Chantilly, VA – October 1, 2019 – Blue Ridge Networks announced today that R. Bruce Fisher has joined its team of strategic advisors.

In his capacity as strategic advisor, Mr. Fisher will work closely with the Blue Ridge Networks executive team to expand its reach in the marketplace and build on the organization’s growing momentum. His experience communicating complex messages to a variety of audiences will be an asset to the organization as it aligns with its goal of expanding its customer base.

Mr. Fisher brings more than three decades of business experience and has a proven track record of leading corporate growth, generating revenue, and developing enterprise value growth. Previously, Mr. Fisher held strategy, business management, and leadership positions at Allied Chemical, now Honeywell, and American Standard/Trane. He then joined the leadership team of Ingersoll Rand after its acquisition of Trane.

Most recently he has worked to support business growth through various positions, including as a partner in a private equity group, an advisor to a broad range of public and private firms, and a board member for several start-ups and non-profit organizations. In addition to his successful business and leadership experience, Mr. Fisher holds a BA from the University of Virginia and an MBA from the College of William and Mary, where he is a board member of the Mason School of Business Foundation.

“We’re delighted Bruce has joined the Blue Ridge team and are confident that he will bring a fresh perspective and unique ideas to support our emerging growth,” said John Higginbotham, CEO of Blue Ridge Networks. “With a diverse industrial enterprise background and extensive senior executive experience, Bruce will be an asset to our advisory board as we accelerate our market presence for protecting critical infrastructure.”

ABOUT BLUE RIDGE NETWORKS, Inc.
Blue Ridge Networks is a proven cybersecurity isolation and containment technology innovator delivering network segmentation, remote access, and endpoint cybersecurity solutions that eliminate vulnerabilities to critical network infrastructure and prevent exfiltration of mission critical data.  The company has successfully provided resilient, scalable, and affordable cybersecurity systems, software, and managed services for over 20 years, protecting critical operations of its government and enterprise customers with no reported breaches of its technologies – ever.

Microsoft recently announced that it will officially begin the “End of Life” phase for Windows 7 in January 2020, meaning that it will no longer update or support the OS after that date. Even 10 years after its initial release, Windows 7 is still an incredibly popular OS and is used by millions of people and businesses worldwide. In fact, Windows 7 is still being used on 30.92% of PCs worldwide as of August 2019.

Security is a critical consideration when it comes to the support and maintenance of any operating system and this recent news from Microsoft means that anyone who continues to use Windows 7 may be at a higher risk of being a target for a malicious hack.

Our COO, Maureen Gray, sat down to answer some of the most pressing questions about the End of Life phase for Windows 7 and what you need to know:

What does this mean for businesses who use Windows 7?

Microsoft’s End of Life (EOL) announcement serves as a notification that after January 14, 2020 the company will stop supporting Windows 7 on both PCs and laptops. Most importantly, this means that Microsoft will no longer provide updates or patch security holes in the operating system. So, they will not be responsible for putting out any fixes for vulnerabilities or compatibility issues that emerge. To put that into perspective, Microsoft patched 29 vulnerabilities in April 2019 alone – designating six as critical and 23 as important.

Because vulnerabilities will no longer receive an immediate fix, they can more easily be exploited by bad actors. These hackers will certainly be searching for these vulnerabilities and aggressively targeting any Windows 7 machines within their reach.

Organizations will also need to consider what this means for compliance. The lack of additional security support may cause an enterprise to become non-compliant with security best practices.

Does EOL apply to all versions of Windows 7?

Not exactly. It does apply to Home, Professional and Enterprise, but not embedded systems used in POS and other devices. However, those are moving targets, and some may have already reached End of Life.

(To check if your system is still being supported, visit the Microsoft product lifecycle website.)

What have we learned from past EOL events?

In April 2014, Microsoft ceased security updates and technical support for Windows XP. It was later discovered that hackers waited until after support had officially ended to find ways to exploit vulnerabilities and create chaos for users who hadn’t upgraded to a new operating system.

In the instance of Windows 7, there is no reason to expect that we won’t find the same behavior from malicious actors. That’s why it’s critical for Windows 7 users to initiate measures to protect themselves as soon as possible.

What are the challenges with updating all Windows 7 systems?

For many organizations, upgrading from Windows 7 to a more modern operating system will be more complicated and costly than a straightforward software update.

One of the main challenges that organizations will find is that not all machines operating Windows 7 have the minimum specifications required for Windows 10, so they will need to invest in new hardware. A larger concern is that in-house and proprietary applications that were created to run on Windows 7 may not automatically work on a different OS. This discrepancy is one of the reasons that some enterprises took so long to migrate from Windows XP to a more modern system.

What are the implications if organizations can’t successfully update by the 1/14/2020 deadline?

First and foremost is security. Organizations who don’t take measures to protect themselves after Windows 7 is no longer supported will be much more vulnerable to a breach. Additionally, other applications may also remove support for legacy systems.

However, following the End of Life for Windows XP, Microsoft offered an option for extended support for an extra cost – but it may be a hefty charge for a short-term solution. For those EA and EAS customers who choose to subscribe to Windows 10 Enterprise E5, Microsoft 365 E5 or Microsoft 365 E5 Security by the deadline, Microsoft will offer one year of post-retirement support for Windows 7.

What about Internet Explorer?

Microsoft has stated that Internet Explorer has the same End of Life date as Windows 7, so users will need to adjust to Edge. This could have additional implications for an enterprise’s plug-ins.

This is a lot to process – why should cybersecurity be top of mind?

Endpoints have long been recognized by hackers as a consistent means of accessing an organizations network to do further harm. This news has announced to hackers that there is a significant number of endpoints that will soon be easier to exploit, and they will be at the ready following the cutoff date. The volume of new computer viruses and other malware will increase even more to take advantage of those vulnerabilities, so preparation is critical.

How can Blue Ridge Networks help during this transition?

The extensive and costly investment that many are facing may seem impossible to achieve by the Microsoft issued deadline. While many will meet the deadline, others may fall behind because of staffing restrains or incompatibility with proprietary applications that are needed for their operations. This leaves a window of opportunity for well-prepared malicious actors to take advantage of post EOL Windows 7 users. Rest assured, there is a way to ensure that your organization remains secure without a complete system overhaul before January.

With the use of AppGuard, an enterprise can keep the trains running as usual, knowing that patched or not patched, their PCs are safe from emerging threats. This solution can buy your organization the time it needs to make and execute a plan to migrate endpoints, applications, and browsers to a new OS – without rushing the process or leaving unresolved vulnerabilities.

 

If you have any further questions about the Window 7 announcement, or what it could mean for your business, we invite you to reach out to our team at: sales@blueridgenetworks.com

Retail is not a new target for savvy cybercriminals, yet it’s often regarded as one of the most lucrative and high-profile opportunities for an attack. The Target breach of 2013 clearly demonstrated how just one endpoint vulnerability can give a hacker the access they need to cause serious, often irreparable damage. Since then the threat has not dissipated. In fact, according to the 2018 Thales Data Threat Report, 50 percent of U.S. retail survey respondents reported a breach in 2017.

Due in large part to misconceptions about cost or coverage of existing solutions, many major retail organizations are just not as protected as they should be. In the coming months leading up to the holiday season, retailers will be at their busiest, and hackers will be able to exploit any gaps in the infrastructure. That’s why “right now” is the perfect time to do a comprehensive examination of your security protocols and ensure your systems can meet critical requirements such as:

• Protecting endpoints, such as devices, from zero-day attacks
• Ensuring privacy of cardholder information
• Establishing trusted connectivity across retail locations
• Reducing the scope of PCI compliance audits and risk assessments

The best way to exceed each of those requirements is to deploy Zero Trust protection. In our new case study, we explore the risk to retail organizations who leave themselves vulnerable to today’s most advanced cyber-attacks. We also demonstrate proven methods of safeguarding critical assets and customer data, by leveraging innovative Zero Trust security technology and methodologies.

Job Type: Full-time
Chantilly, VA

Blue Ridge Networks is a cybersecurity pioneer that provides patented network security and endpoint security solutions to a wide range of public sector and commercial customers. We’re seeking a highly motivated Senior Sales Engineer with a self-starter mentality to support rapid growth.

The Senior Sales Engineer will work out of our headquarters based in Chantilly, Virginia and will be responsible for presenting our cybersecurity solutions to a diverse audience. In addition, you will be responsible for creating and delivering demonstrations of Blue Ridge Networks products, gathering customer technical requirements, and ensuring the customer evaluation process is executed to a successful conclusion.

You will work closely with customers and reseller agents as their primary point of contact for feedback and resolution of issues and will be the customers’ advocate for issues that require assistance from management. You will also work closely with the product management team to provide feedback on new feature requests and product enhancements from your customer and channel base and will collaborate with the marketing department to assist with customer-focused sales positioning.

Responsibilities

• Deliver product, technology and/or solution presentations to technical and business decision makers which may include system demonstrations, whiteboarding and Q&A sessions to the client
• Gather, understand, and document the customer’s environment and needs and be able to position how our technology meets their needs
• Design, build, and articulate evaluation criteria for proof of concept
• Manage projects from pre-sale to post-sales
• Work with customer, strategic partners, resellers and Blue Ridge Networks team members to deploy cybersecurity solutions for customers and partners
• Collaborate with marketing and product departments to educate on specific market problems and product requirements
• Assist with updating and creating new demonstrations and lab capabilities
• Maintain meticulous notes of sales activities and record within the CRM

Requirements

• Travel may be required as necessary
• Strong customer relations/engagement skills
• Ability to effectively communicate with a broad range of audiences; from deeply technical to high executive C-level decision makers (sometimes in the same audience)
• Prior experience selling network-based security appliances including but not limited to: Firewalls, SSL/IPSec VPNs, Security Proxies, Web Application Firewalls
• Knowledge of networking topology, TCP/IP protocol, IP Forwarding, Network architectures, and components (firewalls, routers, etc.)
• Experience working with routing and switching products

Technical Requirements

• 5 to 10 years of experience as a Sales Engineer
• BS Computer Science, Computer Engineering, Information Security or equivalent degree or equivalent experience.
• Understanding of FIPS and other certifications
• Knowledge of systems installation, configuration and administration of routers/switches
• Experience selling, demonstrating, installing and troubleshooting network-based security solutions

Desirable Experience

• A clear understanding of TCP/ IP and Layers 1-4 (OSI Model)
• A clear understanding of Encryption
• Relevant industry certifications (e.g. CISSP, Certified Ethical Hacker, etc.) desired, but not required.
• Knowledge of Security designs for industrial control systems, such as PLCs, RTUs, HMIs, and radio and satellite telecommunication, as well as common ICS network protocols, such as Modbus, OPC, and DNP3 a plus, but not required
• A thought leader mentality that is willing to serve as a cybersecurity spokesperson on behalf of the company

Qualified applicants should submit both a resume and cover letter.

Apply

 

Blue Ridge Networks, Inc., is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

Massive industrial operations, from manufacturing plants to energy grids to water management, have recently been targets of cyber intrusions and ransomware attacks. According to a Kaspersky Report, The State of Industrial Cybersecurity 2018, 49% of organizations surveyed experienced an incident or breach within the last 12 months. 64% of those incidents or breaches involved conventional malware/virus attacks, and another 30% involved ransomware.

As more organizations continue to converge legacy control systems and other vulnerable operational technology with information technology, we will continue to see targeted ICS attacks that take advantage of the increased attack surface and wreak havoc through a flat and unprotected network.

One such example occurred in 2017, when Triton malware targeted safety instrumented systems (SIS) at a critical infrastructure firm in the Middle East. The malware was able to communicate with the SIS through the operations network, once inside, the threat actors presumably hoped to control or damage systems, in this case the malware inadvertently shutdown operations.

But an attack isn’t inevitable. Taking the right steps to secure your operational technology and safely enable remote access can save your data, your operations, and even the safety of your personnel. For example, the Middle Eastern firm could have securely segmented their SIS, denying public internet access and cloaking it to the outside world. For any maintenance or monitoring, they could have employed a secure remote access solution that would allow only authorized users to gain access without the risk of bringing malicious code into the network.

In our most recent solution brief, we walk through the traditional approaches to secure remote access and detail why they aren’t enough to keep your organization running safely. We also explain how by utilizing a secure remote access solution, you can safeguard your business and your employees from these malicious attacks and prevent a breach in the future.

Click the button below to download your copy of the Secure Remote Access for Industrial Control Systems brief.

Providing remote access to anyone—vendors, contractors or the most valued customers—can be very risky business, yet it’s often promoted as a way to help shorten unplanned downtime with remote troubleshooting. One means of risk reduction is two-factor authentication technology, which is designed to enable secure connectivity and future-proof breach prevention across an organization.

Cyber-attacks on industrial control systems (ICSs) are no longer a hypothetical. As pieced together by the Wall Street Journal, in 2017, Russian hackers attacked a small construction company, exploiting the organization’s connections with utilities and government agencies. Through an integrator, the hackers accessed computer-network credentials, giving them the ability to get into computer systems that monitor and control electricity flow.

Cyber-attacks are a relentless threat facing your business. According to McAfee Lab’s Threat Report, nearly 500 new cyber threats emerged every minute in Q4 of last year. Considering the increasingly risky cyber environment, is it ever possible to truly know which devices, applications and users you can trust?

As you’ve likely seen in the news – cybersecurity for Industrial Control Systems (ICS) is a hot topic lately, up for much scrutiny and debate. The rising number of attacks on ICS and critical infrastructure proves that the way networks and operational technology (OT) have traditionally been managed is no longer viable.

Since Stuxnet malware was discovered in 2010, and with the number of ICS targeted attacks that have followed, there has been a much-needed industry-wide awakening. Forward thinking companies are looking for ways to protect not only their technology assets, but the welfare of their employees and constituents.

Protecting OT, ICS and SCADA networks is our specialty. We are experts in the kind of attack facing this industry and we have spent years developing solutions designed to prevent hacks before they happen.

We’ve put together answers to a few frequently asked questions about recent industrial-facing cyber-attacks. Have a question that isn’t answered here? We’d love to chat with you about it. Feel free to reach out to the Blue Ridge Networks team at sales@blueridgenetworks.com.

FAQ

Why are Industrial Control Systems a prime target for cyber attackers? 

In the past Operational Technology (OT) systems within ICSs typically ran on proprietary networks, used proprietary equipment, and were traditionally logically isolated, or air-gapped, from IT infrastructure. This made them exponentially more difficult to breach, than widely connected IT networks. While the ‘security through obscurity’ or ‘security by air gap’ way of thinking may have been effective at the time, the convergence of IT/OT has eroded this way of thinking.  Now, as systems have evolved and become increasingly interconnected, attackers have identified them as a viable target.

Industrial organizations represent tremendous economic value and contain high volume transactions. Networks are traditionally dispersed with several service providers accessing equipment and potentially opening backdoors for adversaries to gain access to critical critical infrastructure. The ramifications from these data breaches are much more severe than commercial data hacks. Intent varies depending on the threat actor, but can range from causing a nuisance to operational disruption or outage of power transmission and distribution. In the most extreme case, bad actors could cause physical damage and potentially threaten health and safety and cause serious damage to the environment.

What’s wrong with the way things have been managed in the past?

Even today, ICS networks are typically flat and widely open. They have weak or no authentication in place and don’t encrypt communications. Field sites are often equipped with remote access capabilities to allow vendors and operators to perform remote diagnostics and monitoring, usually over a poorly secured connection. There typically isn’t a single pane of glass view into the varying communications media, protocols, and equipment that are openly communicating to keep operational processes flowing.

Historically, there has not been a great need for specific ICS cybersecurity solutions. OT systems weren’t built with security in mind so typically IT security professionals have recommend simply adding extra tools that would provide minimal cover, and ultimately degrade system performance. Alternatively, they suggested ripping and replacing the entire network architecture to accommodate for new technology and system updates.

These are difficult options considering OT systems are a few decades old, often cannot be patched, and still completely need to be functional for their intended use – not to mention it would be extremely costly and time intensive. This represents the cultural impact of the IT/OT convergence. To properly address ICS cybersecurity, it’s imperative to create a cross-functional cybersecurity team that consists of both IT security staff and control system engineers or operators.

Why can’t critical infrastructure operations, like power grids, rely on intrusion detection, attack signatures, and/or patch management approaches alone? 

Even the best and most widely used IP cybersecurity tools are ineffective for most of an OT infrastructure. For instance, network IDS and even firewalls depend upon detection of anomalous behavior of standard protocols and applications. An OT infrastructure is rife with proprietary operating systems, applications and protocols. Vigorous patch management is widely considered the most effective preventative measure among IT security professionals. But many OT product vendors do not issue patches, and their customers do not demand them, because patching of existing infrastructure can be very disruptive. Imagine this – what would happen if the power company announcing power outages once a week for patch application?

Knowing that bad actors are likely already in our most critical systems, what can be done now? 

To limit the exposure of existing compromised devices, industrial organizations should isolate and contain, or segment potentially infected networks from other uninfected networks to limit their exposure. True isolation and containment coupled with granular access control and session authentication can cut off the adversary’s access to command and control channels, thereby limiting the effects of the attack they were intending to carry out.

CHANTILLY, Va., Feb. 11, 2019 — Blue Ridge Networks announced today that it has been awarded a managed services contract from one of the nations largest public housing authority to bolster its cybersecurity infrastructure with the AppGuard endpoint cybersecurity solution. The organization will be leveraging AppGuard’s zero trust cybersecurity protection to block undetectable attacks without the need for urgent and frequent patching that other endpoint security solutions require. The three-year contract will give the customer access to 7,000 AppGuard Licenses.

AppGuard is the pioneer in zero trust cybersecurity software for endpoints, servers and mobile platforms. With powerful, patented cybersecurity technology, it protects against attack escalations by automatically isolating system processes from dynamic code injection. Security controls apply to all of an application’s processes, eliminating the need for policy updates. With an ultra-light footprint, AppGuard allows for normal application or utility usage, while simultaneously blocking known and unknown malicious actions. The solution doesn’t require attack detection, cumbersome scanning, or disruptive updates.

Blue Ridge Networks will provide the customer with complete managed support for AppGuard deployment along with 24x7x365 support to ensure continuous peak system performance.

AppGuard has been deployed by government, financial institutions, travel, and in many other industries to effectively and affordably address the rapid escalation of malicious cybersecurity threats, often undetectable by conventional means.

“It’s a privilege to expand our protection services through this deployment of AppGuard endpoint protection for such an important housing authority,” said Maureen Gray, COO of Blue Ridge Networks.

Dianne O’Connor, Senior Director of Sales for AppGuard, added, “AppGuard will benefit our customer by increasing its overall cybersecurity posture, while reducing overall IT and Sec-Ops burdens with more efficient operations.”

For more information about AppGuard, visit: https://trivision.blueridgenetworks.com/appguard/

About Blue Ridge® Networks
Based in Northern Virginia, Blue Ridge Networks is a visionary cybersecurity pioneer providing proven network and endpoint security solutions. Its products isolate, contain, and protect critical operations and endpoints to provide a new layer of cybersecurity defense that eliminates vulnerability to cyber-attacks. Blue Ridge solutions have protected critical operations for some of the largest US government, financial, healthcare, and other critical infrastructure customers for more than twenty years with no reported breaches. For more information, visit trivision.blueridgenetworks.com, or contact us at sales@blueridgenetworks.com.

About AppGuard, Inc.
AppGuard provides award-winning server, endpoint and mobile cybersecurity protection for enterprises as well as small and medium sized businesses. AppGuard’s patented inheritance technology maintains the same level of guarding and isolation on any process spawned from a risky application. The technology does not rely on detection and response, and instead prevents all attacks. For more information, visit: www.appguard.us or contact sales@appguard.us.