This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. If you want to get a sense for how rapidly the SD-WAN market is evolving, go back and read some of the articles from, say, two years ago. Some of the talk was about startup companies entering the market, while other items describe how traditional WAN hardware vendors were pivoting to get into the lucrative new market of building network functions in software.Predictions of the eventual market size varied back then, but everyone knew it would be big. Doyle Research thought it might get to $3.2 billion by 2018. IDC projected a $6 billion market by 2020. I wouldn’t be surprised if those estimates from a few years ago turn out to be too conservative.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. The U.S. Department of Homeland Security (DHS) received reports of 59 cyber incidents at energy facilities in 2016. This is an increase of nearly a third over 2015. Security specialists believe this number is quite conservative, considering that energy companies aren’t required to report cyberattacks to DHS.But the actual number of incidents isn’t the really concerning part of the story. More worrisome, say federal cybersecurity officials and private security specialists, is that the vast majority of energy industry companies lack the technology and personnel to continuously monitor their operational systems for anomalous activity, which leaves them unable to detect intrusions when they happen. Consequently, they don’t even know about incidents to be able to report them.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. The U.S. Department of Homeland Security (DHS) received reports of 59 cyber incidents at energy facilities in 2016. This is an increase of nearly a third over 2015. Security specialists believe this number is quite conservative, considering that energy companies aren’t required to report cyberattacks to DHS.But the actual number of incidents isn’t the really concerning part of the story. More worrisome, say federal cybersecurity officials and private security specialists, is that the vast majority of energy industry companies lack the technology and personnel to continuously monitor their operational systems for anomalous activity, which leaves them unable to detect intrusions when they happen. Consequently, they don’t even know about incidents to be able to report them.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. Bring-your-own-device (BYOD) has become a fairly standard practice in most businesses today. Who among us hasn’t pulled out their cell phone to do a quick check of company email while killing time in a restaurant or a checkout line? The prevalence of public Wi-Fi makes it so easy to connect and tend to a little business while on the go.Many people look at public Wi-Fi as a convenience, or even as a requirement, when choosing where to spend time and money. Look in the window of any coffee shop today and count how many people are engaged with a laptop, tablet or mobile phone. How many of them would still be there if the shop didn’t provide free Wi-Fi?To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. Bring-your-own-device (BYOD) has become a fairly standard practice in most businesses today. Who among us hasn’t pulled out their cell phone to do a quick check of company email while killing time in a restaurant or a checkout line? The prevalence of public Wi-Fi makes it so easy to connect and tend to a little business while on the go.Many people look at public Wi-Fi as a convenience, or even as a requirement, when choosing where to spend time and money. Look in the window of any coffee shop today and count how many people are engaged with a laptop, tablet or mobile phone. How many of them would still be there if the shop didn’t provide free Wi-Fi?To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. When it comes to enterprise security, it has long been established that prevention, though critical, is not enough. Prevention largely depends on knowing what is bad and priming security devices like firewalls and intrusion prevention systems with the rules necessary to keep bad stuff out. The problem is, something can be bad but nobody knows it yet, so there’s no rule to put in the firewall. An attacker’s damage can be done long before the rule is created.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. When it comes to enterprise security, it has long been established that prevention, though critical, is not enough. Prevention largely depends on knowing what is bad and priming security devices like firewalls and intrusion prevention systems with the rules necessary to keep bad stuff out. The problem is, something can be bad but nobody knows it yet, so there’s no rule to put in the firewall. An attacker’s damage can be done long before the rule is created.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. As of mid-February, the plan for Verizon Communications to acquire a majority of Yahoo’s web assets is still on, despite the announcement of Yahoo having suffered two massive breaches of customer data in 2013 and 2014. The sale price, however, has been discounted by $350 million, and Verizon and Altaba Inc. have agreed to share any ongoing legal responsibilities related to the breaches. Altaba is the entity that will own the portion of Yahoo that Verizon is not acquiring.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. As of mid-February, the plan for Verizon Communications to acquire a majority of Yahoo’s web assets is still on, despite the announcement of Yahoo having suffered two massive breaches of customer data in 2013 and 2014. The sale price, however, has been discounted by $350 million, and Verizon and Altaba Inc. have agreed to share any ongoing legal responsibilities related to the breaches. Altaba is the entity that will own the portion of Yahoo that Verizon is not acquiring.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. Docker containers have become an important means for organizations to build and run applications in the cloud. There’s a lot of flexibility with containers, as they can be deployed on top of any bare-metal server, virtual machine, or platform-as-as-service (PaaS) environment. Developers have embraced Docker containers on public clouds because they don’t need help from an IT operations team to spin them up.A software container is simply a thin package of an application and the libraries that support the application, making it easy to move a container from one operating system to another. This makes it possible for a developer to build an application and then take all the source code and supporting files and basically create something like a zip file so the container can be deployed just about anywhere. It contains everything the application needs to run, including code, runtime, system tools and system libraries.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. Docker containers have become an important means for organizations to build and run applications in the cloud. There’s a lot of flexibility with containers, as they can be deployed on top of any bare-metal server, virtual machine, or platform-as-as-service (PaaS) environment. Developers have embraced Docker containers on public clouds because they don’t need help from an IT operations team to spin them up.A software container is simply a thin package of an application and the libraries that support the application, making it easy to move a container from one operating system to another. This makes it possible for a developer to build an application and then take all the source code and supporting files and basically create something like a zip file so the container can be deployed just about anywhere. It contains everything the application needs to run, including code, runtime, system tools and system libraries.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. During my recent trip to Tel Aviv to attend CyberTech 2017, I had a one-on-one conversation with Barak Klinghofer, co-founder and CTO of Hexadite. He gave me a preview of an educational presentation he was to give two weeks later at the RSA Conference. His insight is worth repeating for anyone looking to add automation tools to their security toolset.As I saw at CyberTech, and I’m sure was the case at RSA, the hottest topics were security automation, automated incident response and security orchestration. These can be confusing terms, as every vendor describes them a little bit differently.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. During my recent trip to Tel Aviv to attend CyberTech 2017, I had a one-on-one conversation with Barak Klinghofer, co-founder and CTO of Hexadite. He gave me a preview of an educational presentation he was to give two weeks later at the RSA Conference. His insight is worth repeating for anyone looking to add automation tools to their security toolset.As I saw at CyberTech, and I’m sure was the case at RSA, the hottest topics were security automation, automated incident response and security orchestration. These can be confusing terms, as every vendor describes them a little bit differently.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. Mention “cybersecurity conference” and most people think of the annual RSA Conference, which was held last week. But halfway around the world, the annual CyberTech Tel Aviv event is building momentum as one of the largest gatherings of cybersecurity professionals in the world. This year, more than 10,000 people representing 67 countries amassed in Tel Aviv, and I had the privilege of being one of them.Israel is making a name for itself, and that name is Cyber Nation. A 2011 government resolution created the National Cyber Bureau as an advising body for the Prime Minister. The bureau’s main mission is to bolster Israel’s national cybersecurity defenses, but a secondary mission is to promote research and development in the cyber field and encourage the commercial cyber industry in Israel.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. Mention “cybersecurity conference” and most people think of the annual RSA Conference, which was held last week. But halfway around the world, the annual CyberTech Tel Aviv event is building momentum as one of the largest gatherings of cybersecurity professionals in the world. This year, more than 10,000 people representing 67 countries amassed in Tel Aviv, and I had the privilege of being one of them.Israel is making a name for itself, and that name is Cyber Nation. A 2011 government resolution created the National Cyber Bureau as an advising body for the Prime Minister. The bureau’s main mission is to bolster Israel’s national cybersecurity defenses, but a secondary mission is to promote research and development in the cyber field and encourage the commercial cyber industry in Israel.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. Gartner estimates that global spending on cybersecurity solutions exceeded $81 billion in 2016. The average enterprise with 1,000 or more employees spends about $15 million fighting cybercrime each year, according to the Ponemon Institute. Despite such heavy investments in all types of solutions, many CISOs still find it challenging to answer the questions, “How likely are we to have a breach, and if we do incur a breach, what will be the financial impact?”The main obstacle to answering those fundamental questions is that much of the information needed to reveal an organization’s state of cyber risk is trapped in product silos, and it’s seldom fully mapped to the organization’s compliance policies.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. Gartner estimates that global spending on cybersecurity solutions exceeded $81 billion in 2016. The average enterprise with 1,000 or more employees spends about $15 million fighting cybercrime each year, according to the Ponemon Institute. Despite such heavy investments in all types of solutions, many CISOs still find it challenging to answer the questions, “How likely are we to have a breach, and if we do incur a breach, what will be the financial impact?”The main obstacle to answering those fundamental questions is that much of the information needed to reveal an organization’s state of cyber risk is trapped in product silos, and it’s seldom fully mapped to the organization’s compliance policies.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. For years we have been hearing about critical IT skills shortages. Companies just can’t find enough (or the right) people with expertise in mobility, cybersecurity, data storage, networking, cloud and other important areas.There’s one area, however, where the shortage is becoming acute, and affected companies that don’t act now might soon find themselves in a world of hurt. I’m talking about the business-critical discipline of mainframe stewardship.Experts have been warning about this for at least a decade, and the days of reckoning are here, driven largely by the fact that mainframe champions are retiring from the workforce in droves. People who started their IT careers in the 1970’s and 1980’s – when the mainframe was king – are now baby boomers at the end of their careers. The generations behind them took up different computing platforms, meaning there are few people to pass the mainframe torch to. By some estimates there will be more than 84,000 open positions in this field by 2020.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe.
“We don’t receive enough alerts in our security operations center,” said no security analyst ever. The fact is, most SOC teams are overwhelmed with security alerts and they must prioritize which ones to investigate. Many alerts are simply ignored for lack of resources, yet quite often after a data breach it turns out there was an alert pointing at the breach early on.
In the case of one prominent breach at a major retailer a few years ago, many sources report that a FireEye tool generated an alert confirming that malicious software showed up on a company system. Because so many of those particular alerts were false positives, it was ignored, which subsequently led to one of the largest and most costly retail data breaches in history.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe.
“We don’t receive enough alerts in our security operations center,” said no security analyst ever. The fact is, most SOC teams are overwhelmed with security alerts and they must prioritize which ones to investigate. Many alerts are simply ignored for lack of resources, yet quite often after a data breach it turns out there was an alert pointing at the breach early on.
In the case of one prominent breach at a major retailer a few years ago, many sources report that a FireEye tool generated an alert confirming that malicious software showed up on a company system. Because so many of those particular alerts were false positives, it was ignored, which subsequently led to one of the largest and most costly retail data breaches in history.To read this article in full or to leave a comment, please click here