Corporate security leaps ahead with centralized scanning for endpoints, Exchange security, seamless deployment
All about Virtualization and Cloud Security | Recent Articles:
The Internet of Things is quickly moving from hyped concept to reality – and it’s proving to be a mix of consumer devices, such as home thermostats, electric locks, and security systems to the industrial Internet of Things, which ranges from devices that help improve field machinery maintenance to fully automated office campuses. We really are moving from the phases of connected to devices, and each other, to connecting everything.
Even the U.S. Department of Defense admits that cloud security worries shouldn't come in the way of cloud business benefits. In a talk given to industry cloud players last week, DoD CIO Terry Halverson detailed some of the agency's cloud initiatives and explained how the agency is trying to drive more data to the cloud under the simple philosophy that different data carries different levels of risk.
Anthem, one of the largest health insurers in The United States, has announced they have been breached. The company has created the web site http://www.anthemfacts.com/ giving a brief outline of events. While short on details, the Anthem notes, “Anthem was the target of a very sophisticated external cyber attack. These attackers gained unauthorized access to Anthem’s IT system and have obtained personal information from our current and former members such as their names, birthdays, medical IDs/social security numbers, street addresses, email addresses and employment information, including income data. Based on what we know now, there is no evidence that credit card or medical information, such as claims, test results or diagnostic codes were targeted or compromised."
As frustrating as it can be for IT leaders and CISOs to struggle with a lack of respect from a CEO and the rest of the C-suite, in many ways they need to look in the mirror to place blame for that situation. As we've discussed in the past here at Business Insights, a lot of the respect issue comes down to ineffective communication.
Back to work, people! It's time for CISOs to dust the holiday cookie crumbs from their lips and stop rubbernecking the proverbial car crash that was the Sony incident. As 2015 kicks off, it’s the perfect time to reevaluate plans and priorities, and maybe even engage in a bit of wishful thinking. As security and risk management professionals start the year, the following items are most likely to hit their wish list for the coming 12 months.
Last year's non-stop parade of breaches showed CEOs and boards how detrimental a lack in security investment can really be to an enterprise's health, let alone their own job security. After all, last year saw the dismissal of Target's CEO following that company's disastrous breach—one of the first very big public firings of a chief executive in the wake of a security incident. And just last month Sony Picture's disastrous hack and subsequent release of sensitive emails to and from executives showed the personal consequences to executives when enterprises don't invest in security—for example, the incident greatly tarnished the personal reputation of studio co-chair Amy Pascal.
Transportation is one of those industries that affects everyone in the world just about every day of the year. It encompasses motor vehicles, roadways, bridges and tunnels; planes and airports; trains, tracks and stations; boats, ships and ports—basically any entity that helps get people and things from point A to point B or beyond.
So it goes without saying that ensuring the security of systems, networks, applications and data that support or maintain the transportation infrastructure in any way is critical to the protection of individuals and the well being of society.
The tech industry – and especially info security– love their acronyms and buzzwords: cloud, APT, IDS/WIPs, DLP, NAC, blended threats, “You name it”-as-a-Service, and the list goes on. One of the reasons the terms that fade away do so is because there is a real-world issue and narrative behind the term. They are real, and the term survives. Those that are the fantasy of marketing teams tend to fade away. The term Shadow IT, sometimes called Rogue IT, is a buzzphrase that is real.
When the term Shadow IT surfaced a few years ago, it was a relatively small percentage of employees who were sidestepping corporate IT and finding their cloud services.
The National Small Business association published a report, the “2013 Small Business Technology Survey”. While it contains interesting information, one particular quote stood-out for me.
“Not surprising, there was a huge jump in small firms utilizing cloud computing. In 2010, it was just five percent—today, 43 percent are on the cloud.”
I recently signed up a family member for extracurricular activities, and upon arriving at a small local business, ended up in a conversation with the owner. After a few pleasantries, the usual, “where do you work” question came up. I proudly answered, and the floodgates opened with the owner asking many questions about IT and security:
Should I use two host service providers? One for internal access? One for external access?
How do I protect the business, given my IT environment?
Should I move certain services into the cloud? If so, how do I make sure my customers are protected?
What is virtualization and how can it help me? Does it make sense for me?
Small and medium businesses should shore up their defenses as allegations of rampant spying and massive security breaches cast a pall of doubt on the safety of the Internet. Here’s some advice to help SMBs cope with growing risks and keep expenses under control.
Studies show that data security can be a crucial issue of customer/client trust. In the wake of the Snowden NSA leaks, SMBs are at greater risk than huge corporations, as they have limited money for cyber-security.
From netbooks to smartphones and picture-playing devices, employees become more and more tech-savvy and bring a wide variety of Internet-connected devices to the office. To increase efficiency and mobility, they commonly access corporate data and networks on the go, while chatting with friends, posting social media messages, listening to music and sharing pictures online.