Rick Hayes

Rick Hayes

Practice Lead at TrustedSec LLC

Update Profile
14780 Pearl Road Suite 300, Strongsville, Ohio, United States
HQ Phone:
(216) 338-4446
Wrong Rick Hayes?

last updated 11/15/2017

General Information


Information Technology Security Manager - Carter's , Inc.

Senior Manager - Dell Inc.


Founder - The ISD Podcast

Recent News  


Rick Hayes Leads Force Team
TrustedSec: Rick Hayes Leads Force Team Rick Hayes (@ISDPodcast) has joined the TrustedSec as the Practice Lead of the TrustedSec "Force" team. The Force team is TrustedSec's pentesters, hackers, and researchers. David Kennedy, TrustedSec CEO said, "We are truly excited to have Rick come aboard and bring his experience running the INFOSEC shop over at Dell SecureWorks where he was responsible for leading team as well as providing services in Vulnerability Assessments, Penetration Testing, Wireless Security, Application Security, Mobile Application Assessments, VoIP Security Assessments, Social Engineering, and Red-Teaming. Rick was one of the founding creators of the Information Security Daily Podcast (ISDPodcast) and has presented at conferences all around the country (including our favorite - DerbyCon). Rick will run the Force team which specializes and focuses on penetration testing, red teams, application security, mobile security assessments, social-engineering and more.

Read More
The Two Cups of Coffee Attack and Other Data Security Breaches You May Never Suspect - Tinh Anh Soft

"Motivated cyber-criminals are going to attack in every way possible," explained Rick Hayes, senior manager at Dell SecureWorks.
"Every Red Team engagement is customized around that individual industry and customer," Hayes explained. "A petro chemical company will have different concerns than an entertainment and media organization, so we adjust the program accordingly. For us, it's all about whatever is keeping that customer awake at night. That's what we want to test-that's where we want to uncover the risks." According to Hayes, to be effective, no more than a small subset of company leaders can know about the Red Team engagement until it's over. "Our intelligence team spends the first week collecting as much information related to the company, its employees and leadership as they can," Hayes said. "We find out the name of the phone provider, the security vendor, and the landscape company; the schedule for trash collection and mowing. We learn the power service, the physical security and whether or not armed guards secure the facility." The team compiles this information and uses it to build a threat model, and in subsequent weeks, does everything they can to get in and compromise that customers' data (with the knowledge of the customer point-of-contact). "Most company leaders are shocked to learn that their biggest weakness is almost always the human element and how much proprietary information employees reveal under the social web of trust," Hayes said. Helpful employees are also often more than willing to let a Red Team member, dressed as a cable provider or delivery person, into a secured facility without showing credentials. Equally effective is the "two-cups-of-coffee" attack, in which a Red Team member gains access through an employee entrance by saying he or she is bringing in coffee for a named executive (and even gets the door held open for him). "In one of our engagements, we were Red Team testing for a company that gave tours to the public," Hayes said. "One Red Team member posed as a tourist, excused himself to go to the restroom, planted a box in IT that tapped into the company network, and began transmitting data wirelessly to another Red Team member parked in a van outside before the tour was over." Of course, all of the revelations aren't around building access. "Another big surprise is often the lack of visibility that companies have into their systems-particularly legacy systems," Hayes said. "We've been able to extract a goldmine of data from legacy systems that everyone thought were shut down." One of the reasons Red Team Testing is so valuable is because it looks at everything. "Instead of concentrating on a vulnerability in the wireless network or a handful of applications, we provide full-spectrum testing-from attacking voice mail to gaining data center entry; from infiltrating systems to extracting data through social engineering," Hayes said. "We've had a customer who purchased a manufacturing facility in a foreign country that had a single VPN connection, and used us to test how far a perpetrator could get if the connection was compromised," Hayes said. "Other customers use Red Team Testing to vet new employees working with highly secure data to make sure that they are who they represented themselves to be." Whatever the reason, the leadership of companies and organizations of all sizes are embracing this methodology to get an objective, independent view of their security against the threats that concern them most. "We have never had a customer who didn't get value-and some new insight-out of the engagement," Hayes said. The Red on Blue Option But, what if a company is less mature and needs security consulting that goes beyond classroom theory? For these situations, Hayes recommends the "Red on Blue" (also known as Red, White and Blue) engagement. This engagement is a type of corporate war gaming, involving the Red Team and a Blue Team, or Instant Response team, who goes on site with company employees. The Red Team attempts to attack the client company, as it would in a traditional Red Team Test, with the Blue Team on site, defending against the attacks, along with a White Hat observer. "The White Hat observer coaches the employees in real time, showing them if they missed an indicator or what additional security precautions they need to take," Hayes said. "Security is a feeling, the knowledge that your assets are as safe as possible and that you've done everything you can to block attackers," Hayes said.

Read More

"Unfortunately, in today's attack climate, if you are an organization which is likely to be a target of hacktivism and you do not have an intelligence team monitoring the Internet on your behalf, you have to be prepared for far more than just one attack strategy," said Rick Hayes, Sr. Manager, Security and Risk Consulting for Dell SecureWorks.
"The cyber campaigns being launched by hacktivists today aren't merely consisting of a Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks (where large amounts of Internet traffic are directed at a website in hopes of knocking it offline)," continued Hayes. "Although we continue to see cases where hackers are breaking into organizations by entering through their vulnerable web applications," said Hayes, "The good news is we are seeing an uptick from small and medium businesses asking for our Web Application Scanning Service. I believe they have learned from some of the large and expensive public breaches, which have been a result of web application attacks, that it is cheaper in the long run to employ regular scanning of one's web applications and fix the vulnerabilities immediately so as to keep one's assets secure," continued Hayes.

Read More

Browse ZoomInfo’s Directories