IDG Contributor Network: How CISOs should address their boards about security

There are two times you might have to talk to your organization’s board of directors about security: before a breach and after. Be sure you’ve had the former before you need to have the latter.The board of directors, whose duty it is to run the company in the long-term interest of the owners, needs to know you’ve taken prudent steps to protect the organization’s digital assets. That should mean the board wants to talk with you, the CISO, to learn firsthand what your department is doing to mitigate information security threats.+ Also on Network World: How to survive in the CISO hot seat + Board members want a high-level picture of the threat landscape and a checklist of the measures you’ve taken and policies you’ve adopted to protect the organization. Your job is to provide the board with perspective and not necessarily details. A scorecard or checklist can be an effective visual and a good starting point for a discussion of the organization’s security measures. It lets you provide a high-level overview, and it gives you a road map for diving into details if the board asks for more information.To read this article in full or to Continue reading

IDG Contributor Network: How CISOs should address their boards about security

There are two times you might have to talk to your organization’s board of directors about security: before a breach and after. Be sure you’ve had the former before you need to have the latter.The board of directors, whose duty it is to run the company in the long-term interest of the owners, needs to know you’ve taken prudent steps to protect the organization’s digital assets. That should mean the board wants to talk with you, the CISO, to learn firsthand what your department is doing to mitigate information security threats.+ Also on Network World: How to survive in the CISO hot seat + Board members want a high-level picture of the threat landscape and a checklist of the measures you’ve taken and policies you’ve adopted to protect the organization. Your job is to provide the board with perspective and not necessarily details. A scorecard or checklist can be an effective visual and a good starting point for a discussion of the organization’s security measures. It lets you provide a high-level overview, and it gives you a road map for diving into details if the board asks for more information.To read this article in full or to Continue reading

Cisco Jasper Takes its IoT Expertise to the Enterprise

Canadian operator Telus is the first customer to use the new platform.

ONUG gets closer to making SD-WANs talk to each other

A group of networking engineers and vendors is making progress toward an API that would help enterprises merge SD-WANs from different vendors.The Open SD-WAN Exchange (OSE) initiative was launched last year by the Open Networking User Group (ONUG) to solve a shortcoming of software-defined wide-area networks: They often can't talk to each other. On Tuesday at the ONUG Spring 2017 conference in San Francisco, OSE will make public the work it's done so far.SD-WANs control links to branch offices and remote sites with software, which ultimately should eliminate proprietary hardware and dedicated routing schemes. They also allow companies to use regular broadband connections instead of more expensive MPLS (Multiprotocol Label Switching) services.To read this article in full or to leave a comment, please click here

ONUG gets closer to making SD-WANs talk to each other

A group of networking engineers and vendors is making progress toward an API that would help enterprises merge SD-WANs from different vendors.The Open SD-WAN Exchange (OSE) initiative was launched last year by the Open Networking User Group (ONUG) to solve a shortcoming of software-defined wide-area networks: They often can't talk to each other. On Tuesday at the ONUG Spring 2017 conference in San Francisco, OSE will make public the work it's done so far.SD-WANs control links to branch offices and remote sites with software, which ultimately should eliminate proprietary hardware and dedicated routing schemes. They also allow companies to use regular broadband connections instead of more expensive MPLS (Multiprotocol Label Switching) services.To read this article in full or to leave a comment, please click here

What to ask when selecting application security solutions

Buying decisionsImage by ThinkstockThere are many factors to consider when making an application security purchasing decision, and the pressure is on organizations now more than ever to improve their security risk management preparedness. In fact, more than 80 percent of security attacks target software applications, with application vulnerabilities as the No.1 cyber-attack target. Organizations need a comprehensive application security toolkit to stay secure throughout the product lifecycle, and need to address key questions that can help them determine the right tools to address security risks.To read this article in full or to leave a comment, please click here

What to ask when selecting application security solutions

Buying decisionsImage by ThinkstockThere are many factors to consider when making an application security purchasing decision, and the pressure is on organizations now more than ever to improve their security risk management preparedness. In fact, more than 80 percent of security attacks target software applications, with application vulnerabilities as the No.1 cyber-attack target. Organizations need a comprehensive application security toolkit to stay secure throughout the product lifecycle, and need to address key questions that can help them determine the right tools to address security risks.To read this article in full or to leave a comment, please click here

What to ask when selecting application security solutions

Buying decisionsImage by ThinkstockThere are many factors to consider when making an application security purchasing decision, and the pressure is on organizations now more than ever to improve their security risk management preparedness. In fact, more than 80 percent of security attacks target software applications, with application vulnerabilities as the No.1 cyber-attack target. Organizations need a comprehensive application security toolkit to stay secure throughout the product lifecycle, and need to address key questions that can help them determine the right tools to address security risks.To read this article in full or to leave a comment, please click here

How CISOs find their perfect job

It’s a good time to be a CISO. In a market where analysts say there are over 1 million unfilled job openings, and with demand expected to rise to 6 million globally by 2019 -- according to the Palo Alto Research Center, if you do a good job other opportunities are sure to follow.Indeed, such is the market, that - as we reported last year, even poor performing CISOs, dismissed from previous jobs, get handed new opportunities time and time again.To read this article in full or to leave a comment, please click here(Insider Story)

How CISOs find their perfect job

It’s a good time to be a CISO. In a market where analysts say there are over 1 million unfilled job openings, and with demand expected to rise to 6 million globally by 2019 -- according to the Palo Alto Research Center, if you do a good job other opportunities are sure to follow.To read this article in full or to leave a comment, please click here(Insider Story)

Cisco Identity Services Engine: Initial Configuration

IDG Contributor Network: Ecommerce giants look to dominate payment gateways

Ecommerce competition is heating up globally, with giants Amazon, Apple, Alibaba, Tencent and eBay all vying for bigger stakes in the market. Retail sales are expected to surpass $27 trillion by 2020, and ecommerce is expected to account for more than $4 trillion of that figure.One key area that is becoming the next battleground for these companies is payments. Payments may seem to be an inherent part of ecommerce platforms that facilitates the checkout process. However, the boom of financial technology (fintech) has made payments a major segment in financial services, creating major opportunities for these businesses to tap into wider markets.To read this article in full or to leave a comment, please click here

VMware NSX in Redundant L3-only Data Center Fabric

During the Networking in Private and Public Clouds webinar I got an interesting question: “Is it possible to run VMware NSX on redundantly-connected hosts in a pure L3 data center fabric?”

TL&DR: I thought the answer is still No, but after a very helpful discussion with Anthony Burke it seems that it changed to Yes (even through the NSX Design Guide never explicitly says Yes, it’s OK and here’s how you do it).

42% off Tom Clancy’s Ghost Recon Wildlands – (XBOX ONE, PS4) – Deal Alert

Today you'll see the price drop an extra 42% on Tom Clancy’s Ghost Recon Wildlands. Experience total freedom of choice in Tom Clancy's Ghost Recon Wildlands, the ultimate military shooter set in a massive open world setting.  The Santa Blanca drug cartel has transformed the beautiful South American country of Bolivia into a perilous narco-state, leading to lawlessness, fear, and rampant violence. With their corrosive influence growing, the cartel plagues the citizens of Bolivia but all hope is not lost. The Ghosts, an elite US Special Forces team, are tasked to combat the cartel and save the country from collapse.  See the discounted Ghost Recon Wildlands on Amazon.To read this article in full or to leave a comment, please click here

Oracle plans ‘startup organization’ focused on cloud computing, AI and VR

Oracle is hiring people for a "new startup organization" inside its North America operation that will focus on key technology trends, including cloud computing, internet of things, artificial Intelligence, and augmented and virtual reality.The Solution Engineering organization the company is setting up will consist of Solution Engineering Centers in Reston, Virginia and Denver, Colorado.The database and enterprise software company has previously indicated its interest in investing in some of these technology areas like machine learning and analytics.It announced in September last year that it was investing in intelligent cloud applications, called Adaptive Intelligent Applications, “that automatically offer individualized recommended actions and streamline the tasks of business users such as human resource or finance professionals.”To read this article in full or to leave a comment, please click here

Juniper takes a swipe at Extreme’s network buying spree, plans

It’s not at all uncommon for competitors to snipe at one another but it still makes for good reading and it provides an interesting look into a company’s strategy – and perhaps a signal to a competitor they are in for a fight.Today’s round comes from Juniper which has a piece of marketing out there that says: “In March 2017, Extreme Networks announced it will acquire Brocade's data center networking business. This acquisition has hindered Brocade/Extreme's ability to meet your long-term goals. They can no longer deliver networking solutions that will help you embark on your digital transformation journey. Juniper Networks can.”To read this article in full or to leave a comment, please click here

Juniper takes a swipe at Extreme’s network buying spree, plans

It’s not at all uncommon for competitors to snipe at one another but it still makes for good reading and it provides an interesting look into a company’s strategy – and perhaps a signal to a competitor they are in for a fight.Today’s round comes from Juniper which has a piece of marketing out there that says: “In March 2017, Extreme Networks announced it will acquire Brocade's data center networking business. This acquisition has hindered Brocade/Extreme's ability to meet your long-term goals. They can no longer deliver networking solutions that will help you embark on your digital transformation journey. Juniper Networks can.”To read this article in full or to leave a comment, please click here

Juniper takes a swipe at Extreme’s network buying spree, plans

It’s not at all uncommon for competitors to snipe at one another but it still makes for good reading and it provides an interesting look into a company’s strategy – and perhaps a signal to a competitor they are in for a fight.Today’s round comes from Juniper which has a piece of marketing out there that says: “In March 2017, Extreme Networks announced it will acquire Brocade's data center networking business. This acquisition has hindered Brocade/Extreme's ability to meet your long-term goals. They can no longer deliver networking solutions that will help you embark on your digital transformation journey. Juniper Networks can.”To read this article in full or to leave a comment, please click here

Hipchat resets user passwords after possible breach

HipChat has reset all its users' passwords after what it called a security incident that may have exposed their names, email addresses and hashed password information.In some cases, attackers may have accessed messages and content in chat rooms, HipChat said in a Monday blog post. But this happened in no more than 0.05 percent of the cases, each of which involved a domain URL, such as company.hipchat.com.HipChat didn't say how many users may have been affected by the incident. The passwords that may have been exposed would also be difficult to crack, the company said. The data is hashed, or obscured, with the bcrypt algorithm, which transforms the passwords into a set of random-looking characters. For added security, HipChat "salted" each password with a random value before hashing it.To read this article in full or to leave a comment, please click here

Hipchat resets user passwords after possible breach

HipChat has reset all its users' passwords after what it called a security incident that may have exposed their names, email addresses and hashed password information.In some cases, attackers may have accessed messages and content in chat rooms, HipChat said in a Monday blog post. But this happened in no more than 0.05 percent of the cases, each of which involved a domain URL, such as company.hipchat.com.HipChat didn't say how many users may have been affected by the incident. The passwords that may have been exposed would also be difficult to crack, the company said. The data is hashed, or obscured, with the bcrypt algorithm, which transforms the passwords into a set of random-looking characters. For added security, HipChat "salted" each password with a random value before hashing it.To read this article in full or to leave a comment, please click here