Ryan Orsi

As the world’s largest public cloud computing provider hosts its annual security conference in Philadelphia, look for a lot of discussion and capabilities applicable to value-added resellers, system integrators and managed security service providers.

A few days before AWS re:Inforce, Channel Futures sat down with Ryan Orsi, worldwide cloud foundations and advanced services partner leader, to learn more about what’s in store for the channel

Most IT decision-makers pursuing adoption of generative AI choose a hybrid approach of a mix of public and private models (38%), a recent study found. The hybrid approach is appealing because it matches companies’ needs to protect data, maintain control over AI models and results and cost. This illustrates what IT decision-makers prioritize when making decisions about generative AI adoption.

Security is on every IT leader’s mind, so why not discuss the latest threats and response tactics with colleagues and business partners who can share helpful, actionable insights?

As threat groups eye cloud storage, email and messaging platforms to leverage in their cyberattacks, technology providers are searching for new ways to step up their defense strategies so that they’re not just scrambling to shut down this abuse, but proactively preventing it in the first place.

Tech behemoth AWS and cyber insurance firms are combining forces, creating a unique blend of technical proficiency and risk management expertise. "It's a supernova moment," as Ryan Orsi, the Senior Manager of AWS's Cloud Foundations Partner Service Acceleration, so poignantly phrased it in our recent chat during the annual re:Inforce event in Anaheim, California. A bold, paradigm-shifting moment that promises to make cyber insurance accessible to even the smallest of businesses. But can this… Show more

Tech behemoth AWS and cyber insurance firms are combining forces, creating a unique blend of technical proficiency and risk management expertise. "It's a supernova moment," as Ryan Orsi, the Senior Manager of AWS's Cloud Foundations Partner Service Acceleration, so poignantly phrased it in our recent chat during the annual re:Inforce event in Anaheim, California. A bold, paradigm-shifting moment that promises to make cyber insurance accessible to even the smallest of businesses. But can this seemingly indomitable duo truly redefine the cyber insurance industry? The answer, as it turns out, may just surprise you. Show less

AWS launched Amazon CodeGuru Security, Amazon Verified Access, Amazon Verified Permissions, and more at AWS re:Inforce 2023.

The $85 billion Seattle-based cloud computing global market share leader has seen a slowdown in sales growth this year so far, but continues to unleash new products, programs and strategic agreements with channel partners at a rapid race.

Amazon Web Services is diving headfirst into the cyber insurance industry by launching a new program that guarantees customers a quote within two days, tied with massive revenue opportunities for the channel.

Customers who choose to leverage hardened infrastructure on AWS, coupled with a partner who can guide and implement the right security posture with AWS-backed cyber insurance as the backstop, is an untouchable offering in the market,’ says Justin Copie, CEO of AWS partner Innovative Solutions.

Companies are increasingly leveraging cloud-based services to do business, driven by the benefits of efficiency and scalability. But rapid cloud migration is not without its challenges. Security is paramount but a considerable concern. A 2022 survey conducted by data security company Netwrix found that improving security is a primary cloud adoption goal for 53% of organizations.

In an ideal world we wouldn’t have to worry about cybersecurity for healthcare. But unfortunately that is just not the case. Instead with how deeply personal and important the information and data that we hold is in the world of healthcare, we need to be prepared for the absolute worst. All systems should have protections in place against even the worst of cyber threats.

Technology and the way people are using it are evolving in an increasingly steady pace. Just 20 years ago cellphones were getting photo display functions for the first time and were primarily being used to talk to people. Now our phones have facial recognition software and people are using them to shoot and edit films for fun. And the world of healthcare is no different. The amount of technology used and how it is being used has skyrocketed and unfortunately, alongside it so has the amount and… Show more

Technology and the way people are using it are evolving in an increasingly steady pace. Just 20 years ago cellphones were getting photo display functions for the first time and were primarily being used to talk to people. Now our phones have facial recognition software and people are using them to shoot and edit films for fun. And the world of healthcare is no different. The amount of technology used and how it is being used has skyrocketed and unfortunately, alongside it so has the amount and sophistication of cybersecurity threats. Show less

“Creating a culture of security begins with education and awareness to all levels and all roles within a company on what security policies and controls exist, how each department/team directly interacts with them, and training to empower individuals with methods to detect the common tricks bad actors use in a social engineering attack.”

Mark Ryland, AWS’ director of the office of the CISO, and Ryan Orsi, AWS‘ worldwide cloud foundations partner lead for security — MSSP/identity/ops/management, spoke to Channel Futures’ Edward Gately for the Gately Report about a range of security issues. These included the kind of security threats AWS is facing.

Ryan Orsi: I would say absolutely. I kind of tie this back to CEO Adam Selipsky‘s keynote where he announced Amazon Security Lake. It’s yet again the next evolution. Let AWS do the undifferentiated heavy lifting. We work with a lot of partners. And they have to develop their software to integrate with so many sources of logging telemetry. Wth Security Lake, they can sort of boil that down to one because now it’s a single common file-logging format. They have less code to maintain, [fewer]… Show more

Ryan Orsi: I would say absolutely. I kind of tie this back to CEO Adam Selipsky‘s keynote where he announced Amazon Security Lake. It’s yet again the next evolution. Let AWS do the undifferentiated heavy lifting. We work with a lot of partners. And they have to develop their software to integrate with so many sources of logging telemetry. Wth Security Lake, they can sort of boil that down to one because now it’s a single common file-logging format. They have less code to maintain, [fewer] integrations to maintain, and they can focus more on the analytics side, the threat intelligence and threat investigation side. Show less

Assuming the organization has already implemented table-stakes user and application security mechanisms such as multi-factor authentication and least privilege access, creating a culture of security among employees is a great way to increase the company’s resilience to bad actors. Creating a culture of security begins with education and awareness to all levels and all roles within a company on what security policies and controls exist, how each department/team directly interacts with them, and… Show more

Assuming the organization has already implemented table-stakes user and application security mechanisms such as multi-factor authentication and least privilege access, creating a culture of security among employees is a great way to increase the company’s resilience to bad actors. Creating a culture of security begins with education and awareness to all levels and all roles within a company on what security policies and controls exist, how each department/team directly interacts with them, and training to empower individuals with methods to detect the common tricks bad actors use in a social engineering attack. Show less

But companies must remember that data security is a shared responsibility with their cloud provider. “Sometimes you’ll hear it as a shared fate,” says Ryan Orsi, worldwide cloud foundations partner lead for security at AWS.

While the vendor is responsible for host operating systems, virtualization layers, and any devices and buildings where the cloud is located, what’s known as security in the cloud falls to the customer, Orsi explains. “The moment they build an application, the moment… Show more

But companies must remember that data security is a shared responsibility with their cloud provider. “Sometimes you’ll hear it as a shared fate,” says Ryan Orsi, worldwide cloud foundations partner lead for security at AWS.

While the vendor is responsible for host operating systems, virtualization layers, and any devices and buildings where the cloud is located, what’s known as security in the cloud falls to the customer, Orsi explains. “The moment they build an application, the moment they upload a piece of data into the cloud, they are responsible for that.” Show less

According to the IT at Work: 2022 and Beyond survey, 74% of IT decision-makers in the U.S. and Canada reported that their organization has successfully decentralized its IT structure. When it comes to the global average, 64% have decentralized their IT structure. Respondents noted some of the obvious challenges: They expect their organization to face challenges maintaining IT security levels (56%) followed by maintaining quality levels (41%) and the reliability of ongoing support (37%).

This show is hosted by Merritt Baer and Ryan Orsi on the third Tuesday of the month from 1-2pm PT. Each show features AWS Partners discussing various topics related to infrastructure, threat detection/incident response, organizational challenges, hiring and job categories/talent, and, of course, AWS Security, all while following the show rules. Security LIVE! rules: no sales pitches, no overuse of buzz words, and don’t be afraid to dive deep! Participants will walk away with knowledge of how to… Show more

This show is hosted by Merritt Baer and Ryan Orsi on the third Tuesday of the month from 1-2pm PT. Each show features AWS Partners discussing various topics related to infrastructure, threat detection/incident response, organizational challenges, hiring and job categories/talent, and, of course, AWS Security, all while following the show rules. Security LIVE! rules: no sales pitches, no overuse of buzz words, and don’t be afraid to dive deep! Participants will walk away with knowledge of how to build security solutions with AWS and AWS Partners and guidance on growing their career in security. Show less

Amazon Web Services has reinvented its popular AWS Security Competency program with eight new categories to help customers more easily find partner software and service solutions while also providing the channel with over 40 specific customer use cases.

Each of the eight categories are defined by AWS security experts to help customers find specific system integrators, security managed service providers and independent software vendor (ISV) offerings to fit their specific cloud security… Show more

Amazon Web Services has reinvented its popular AWS Security Competency program with eight new categories to help customers more easily find partner software and service solutions while also providing the channel with over 40 specific customer use cases.

Each of the eight categories are defined by AWS security experts to help customers find specific system integrators, security managed service providers and independent software vendor (ISV) offerings to fit their specific cloud security needs. Show less

AWS has enhanced and relaunched its Security Competency Program so that it encompasses a host of cybersecurity challenges enterprises face on a daily basis, including identity and access management, threat detection and response, infrastructure security, data protection, compliance and privacy, application security, perimeter protection, and core security.

Security LIVE!

Another great moment from Amazon Web Services (AWS) re:Inforce this week was Wiz joining our Security LIVE! show with our wonderful hosts Merritt Baer and Ryan Orsi! Click below and go to timestamp 3:09:35 to learn about democratizing security with Yinon C.! #reinforce22 https://lnkd.in/etWQVff2

Amazon Web Services has reinvented its popular AWS Security Competency program with eight new categories to help customers more easily find partner software and service solutions while also providing the channel with over 40 specific customer use cases.

AWS is doubling down on partner cybersecurity enablement by launching six new specialized managed security services to boost the channel’s ability to provide 24x7 services while also removing the “ambiguity” that exists in the security industry.

Security Maturity models using deepwatch managed security

Common questions and corresponding best practices for utilizing (or not) on-premises security tools and practices in cloud security operations

Let experts take care of your AWS security monitoring and threat response so you don’t have to. Can you keep up with AWS Security Hub, Amazon GuardDuty, and AWS Cloud Trail alerts? Is your cloud firewall and EC2 workload protection blocking the most advanced threats? And are you proactively preventing threats with proper configuration? AWS recently announced a new baseline standard for cybersecurity, taking care of your AWS security needs by defining ten cybersecurity areas that all workloads… Show more

Let experts take care of your AWS security monitoring and threat response so you don’t have to. Can you keep up with AWS Security Hub, Amazon GuardDuty, and AWS Cloud Trail alerts? Is your cloud firewall and EC2 workload protection blocking the most advanced threats? And are you proactively preventing threats with proper configuration? AWS recently announced a new baseline standard for cybersecurity, taking care of your AWS security needs by defining ten cybersecurity areas that all workloads should be monitored for around the clock by trained AWS security professionals known as Level 1 Managed Security Services. Sophos is one of the world's first AWS Partners to join the new Level 1 MSSP Competency Program, fusing automated protection, with a team of managed service experts monitoring your environment 24/7 to stop threats – even at 3 a.m. and over the holidays. Show less

s the cloud more secure for my business than on-premise? How can I get the rest of my leadership team on board to support a secure-by-design cloud strategy? Hear from PwC’s AWS US Cybersecurity Leader, Jason Stauffenecker and AWS Partner Practice Team Lead for Security Consulting and MSSP, Ryan Orsi and they discuss this timely topic.

Wipro Limited announced that it has achieved Amazon Web Services (AWS) Level 1 Managed Security Service Provider (MSSP) Competency status. This designation recognizes that Wipro has successfully met AWS’s requirements for a baseline of managed security services to protect and monitor essential AWS resources 24/7, known as Level 1 Managed Security Services.

Atos announced today that it has achieved Amazon Web Services (AWS) Level 1 Managed Security Service Provider (MSSP) Competency status. This designation recognizes that Atos has successfully met AWS’s requirements for a baseline of managed security services to protect and monitor essential AWS resources 24/7, known as Level 1 Managed Security Services. This new baseline standard of quality for managed security services was introduced by AWS to benefit cloud environments of any size and it spans… Show more

Atos announced today that it has achieved Amazon Web Services (AWS) Level 1 Managed Security Service Provider (MSSP) Competency status. This designation recognizes that Atos has successfully met AWS’s requirements for a baseline of managed security services to protect and monitor essential AWS resources 24/7, known as Level 1 Managed Security Services. This new baseline standard of quality for managed security services was introduced by AWS to benefit cloud environments of any size and it spans six security domains: vulnerability management, cloud security best practices and compliance, threat detection and response, network security, host and endpoint security, and application security. The six domains contain multiple MSSP services, each with technical skillset and operational process requirements specific to AWS. Show less

The AWS Level 1 MSSP Competency, which AWS has been piloting for a year, creates a new baseline standard for managed security services that protect, monitor and respond to security events of essential AWS resources and are delivered to customers as a fully managed service.

The new competency—which AWS channel chief Doug Yeum called an “industry first”—is designed to help partners differentiate themselves in a crowded security market and make it easier for customers to procure their… Show more

The AWS Level 1 MSSP Competency, which AWS has been piloting for a year, creates a new baseline standard for managed security services that protect, monitor and respond to security events of essential AWS resources and are delivered to customers as a fully managed service.

The new competency—which AWS channel chief Doug Yeum called an “industry first”—is designed to help partners differentiate themselves in a crowded security market and make it easier for customers to procure their services. Show less

Global technology provider Claranet has announced that it has achieved Amazon Web Services' newly launched Level 1 Managed Security Service Provider (MSSP) Competency status. AWS bills the Level 1 MSSP Competency as a "baseline standard of quality" for customers, including startups, SMBs and glob

With AWS Level 1 MSSP Competency status, Deloitte services meet the cloud security requirements that AWS sets forth, as well as those of industry regulators. Deloitte also leverages its vast network and global resources to provide clients with end-to-end cloud services that help them manage and hone their different cloud security postures.

For some organizations, operationalizing their security responsibilities in the cloud with the right tools, people, and processes can be challenging if they don’t have the cloud security expertise they need in-house.

A Managed Security Service Provider (MSSP) can integrate, join forces with, and work alongside in-house security teams, or provide full outsourcing for Amazon Web Services (AWS) security operations.

To help customers looking for support from MSSPs, we created a new… Show more

For some organizations, operationalizing their security responsibilities in the cloud with the right tools, people, and processes can be challenging if they don’t have the cloud security expertise they need in-house.

A Managed Security Service Provider (MSSP) can integrate, join forces with, and work alongside in-house security teams, or provide full outsourcing for Amazon Web Services (AWS) security operations.

To help customers looking for support from MSSPs, we created a new baseline standard of quality to refer to when making the decision about an AWS Partner to team up with. We call this Level 1 Managed Security Services, and it’s a good starting point for customers to operationalize their AWS security responsibilities in the cloud. Show less

To help customers looking for support from MSSPs, we created a new baseline standard of quality to refer to when making the decision about an AWS Partner to team up with. We call this Level 1 Managed Security Services, and it’s a good starting point for customers to operationalize their AWS security responsibilities in the cloud.

AWS launched the AWS Level 1 MSSPCompetency to enable customers to easily acquire ongoing security monitoring and management, validated by AWS. AWS security experts annually validate the tools used and operational processes of each MSSP address specific cloud security challenges such as continuous event monitoring, triaging, AWS service configuration best practices, and 24/7 incident response. The AWS Level 1 MSSPCompetency provides a faster and easier experience for customers to select the… Show more

AWS launched the AWS Level 1 MSSPCompetency to enable customers to easily acquire ongoing security monitoring and management, validated by AWS. AWS security experts annually validate the tools used and operational processes of each MSSP address specific cloud security challenges such as continuous event monitoring, triaging, AWS service configuration best practices, and 24/7 incident response. The AWS Level 1 MSSPCompetency provides a faster and easier experience for customers to select the right MSSP to help them achieve their goals for business risk and cloud strategy confidence. Show less

Observian, an AWS Advanced Consulting Partner, announced today that it has achieved Amazon Web Services (AWS) Level 1 Managed Security Service Provider (MSSP) Competency status. This designation recognizes that Observian has successfully met AWS’s requirements for a baseline of managed security services to protect and monitor essential AWS resources 24/7, known as Level 1 Managed Security Services. This new baseline standard of quality for managed security services was introduced by AWS to… Show more

Observian, an AWS Advanced Consulting Partner, announced today that it has achieved Amazon Web Services (AWS) Level 1 Managed Security Service Provider (MSSP) Competency status. This designation recognizes that Observian has successfully met AWS’s requirements for a baseline of managed security services to protect and monitor essential AWS resources 24/7, known as Level 1 Managed Security Services. This new baseline standard of quality for managed security services was introduced by AWS to benefit cloud environments of any size and it spans six security domains: vulnerability management, cloud security best practices and compliance, threat detection and response, network security, host and endpoint security, and application security. The six domains contain multiple MSSP services, each with technical skillset and operational process requirements specific to AWS. Show less

AWS launched the AWS Level 1 MSSP Competency together with a dedicated MSSP solution area in AWS Marketplace to enable customers to easily acquire ongoing security monitoring and management, validated by AWS.

AWS launched the AWS Level 1 MSSP Competency to help customers to easily acquire validated security monitoring and management. AWS security experts annually validate that the tools and processes of each MSSP address cloud security challenges such as continuous event monitoring, triaging, AWS service configuration best practices, and 24/7 incident response. The AWS Level 1 MSSP Competency makes it faster and easier for customers to select the right MSSP to help them achieve their goals for… Show more

AWS launched the AWS Level 1 MSSP Competency to help customers to easily acquire validated security monitoring and management. AWS security experts annually validate that the tools and processes of each MSSP address cloud security challenges such as continuous event monitoring, triaging, AWS service configuration best practices, and 24/7 incident response. The AWS Level 1 MSSP Competency makes it faster and easier for customers to select the right MSSP to help them achieve their goals for business risk and cloud strategy confidence. Show less

This new baseline standard of quality for managed security services was introduced by AWS to benefit cloud environments of any size and it spans six security domains: vulnerability management, cloud security best practices and compliance, threat detection and response, network security, host and endpoint security, and application security. The six domains contain multiple MSSP services, each with technical skillset and operational process requirements specific to AWS.

Tech Mahindra Ltd., a provider of digital transformation, consulting and business re-engineering services and solutions, announced today that it has been recognised and certified as Amazon Web Services (AWS) Level 1 Managed Security Service Provider (MSSP) Competency status.

Enjoy my brand new interview with WatchGuards Wi-Fi security evangelist Ryan Orsi.

/Claus.

5G is rolling out across the world such as speed, reliability, and network efficiency. 5G is unlocking or improving use cases such as IoT communications at the edge, high quality video, lower latency to support industry controls and automation, highly-accurate location tracking, and more.

Each MSSP offers a unique set of services to their customer base with differentiation and operational efficiency frequently among top management priorities. Selecting the technical components to formulate service offerings around is perhaps one of the most important decisions MSSPs need to make. MSSPs reading this are strongly encouraged to consider adding Wi-Fi security products focused at detecting and preventing the six Layer Two Wi-Fi threat categories that nearly every business has been… Show more

Each MSSP offers a unique set of services to their customer base with differentiation and operational efficiency frequently among top management priorities. Selecting the technical components to formulate service offerings around is perhaps one of the most important decisions MSSPs need to make. MSSPs reading this are strongly encouraged to consider adding Wi-Fi security products focused at detecting and preventing the six Layer Two Wi-Fi threat categories that nearly every business has been vulnerable to for the last twenty one years. Show less

But what about businesses? Have you ever stopped to think whether your business ought to be providing a VPN service to remote workers, or taking advantage of one to protect your sensitive data? We talked to industry experts to find out whether your business needs a VPN.

Learn about wi-fi security and the Trusted Wireless Environment pledge.

Ruckus, which is now a part of Commscope via acuquisition in 2018, came into the business-class Wi-Fi market in 2002 with a disruptive antenna design. At the time, the antenna technology was quite novel and utilized multiple electrically-steerable antenna arrays to focus signal to desired targets such as laptops or mobile phones, and reject noisy sources like other Wi-Fi networks and Radio Frequency (RF) interference. Their technology has helped businesses all over the world offer rock-solid… Show more

Ruckus, which is now a part of Commscope via acuquisition in 2018, came into the business-class Wi-Fi market in 2002 with a disruptive antenna design. At the time, the antenna technology was quite novel and utilized multiple electrically-steerable antenna arrays to focus signal to desired targets such as laptops or mobile phones, and reject noisy sources like other Wi-Fi networks and Radio Frequency (RF) interference. Their technology has helped businesses all over the world offer rock-solid Wi-Fi service, but does it keep hackers out? Show less

Ubiquiti, a global networking technology company came onto the mainstream marketplace beginning in 2005 with a clever idea of offering products at low prices to mass markets guiding channel players to monetize their services instead of the hardware. Every strategy has its pluses and minuses and some would say Ubiquiti’s low-price leader concept swung the pendulum too far, reducing their own ability to re-invest profits into their research and development department. Others would say the… Show more

Ubiquiti, a global networking technology company came onto the mainstream marketplace beginning in 2005 with a clever idea of offering products at low prices to mass markets guiding channel players to monetize their services instead of the hardware. Every strategy has its pluses and minuses and some would say Ubiquiti’s low-price leader concept swung the pendulum too far, reducing their own ability to re-invest profits into their research and development department. Others would say the low-price leader concept has worked and put the UniFi brand on the map alongside networking names like Cisco Meraki. Regardless of which viewpoint you align to, the number of businesses with Ubiquiti UniFi access points around the world is impressive and therefore a prime target for cyber crimals as evidenced by vulnerability disclosed last year. Show less

Wi-Fi hacking is a hot topic, but one that’s plagued by ambiguous and often contradictory technical terminology. Luckily, the lack of common definitions for Wi-Fi threat vectors has actually produced a solution to the problem: the Trusted Wireless Environment. The Trusted Wireless Environment framework succinctly defines the six Layer 2 Wi-Fi hacks that affect nearly every business today and provides a simple test criterion to determine if a Wi-Fi network is protected from each type of attack.

No company is more committed to fighting Wi-Fi hacking than WatchGuard. And nobody is more passionate and knowledgable about the topic than Ryan Orsi. Enjoy Ryan’s presentation from Wi-Fi NOW International in London, November 2019, here.

How can organisations protect themselves against cyber attack when the threat is changing all the time as new technologies are adopted and exploited? Kate O’Flaherty reports

“Security should not be slowing down your customers, and security should not be consuming too much of your team’s time,” said WatchGuard’s Ryan Orsi.

As Wi-Fi professionals, we are the experts in our field. Learn what the current Wi-Fi hacking threats are and why we have a social responsibility to protect the lesser educated (typically our users and customers) from them.

5G services will be handing-off connections to Wi-Fi networks at a staggering pace, exposing more and more cellular users to Wi-Fi security threats.

Over the years, Wi-Fi has emerged as one of the top guest amenities at hotels. In fact, according to a recent survey, 90% of respondents claim that a Wi-Fi connection is “very important,” and 58% stated that the quality of that service was “highly likely” to impact their booking decisions. Yet despite the need for all this access, guests are concerned about security and online safety – and they should be. In many cases, hotel rooms serve as a remote office for workers, where confidential… Show more

Over the years, Wi-Fi has emerged as one of the top guest amenities at hotels. In fact, according to a recent survey, 90% of respondents claim that a Wi-Fi connection is “very important,” and 58% stated that the quality of that service was “highly likely” to impact their booking decisions. Yet despite the need for all this access, guests are concerned about security and online safety – and they should be. In many cases, hotel rooms serve as a remote office for workers, where confidential corporate and personal information is exchanged. With a steady stream of media stories showcasing data breaches and vulnerabilities (think Dragonblood), guests are rightfully suspicious of the security hospitality organizations are providing when it comes to the Wi-Fi network. Show less

Evil twin access points

How to stop wi-fi hacking

If you’re not already familiar, “Get to Know Your Customer Day” is observed annually on the third Thursday of each quarter. It’s an opportunity to reach out to your business’s patrons and get to know them a little better. To mark this week’s celebration, we’ve done just that!

As a 100 percent channel-focused company, WatchGuard’s entire business is structured to support and enable VARs and MSSPs. Our channel partners are our customers. From network security and intelligence to… Show more

If you’re not already familiar, “Get to Know Your Customer Day” is observed annually on the third Thursday of each quarter. It’s an opportunity to reach out to your business’s patrons and get to know them a little better. To mark this week’s celebration, we’ve done just that!

As a 100 percent channel-focused company, WatchGuard’s entire business is structured to support and enable VARs and MSSPs. Our channel partners are our customers. From network security and intelligence to multi-factor authentication and secure Wi-Fi, these channel organizations work tirelessly to provide enterprise-grade security to customers of all sizes and industries. With the world’s ever-increasing reliance on connected devices and Wi-Fi connectivity, secure Wi-Fi is a major focus for our channel partners and their customers. As such, we asked a few questions to get to know their perspectives on the top challenges and benefits of Wi-Fi security today. Show less

Researchers discovered vulnerabilities in the WPA3 protocol, specifically in the Dragonfly handshake authentication, allowing for multiple exploits branded Dragonblood.

From corporate offices to friendly neighborhood coffee shops, nearly every organization operating a Wi-Fi network is highly exposed to vulnerabilities which bad actors can use to steal sensitive data, eavesdrop, and infiltrate further into the network. The Wi-Fi attack surface is one of the most desirable to hackers because nearly every cyber security company focuses on layer 7 application attacks (such as zero-day malware and ransomware), while historically very little effort has been made to… Show more

From corporate offices to friendly neighborhood coffee shops, nearly every organization operating a Wi-Fi network is highly exposed to vulnerabilities which bad actors can use to steal sensitive data, eavesdrop, and infiltrate further into the network. The Wi-Fi attack surface is one of the most desirable to hackers because nearly every cyber security company focuses on layer 7 application attacks (such as zero-day malware and ransomware), while historically very little effort has been made to defend against layer 2 Wi-Fi attacks. In fact, protections for layer 2 have only recently been introduced, leaving 20 years’ worth of Wi-Fi access points, routers, and clients wide open to attack. Layer 2 Wi-Fi attacks often include tactics like flooding an AP with de-authentication frames or cracking WPA2, an encryption protocol designed to protect wireless networks. Show less

The majority of today’s Wi-Fi access points, routers, and hotspots are highly exposed attack surfaces. Practically every security company in the business focuses on layer 7 application attacks, such as zero-day malware and ransomware. Unfortunately, very little attention has been paid to Wi-Fi layer 2 attacks, which includes tactics like flooding an access point (AP) with de-authentication frames or cracking WPA2. To help combat these vulnerabilities, more and more IT departments are creating… Show more

The majority of today’s Wi-Fi access points, routers, and hotspots are highly exposed attack surfaces. Practically every security company in the business focuses on layer 7 application attacks, such as zero-day malware and ransomware. Unfortunately, very little attention has been paid to Wi-Fi layer 2 attacks, which includes tactics like flooding an access point (AP) with de-authentication frames or cracking WPA2. To help combat these vulnerabilities, more and more IT departments are creating “Trusted Wireless Environments” that automatically detect and prevent Wi-Fi threats. Show less

It's been nearly 20 years since IEEE 802.11b was released and the world got the first Wi-Fi-branded products. And yet the Layer 2 attack surface remains largely unprotected from dangerous Wi-Fi threats that can result in stolen credentials and sensitive information as well as backdoor/malware payload drops. Attackers have been exploiting a fundamental issue with Wi-Fi: Laptops, smartphones, and connected devices aren't equipped to distinguish between two radios broadcasting the same SSID name… Show more

It's been nearly 20 years since IEEE 802.11b was released and the world got the first Wi-Fi-branded products. And yet the Layer 2 attack surface remains largely unprotected from dangerous Wi-Fi threats that can result in stolen credentials and sensitive information as well as backdoor/malware payload drops. Attackers have been exploiting a fundamental issue with Wi-Fi: Laptops, smartphones, and connected devices aren't equipped to distinguish between two radios broadcasting the same SSID name. This allows hackers to use malicious access points (APs) that eavesdrop on traffic, establish "man-in-the-middle" (MitM) positions, and extract sensitive information, often without leaving any traces behind. Show less

Ryan Orsi, WatchGuard’s director of product management, tells Channel Partners that WatchGuardONE partners were one of the top drivers behind the creation of the resource.

WatchGuard's Ryan Orsi
WatchGuard’s Ryan Orsi

“When WatchGuard began focusing on Wi-Fi security, the feedback from our partner community was incredibly consistent across all business models (VAR, MSP, MSSP, project-consulting and distribution) and across all cultures, countries and languages,” he said. “They… Show more

Ryan Orsi, WatchGuard’s director of product management, tells Channel Partners that WatchGuardONE partners were one of the top drivers behind the creation of the resource.

WatchGuard's Ryan Orsi
WatchGuard’s Ryan Orsi

“When WatchGuard began focusing on Wi-Fi security, the feedback from our partner community was incredibly consistent across all business models (VAR, MSP, MSSP, project-consulting and distribution) and across all cultures, countries and languages,” he said. “They are as passionate about security as we are and agree that all Wi-Fi networks on the planet are mostly wide open to Wi-Fi attacks. They also agree that the lack of awareness of these security threats is astounding.” Show less

It was a gorgeous, sunny week in San Francisco as the best and brightest security experts around the globe gathered to attend one of the leading cybersecurity tradeshows in the industry – RSA Conference 2018.

From hacking iOS to why security matters when it comes to Wi-Fi, wireless threats were the topic of several talk-tracks this year. We’re all guilty of connecting to unsecured public Wi-Fi at times. We connect at the Airport, coffee shop, and even at venues like RSAC. And as the… Show more

It was a gorgeous, sunny week in San Francisco as the best and brightest security experts around the globe gathered to attend one of the leading cybersecurity tradeshows in the industry – RSA Conference 2018.

From hacking iOS to why security matters when it comes to Wi-Fi, wireless threats were the topic of several talk-tracks this year. We’re all guilty of connecting to unsecured public Wi-Fi at times. We connect at the Airport, coffee shop, and even at venues like RSAC. And as the growth and popularity of Wi-Fi continues to climb, it’s important that we understand the risks that come with connecting to public Wi-Fi, or even offering Wi-Fi to employees, visitors and guests. Show less

When any new communication medium for sharing information emerges, it’s often quickly followed by those committed to hacking it. This natural progression is unfortunately very predictable: groups of skilled experts form to explore vulnerabilities; they share ideas, code, tools and more. After a while, that small group balloons into a full-blown community that’s equipped with easy-to-use graphical hacking toolkits and hundreds of instructional resources online. Suddenly, hacks that used to… Show more

When any new communication medium for sharing information emerges, it’s often quickly followed by those committed to hacking it. This natural progression is unfortunately very predictable: groups of skilled experts form to explore vulnerabilities; they share ideas, code, tools and more. After a while, that small group balloons into a full-blown community that’s equipped with easy-to-use graphical hacking toolkits and hundreds of instructional resources online. Suddenly, hacks that used to require years of experience are now widely available to anyone with a few hours to burn on YouTube and the willingness to download shady software tools. Show less

IoT security threats

How WIPS and WIDS work, and all the in between.

It's expected that by 2020, annual revenues around IoT solutions could exceed $470 billion. As all things IoT saturate the market (cars, tea kettles, toasters!) what does that mean from a security standpoint? What vulnerabilities aren't included in the fine print of these technologies? Join Ryan Orsi in episode three of our webinar series for a look at the current state of Wi-Fi Iot and what may lay ahead.

During our previous episode, Anatomy of a Wi-Fi Hack, we took a deep dive into the who, what, where and how of wireless hacking.

In episode two of this webinar series, WatchGuard's Ryan Orsi explores what measures can and should be taken to defend the Wi-Fi airspace around us.

How do Wi-Fi hacks actually work?

565,000. Alarmingly, that’s the number of videos currently available on Youtube that explain how to execute a wireless attack. In less than a weekend, anyone with Internet access and some free time can become a Wi-Fi MiTM (Man in the Middle) and wreak havoc on your network.

Join WatchGuard's Ryan Orsi in episode one of our three-part Secure Wi-Fi miniseries as he explores the motives, execution, and anatomy of a Wi-Fi hack.

The security of open Wi-Fi hotspots has been a subject of great concern for years. But, would you believe that we were overwhelmingly successful using Wi-Fi attacks dating back twelve years on the RSA Conference show floor in San Francisco? Either we are really good at getting lucky with old tools, or there is a serious Wi-Fi security pandemic out there.

William Shakespeare once wrote, “the eyes are the windows to your soul,” but if you ask savvy retailers, they might say it’s guest Wi-Fi. Why? New Wi-Fi systems allow them to use powerful features like social media integration, SMS and email to gather key information about customers and connect with them long after they leave a brick and mortor location. While these features are good for both the business and its customers, they can also create challenges for small business owners who are… Show more

William Shakespeare once wrote, “the eyes are the windows to your soul,” but if you ask savvy retailers, they might say it’s guest Wi-Fi. Why? New Wi-Fi systems allow them to use powerful features like social media integration, SMS and email to gather key information about customers and connect with them long after they leave a brick and mortor location. While these features are good for both the business and its customers, they can also create challenges for small business owners who are already extremely busy. Show less

More than 9.1 million stores, cafes, hotels and other sites worldwide offer Wi-Fi, according to analysis firm Maravedis. If you look at this growth map, you can watch the number of global hotspots increasing at about two per second.

Not only do end customers expect connectivity, companies have learned that Wi-Fi can improve their bottom lines by acting as a source of leads and valuable marketing data, if they do security right. Because my company sells exclusively through the channel… Show more

More than 9.1 million stores, cafes, hotels and other sites worldwide offer Wi-Fi, according to analysis firm Maravedis. If you look at this growth map, you can watch the number of global hotspots increasing at about two per second.

Not only do end customers expect connectivity, companies have learned that Wi-Fi can improve their bottom lines by acting as a source of leads and valuable marketing data, if they do security right. Because my company sells exclusively through the channel, our partners constantly send us requests for new and different Wi-Fi services. I’ve distilled these requests to the top four value-added services most important to our mutual SMB customers. Presented here in order of least-to-most complicated, all of these represent potential ongoing billable services for the channel. Show less

Wireless adoption is growing fast globally, with Wi-Fi access becoming ubiquitous in businesses, stores, corporate environments and public spaces; literally everywhere we go.

As a small to midsized business (SMB), you may be considering or already offering Wi-Fi as a service to your customers. It’s a great idea. SMBs are adding Wi-Fi access in their environments to increase customer satisfaction, build loyalty, repeat visits, and enable unique marketing opportunities. Customers… Show more

Wireless adoption is growing fast globally, with Wi-Fi access becoming ubiquitous in businesses, stores, corporate environments and public spaces; literally everywhere we go.

As a small to midsized business (SMB), you may be considering or already offering Wi-Fi as a service to your customers. It’s a great idea. SMBs are adding Wi-Fi access in their environments to increase customer satisfaction, build loyalty, repeat visits, and enable unique marketing opportunities. Customers appreciate and come to expect a fast, reliable secure wireless network experience. Show less

How secure is your Wi-Fi, the Wi-Fi that your device is connected to, and when did you last read a story about a Wi-Fi hack? This week, Infosecurity attended a conference specifically focused on Wi-Fi, and sat down with the sole security presenter from the conference.

Ryan Orsi is director of product management at WatchGuard, where he leads secure Wi-Fi solutions for the company. He talked about the 'layer two levels' of the open systems interconnection model, which he said that, since… Show more

How secure is your Wi-Fi, the Wi-Fi that your device is connected to, and when did you last read a story about a Wi-Fi hack? This week, Infosecurity attended a conference specifically focused on Wi-Fi, and sat down with the sole security presenter from the conference.

Ryan Orsi is director of product management at WatchGuard, where he leads secure Wi-Fi solutions for the company. He talked about the 'layer two levels' of the open systems interconnection model, which he said that, since its inception 20 years ago, has been forgotten about. “If you stop layer two from ever happening, you stop all of the crazy hacks from happening,” he argued. Show less