Mr. President, please don’t confuse IT activity with cyber security

by Juanita Koilpillai | Jul 25, 2017 | Blog Posts

Last month, Rob Joyce, President Trump’s Special Assistant, and Cyber Security Coordinator for the White House, discussed the administration’s cyber security priorities. Joyce is tasked with carrying out the initiatives highlighted in President Trump’s recently signed...

TIC Tock … TIC Tock … Today’s security architecture is on the clock

by Juanita Koilpillai | Jul 17, 2017 | Blog Posts

Acting CIO Margie Graves recently addressed increasing challenges associated with Trusted Internet Connections (TICs) that are at the center of agency email and web browsing services employing secure centralized gateways and have been growing in seriousness for the...

Software Defined Perimeter now integrates Yubico YubiKey with Google Account Logins

by Juanita Koilpillai | Jun 26, 2017 | Blog Posts

Innovative security solution to be demonstrated at DHS flagship cyber security event July 11   Software Defined Perimeters (SDPs) are emerging as a key component in a new security paradigm for protecting critical applications and infrastructure. The primary...

Verizon “Black Cloud” Crashes the SDP Party

by Juanita Koilpillai | Jun 12, 2017 | Blog Posts

Software Defined Perimeters (SDPs) are in the news again and Waverley Labs could not be happier. Verizon Enterprise Solutions has launched its new Software-Defined Perimeter (SDP) service that enables enterprise customers to proactively identify and block cyberattacks...

CDM Faces Uncertain Future – But Options Exist

by Juanita Koilpillai | May 15, 2017 | Blog Posts

Announced in early 2013, the $6 billion multi-phase DHS CDM program is focused on securing networks and systems across government. It covers some 169,000 tools and services, and it is managed by the Department of Homeland Security’s National Protection and...

MongoDB is the tip of the iceberg.  Consider new approaches for securing dynamic IT environments.

by Juanita Koilpillai | Mar 21, 2017 | Blog Posts

Over the last few weeks the industry has followed the surge in ransomware attacks against the publicly accessible MongoDB installations. Since January 3, the number of victims has climbed from about 200 databases to more than 40,000. In addition to MongoDB, those...

Mr. President … please Tweet this…

by Juanita Koilpillai | Mar 7, 2017 | Blog Posts

Fixing cyber security requires a paradigm shift   A GCN article by Sean Carberry and Mark Rockwell titled What Trump Means for Government Tech? examined the presidents’ thoughts on improving cyber security. As someone who may have famously benefited from the...

Change the paradigm – Authenticate first!!

by Juanita Koilpillai | Feb 8, 2017 | Blog Posts

Last week I wrote about how the Dyn attack exposed the IoT as a new area of opportunity for major DDoS attacks. In particular, Dyn illustrated how easy it is for misconfigured IoT devices to be compromised and cripple the DNS system. The only true solution requires us...

Is the IoT the Ultimate Delivery Vehicle for DDoS Attacks?

by Juanita Koilpillai | Jan 30, 2017 | Blog Posts

The Dynamic Network Services (Dyn) DDoS attack is the first to widely exploit the Internet of Things (IoT) and puts an exclamation point on the need to fundamentally rethink how we secure IP-based services, applications and infrastructure. Dyn is a domain name system...

ISPs need to step up in the fight against DDoS

by Juanita Koilpillai | Jan 23, 2017 | Blog Posts

GCN recently published an article titled Why ISPs don’t throttle DDoS traffic citing the reason DDoS attacks like the one on Dyn are so effective is because ISPs are not able to identify and block malicious traffic before traffic overloads occur. It’s an interesting...

Security and Compliance is a Two-way Street

by Juanita Koilpillai | Jan 4, 2017 | Blog Posts

As high profile security breaches increase, Chief Information Security Officers (CISOs) continue to come under attack as they are typically held responsible for ensuring their organizations’ security and compliance with FISMA. A new GAO report released Sept. 15...

ULs  Cyber Insurance Should Look to Digital Risk Management

by Juanita Koilpillai | Dec 8, 2016 | Blog Posts

UL’s cyber assurance program (CAP) was recently discussed at OWASP’s AppSecUSA Security Conference in Washington, D.C. Consumers rely on UL listings to certify the safety and reliability of products such as light bulbs, batteries and smoke detectors. UL conducts...

Play offense and defense to win the security game

by Juanita Koilpillai | Nov 28, 2016 | Blog Posts

I want to congratulate my friends at MITRE who were recently recognized as a finalist for the GCN DIG IT Award in the category of CyberSecurity. The GCN Dig IT Awards celebrate discovery and innovation in government IT. MITRE was recognized won for their Adversarial...

Black Cloud (with silver lining) on the horizon

by Juanita Koilpillai | Oct 25, 2016 | Blog Posts

Everyday there are new stories about major security breaches and an ever increasing number of attacks on government and commercial enterprises. And while companies continue to compound complexity by deploying security tools upon security tools, they are starting to...

Software Defined Perimeters Emerging and Proven to be “Impregnable”

by Juanita Koilpillai | Oct 18, 2016 | Blog Posts

Waverley Labs is pleased to see increasing industry awareness of Software Defined Perimeters (SDPs) as a game changing solution that may have dramatic impact on solving a myriad of IT security challenges. Government Computer News published an article Software-defined...