Today’s interconnected world leaves everyone vulnerable to threats that can use the internet as a pipeline to reach any computer, any device, and any internet-connected gadget to steal data or compromise their integrity.
All about Virtualization and Cloud Security | Recent Articles:
The don'ts - Where companies are so far wrong:
A major shortcoming of companies of all sizes is the lack of understanding of the value of files and documents, and therefore the need to protect them. Proper precautions, then, are also lacking. So attackers can access files that should actually be stored on separate networks or separate infrastructure.
Corporate security leaps ahead with centralized scanning for endpoints, Exchange security, seamless deployment
The Internet of Things is quickly moving from hyped concept to reality – and it’s proving to be a mix of consumer devices, such as home thermostats, electric locks, and security systems to the industrial Internet of Things, which ranges from devices that help improve field machinery maintenance to fully automated office campuses. We really are moving from the phases of connected to devices, and each other, to connecting everything.
Even the U.S. Department of Defense admits that cloud security worries shouldn't come in the way of cloud business benefits. In a talk given to industry cloud players last week, DoD CIO Terry Halverson detailed some of the agency's cloud initiatives and explained how the agency is trying to drive more data to the cloud under the simple philosophy that different data carries different levels of risk.
Anthem, one of the largest health insurers in The United States, has announced they have been breached. The company has created the web site http://www.anthemfacts.com/ giving a brief outline of events. While short on details, the Anthem notes, “Anthem was the target of a very sophisticated external cyber attack. These attackers gained unauthorized access to Anthem’s IT system and have obtained personal information from our current and former members such as their names, birthdays, medical IDs/social security numbers, street addresses, email addresses and employment information, including income data. Based on what we know now, there is no evidence that credit card or medical information, such as claims, test results or diagnostic codes were targeted or compromised."
As frustrating as it can be for IT leaders and CISOs to struggle with a lack of respect from a CEO and the rest of the C-suite, in many ways they need to look in the mirror to place blame for that situation. As we've discussed in the past here at Business Insights, a lot of the respect issue comes down to ineffective communication.
Back to work, people! It's time for CISOs to dust the holiday cookie crumbs from their lips and stop rubbernecking the proverbial car crash that was the Sony incident. As 2015 kicks off, it’s the perfect time to reevaluate plans and priorities, and maybe even engage in a bit of wishful thinking. As security and risk management professionals start the year, the following items are most likely to hit their wish list for the coming 12 months.
Last year's non-stop parade of breaches showed CEOs and boards how detrimental a lack in security investment can really be to an enterprise's health, let alone their own job security. After all, last year saw the dismissal of Target's CEO following that company's disastrous breach—one of the first very big public firings of a chief executive in the wake of a security incident. And just last month Sony Picture's disastrous hack and subsequent release of sensitive emails to and from executives showed the personal consequences to executives when enterprises don't invest in security—for example, the incident greatly tarnished the personal reputation of studio co-chair Amy Pascal.
Transportation is one of those industries that affects everyone in the world just about every day of the year. It encompasses motor vehicles, roadways, bridges and tunnels; planes and airports; trains, tracks and stations; boats, ships and ports—basically any entity that helps get people and things from point A to point B or beyond.
So it goes without saying that ensuring the security of systems, networks, applications and data that support or maintain the transportation infrastructure in any way is critical to the protection of individuals and the well being of society.
The tech industry – and especially info security– love their acronyms and buzzwords: cloud, APT, IDS/WIPs, DLP, NAC, blended threats, “You name it”-as-a-Service, and the list goes on. One of the reasons the terms that fade away do so is because there is a real-world issue and narrative behind the term. They are real, and the term survives. Those that are the fantasy of marketing teams tend to fade away. The term Shadow IT, sometimes called Rogue IT, is a buzzphrase that is real.
When the term Shadow IT surfaced a few years ago, it was a relatively small percentage of employees who were sidestepping corporate IT and finding their cloud services.
The National Small Business association published a report, the “2013 Small Business Technology Survey”. While it contains interesting information, one particular quote stood-out for me.
“Not surprising, there was a huge jump in small firms utilizing cloud computing. In 2010, it was just five percent—today, 43 percent are on the cloud.”