Bob Violino

Author Archives: Bob Violino

Continuous authentication: Why it’s getting attention and what you need to know

User authentication is one of the basic components of any cyber security program. Identifying an individual based on a username, password or other means helps companies ensure that the person is who he or she claims to be when accessing a system, application or network.But in some cases traditional authentication processes are not enough to provide strong security throughout a user work session. That’s where continuous authentication comes in. The concept is still relatively new, and experts say few products yet exist in the market. But it’s gaining more attention as companies look for ways to prevent unauthorized access to their critical business data.To read this article in full or to leave a comment, please click here

Continuous authentication: Why it’s getting attention and what you need to know

User authentication is one of the basic components of any cyber security program. Identifying an individual based on a username, password or other means helps companies ensure that the person is who he or she claims to be when accessing a system, application or network.But in some cases traditional authentication processes are not enough to provide strong security throughout a user work session. That’s where continuous authentication comes in. The concept is still relatively new, and experts say few products yet exist in the market. But it’s gaining more attention as companies look for ways to prevent unauthorized access to their critical business data.To read this article in full or to leave a comment, please click here

Are companies doing enough on the IoT security front?

We continue to hear dire warnings about the inherent security risks of the Internet of Things (IoT), and indeed IoT-related incidents are happening. With many companies beginning to capture IoT data from connected devices, a key question is are they doing enough to ensure that data and networks are secure?If security executives thought they had a lot to handle with the growth of mobile devices and the expanding digital enterprise, the emergence of connected products, corporate assets, vehicles and other “things” is taking security coverage to a whole new level.A December 2016 study by the Institute for Critical Infrastructure Technology (ICIT) — a cyber security think tank that acts as a conduit between private sector companies and U.S. federal agencies, points out how vulnerable enterprises are to attacks such as distributed denial of service (DDoS) via IoT.To read this article in full or to leave a comment, please click here

Are companies doing enough on the IoT security front?

We continue to hear dire warnings about the inherent security risks of the Internet of Things (IoT), and indeed IoT-related incidents are happening. With many companies beginning to capture IoT data from connected devices, a key question is are they doing enough to ensure that data and networks are secure?If security executives thought they had a lot to handle with the growth of mobile devices and the expanding digital enterprise, the emergence of connected products, corporate assets, vehicles and other “things” is taking security coverage to a whole new level.A December 2016 study by the Institute for Critical Infrastructure Technology (ICIT) — a cyber security think tank that acts as a conduit between private sector companies and U.S. federal agencies, points out how vulnerable enterprises are to attacks such as distributed denial of service (DDoS) via IoT.To read this article in full or to leave a comment, please click here

Real-world container migrations

We hear a lot from vendors and service providers about the wisdom of migrating applications and workloads to the cloud. The potential benefits include lower capital costs and increased flexibility.To read this article in full or to leave a comment, please click here(Insider Story)

Robots present a cyber risk

The prospect of an army of robots marching in unison to launch an attack on an unsuspecting city belongs in the realm of science fiction—as do most images of menacing autonomous machines wreaking all kinds of havoc on civilization.That’s not to say robotics is free from security and safety threats, however. In fact, experts say the growing use of robots by companies such as manufacturers, retailers, healthcare institutions and other businesses can present a number of cyber risks.There are two primary issues related to security and robotics, says Michael Overly, a partner and information security attorney at law firm Foley & Lardner.First, these machines are generally integral to assembly line operations and other similar activities, Overly says. “An attack could literally bring a manufacturing or assembly plant to its knees,” he says. “We have seen this very outcome in a ransomware attack targeted at robotic assemblers in a plant in Mexico.” In that case, the ransomware locked up the specifications files from which the robots drew their operating parameters, he says.To read this article in full or to leave a comment, please click here

Robots present a cyber risk

The prospect of an army of robots marching in unison to launch an attack on an unsuspecting city belongs in the realm of science fiction—as do most images of menacing autonomous machines wreaking all kinds of havoc on civilization.That’s not to say robotics is free from security and safety threats, however. In fact, experts say the growing use of robots by companies such as manufacturers, retailers, healthcare institutions and other businesses can present a number of cyber risks.There are two primary issues related to security and robotics, says Michael Overly, a partner and information security attorney at law firm Foley & Lardner.First, these machines are generally integral to assembly line operations and other similar activities, Overly says. “An attack could literally bring a manufacturing or assembly plant to its knees,” he says. “We have seen this very outcome in a ransomware attack targeted at robotic assemblers in a plant in Mexico.” In that case, the ransomware locked up the specifications files from which the robots drew their operating parameters, he says.To read this article in full or to leave a comment, please click here

Security challenge: Wearing multiple hats in IT

Are you taking on multiple job responsibilities at your company, including some aspects of information security? If so, you’re not alone. At many organizations, IT professionals are being asked to handle a variety of security tasks and functions. For them, wearing multiple hats can create both opportunities and stress.To read this article in full or to leave a comment, please click here(Insider Story)

Mergers create greater security risk

Corporate mergers and acquisitions (M&A) can be fraught with risks related to financial matters, company culture, personnel, IT systems integration and other areas.Security risks, both cyber and physical, certainly belong on the list of concerns. And with the ongoing shortage of professionals who are expert in various aspects of data protection—coupled with the seemingly endless stream of reports about data breaches and other security threats—this has become an even bigger concern for companies that are considering or in the midst of M&A deals.“Any M&A activity involves an assumption of risk,” says Ariel Silverstone, vice president of security strategy, privacy and trust at GoDaddy, a provider of domain name registrations.To read this article in full or to leave a comment, please click here

Mergers create greater security risk

Corporate mergers and acquisitions (M&A) can be fraught with risks related to financial matters, company culture, personnel, IT systems integration and other areas.Security risks, both cyber and physical, certainly belong on the list of concerns. And with the ongoing shortage of professionals who are expert in various aspects of data protection—coupled with the seemingly endless stream of reports about data breaches and other security threats—this has become an even bigger concern for companies that are considering or in the midst of M&A deals.“Any M&A activity involves an assumption of risk,” says Ariel Silverstone, vice president of security strategy, privacy and trust at GoDaddy, a provider of domain name registrations.To read this article in full or to leave a comment, please click here

Data lakes security could use a life preserver

As big data initiatives gain steam at organizations, many companies are creating “data lakes” to provide a large number of users with access to the data they need. And as with almost every type of new IT initiative, this comes with a variety of security risks that enterprises must address.Data lakes are storage repositories that hold huge volumes of raw data kept in its native format until it’s needed. They’re becoming more common as organizations gather enormous amounts of data from a variety of resources.The growing business demand for analytics is helping to fuel the move to large repositories of data. And data lakes are likely to take on even more significance with the growth of the internet of things (IoT), in which companies will gather data from and about countless networked objects.To read this article in full or to leave a comment, please click here

Data lakes security could use a life preserver

As big data initiatives gain steam at organizations, many companies are creating “data lakes” to provide a large number of users with access to the data they need. And as with almost every type of new IT initiative, this comes with a variety of security risks that enterprises must address.Data lakes are storage repositories that hold huge volumes of raw data kept in its native format until it’s needed. They’re becoming more common as organizations gather enormous amounts of data from a variety of resources.The growing business demand for analytics is helping to fuel the move to large repositories of data. And data lakes are likely to take on even more significance with the growth of the internet of things (IoT), in which companies will gather data from and about countless networked objects.To read this article in full or to leave a comment, please click here

Mobile management takes on apps, content

Corporate mobile infrastructures continue to grow, with both company-issued and employee-owned devices playing a key role in supporting business processes. Enterprise mobility management (EMM) suites are often the way enterprises manage these increasingly complex environments.To read this article in full or to leave a comment, please click here(Insider Story)

Mobile management vendors compared

Enterprise mobility management (EMM) helps companies secure their mobile infrastructure, as well as control device policies and manage mobile apps, content, networks and services. The platforms have been around for a while; some might know them as mobile device management (MDM) suites. But those suites have matured and adopted new features.Editor's note: This chart was originally posted in May 2013 and was updated in March 2015 and again on June 27, 2016. We chose the vendors and products listed here based on conversations with independent analysts about which have significant market share or are important to include for other reasons such as features and functions. All information in the chart about the products and services comes from the respective vendors.To read this article in full or to leave a comment, please click here(Insider Story)

IoT pushes IT security to the brink

The Internet of Things (IoT) offers many possible benefits for organizations and consumers—with unprecedented connectivity of countless products, appliances and assets that can share all sorts of information. IoT also presents a number of potential security threats that organizations need to address.“There is no doubt the levels of risk are set to increase alongside the growth in deployment of IoT devices,” says Ruggero Contu, research director at Gartner. IoT will introduce thousands of new threat vectors simply by increasing the number of networked points, Contu says.While IoT offers great opportunities, in interconnected environments “the security risks increase exponentially and the attack vector or surface is—in theory—potentially limitless,” says Laura DiDio, director enterprise research, Systems Research & Consulting at Strategy Analytics.To read this article in full or to leave a comment, please click here

IoT pushes IT security to the brink

The Internet of Things (IoT) offers many possible benefits for organizations and consumers—with unprecedented connectivity of countless products, appliances and assets that can share all sorts of information. IoT also presents a number of potential security threats that organizations need to address.“There is no doubt the levels of risk are set to increase alongside the growth in deployment of IoT devices,” says Ruggero Contu, research director at Gartner. IoT will introduce thousands of new threat vectors simply by increasing the number of networked points, Contu says.While IoT offers great opportunities, in interconnected environments “the security risks increase exponentially and the attack vector or surface is—in theory—potentially limitless,” says Laura DiDio, director enterprise research, Systems Research & Consulting at Strategy Analytics.To read this article in full or to leave a comment, please click here