Aug 7, 2020

Rapid7: NICER - diagnosing the internet’s security flaws

William Girling
3 min
Digital security
Released at the end of July 2020, Rapid7’s NICER report is one of the most ambitious pieces of internet security-related research ever conducted...

Released at the end of July 2020, Rapid7’s NICER report is one of the most ambitious pieces of internet security-related research ever conducted.

Focusing on three core topics - National, Industry and Cloud Exposure - the report has been intended by Rapid7 as a conversation starter on the current state of internet security. 

In a world which is currently in the grip of a significant digital transformation, in no small part accelerated by the COVID-19 pandemic which has forced companies all around the world to consider operational alternatives, the question of security could not be more relevant.

The ‘myth of the silver city’

First and foremost, the NICER report aims to dispel the false notion that internet security is ideal in its current state. Although most people’s daily interactions with the internet give no hint of the fragility underneath, Rapid7 is keen to quantify and demonstrate the reasons why this is not the case.

Everybody can afford to be more vigilant and proactive in bolstering their cyber defences, the report posits. After all, technology might have advanced exponentially in the last 50 years, yet the threats presented by phishing scams and exploiting legacy software on the edge remain.

NICER includes lists of countries and industries rated by their exposure to risk so that interested parties can compare their ‘risk neighbourhood’ with others and measure relative progress.

Perhaps most disconcertingly, the most at risk industries are revealed to include financial services, retail and pharma (i.e. vital services), with many FTSE 100, Fortune 500 and Nikkei Index entities suffering disproportionately. 

This highlights Rapid7’s argument that a constant re-evaluation and reassessment of legacy systems is necessary; particularly amongst older, established or ‘traditional’ companies, outdated infrastructures that seem to operate well could be the Achilles heel which leads to great financial loss or security breaches in the future.

Starting a conversation on security

Far from being a final, declaratory statement, Rapid7 has intended NICER to be the opening remarks to a much broader conversation on the subject.

Commonly used security protocols such as Telnet and SMB are analysed at great length and a balanced summary of each system’s strengths, weaknesses and applicable use cases is presented.

The ultimate conclusion is an ambiguous one: “Things aren't great, but not disastrously bad and relatively small changes in how we design, develop and deploy services will still have a great impact on the stability, safety and security of the internet as a whole.”

Rapid7 hopes that its work, the result of four years’ research, will generate heated debate within the tech industry on how best to address the fundamental issues around internet security. 

Whether the answer lies in developing new protocols, re-evaluating how programmers are trained or something yet unthought of, the company hopes that the report will spur a serious discussion on what we desire the future of the internet to be.

Download the full NICER report here

Stay tuned for our feature article on NICER with Rapid7’s Director of Research Tod Beardsley - scheduled to appear in the October edition of FinTech Magazine.

Share article

Jun 14, 2021

Giving efficiency the full throttle at NASCAR

CDW
NASCAR
3 min
CDW is a leading provider of information technology solutions, optimized business workflow and data capture systems for the auto racing company.

The NASCAR organization has long been synonymous with speed, agility and innovation. And so by extension, partnerships at NASCAR hold a similar reputation. One such partner for the organization has been CDW – a leading multi-brand provider of information technology solutions to businesses, government, education and healthcare customers in the United States, the United Kingdom and Canada. CDW provides a broad array of products and services ranging from hardware and software to integrated IT solutions such as security cloud hybrid infrastructure and digital experience. Customer need is the driving force at CDW, and the company helps clients by delivering integrated services solutions that maximize their technology investment. So how does CDW help their customers achieve their business goals? Troy Okerberg, Field Sales Manager - North Florida at CDW adds “We strive to provide our customers with full stack expertise, helping them design, orchestrate and manage technologies that drive their business outcomes.” 

NASCAR acquired International Speedway Corporation (ISC) in 2019, merging its operations into one, new company moving forward. The merger represents an important step forward for NASCAR as the sport creates a unified vision to embrace its long history of exciting, family-oriented racing experiences while developing strategic growth initiatives that will drive the passion of core fans and attract the next generation of race fans. CDW has been instrumental in bringing the two technology environments together to enable collaboration and efficiency as one organization. Starting with a comprehensive analysis of all of NASCAR’s vendors, CDW created a uniform data platform for the data center environment across the NASCAR-ISC organization. The IT partner has also successfully merged the two native infrastructure systems together, while analyzing, consulting and providing an opportunity to merge Microsoft software licenses as well. 

2020 turned into a tactical year for both organizations with the onset of the pandemic and CDW has had to react quickly to the changing scenario. Most of the initial change included building efficiencies around logistics, like equipment needing to be delivered into the hands of end users who switched to a virtual working environment almost overnight. CDW’s distribution team worked tirelessly to ensure that all customers could still access the products that they were purchasing and needed for their organizations throughout the COVID timeframe. Okerberg adds that today, CDW continues to optimize their offering by hyper-localizing resources as well as providing need-based support based on the size and complexity of their accounts. Although CDW still operates remotely, the company commits to adapting to the changing needs of their clients, NASCAR in particular. Apart from the challenges that COVID-19 brought to the organization, another task that CDW had been handed was to identify gaps and duplicates in vendor agreements that the two former single-entity organizations had in place and align them based on services offered. CDW further helps identify and provide the best solution from a consolidation standpoint of both hardware and software clients so that the new merged organization is equipped with the best of what the industry has to offer. 

Share article