not all devices.

Ray Rothrock: The host devices — PCs and mobile phones — are layer 2. We see the ratio between network devices and host devices anywhere from 5:1 to 6:1. If a company had 5,000 network devices, we would expect to see 30,000 to 50,000 end points.

Sramana Mitra: That’s the clarification that I was looking for. I got it.

Ray Rothrock: A Southern California company has 342 routers and 6,200 switches. I don’t know what the hosts are. Maybe, another 30,000 or something like that. This is complex. Not a lot of human beings can draw this.

This segment is part 3 in the series : Thought Leaders in Cyber Security: Ray Rothrock, CEO of RedSeal
1 2 3 4 5