Understanding the attack surface to better allocate funds

In the last few years, the attack surface has changed from defending the perimeter to protecting applications in the cloud, leaving CISOs wondering how they can best allocate funds to stay ahead of attacks.Misha Govshteyn, co-founder and CISO at Alert Logic, said, "For a long time, when people thought about defensive strategies it was about their enterprise or their perimeters, where the infrastructure ends and the outside world begins."According to Earl Perkins, research vice president, digital security, the IoT group at Gartner, "We now embrace multiple forms of wireless networks as an enterprise. We distribute smaller, fit-for-purpose devices that have some processor and memory function, but aren’t general-purpose platforms in the sense of traditional IT. All of these are now ingress points and vulnerable assets if they are inadequately protected."To read this article in full or to leave a comment, please click here(Insider Story)

How to develop an internet of things strategy

The internet of things (IoT) may present the biggest opportunity to enterprises since the dawn of the internet age, and perhaps it will be bigger. Research firm Gartner predicts there will be nearly 20 billion devices on the IoT by 2020, and IoT product and service suppliers will generate $300 billion+ in revenue.Successfully leveraging that opportunity — bringing together sensors, connectivity, cloud storage, processing, analytics and machine learning to transform business models and processes — requires a plan."In the course of my career, I've estimated and planned hundreds of projects," John Rossman, who spent four years launching and then running Amazon's Marketplace business (which represents more than 50 percent of all Amazon units sold today), writes in his new book, The Amazon Way on IoT: 10 Principles for Every Leader from the World's Leading Internet of Things Strategies. "I've learned that, even before you start seeking answers, it's imperative to understand the questions. Guiding a team to a successful outcome on a complex project requires understanding of the steps and deliverables, necessary resources, and roles and every inherent risk and dependency."To read this article in full or to leave a comment, please click here

7 project management tools any business can afford

The time has never been better for startups to access well-tested, feature-rich, affordable project management product previously offered only to larger companies. Here are just some of web-based options that a startup can license to manage its activities right out of the gate.If your startup is considering making the leap to a project management tools, these affordable options can make light work of collaboration and manual tracking of project tasks, time and budgets.It’s important to note that many of these per-month-per-user pricing models are based on companies making one annual payment.7 affordbable project management tools (listed by price) 1.  Trello (acquired by Atlassian in 2017) has been around since 2011 and offers a web-based PM solution that works for companies of all sizes, from startups to Fortune 500 companies. Their affordable business class solution costs $9 a month per user and allows companies a free trial of the software.To read this article in full or to leave a comment, please click here

State of the CIO 2017: More challenging, still complicated

Any CIO worth his or her C-suite executive office space knows that the job is more complex than ever. Moving apps and workloads to the cloud, ensuring legacy software can talk to off-premises apps, and keeping networks and systems secure remain core functional tasks of the CIO role. At the same time, boards of directors, CEOs and business colleagues are turning to the CIO to lead digital transformations, win customers and drive revenue.To read this article in full or to leave a comment, please click here(Insider Story)

Top 10 recruiting software platforms

Finding a good recruiting software platform shouldn't be guesswork, and selecting a option can't just be based on features, bells and whistles. Ease of use, scalability and the capability to customize solutions to meet your individual company's needs also are critical factors best discerned by talking to your peers and industry experts.That's where G2 Crowd comes in. The business software review site uses feedback from its user community, social media and other online sources, as well as anonymous customer reviews to develop rankings of a wide range of business applications -- including recruiting software.ALSO ON NETWORK WORLD: How to lure tech talent with employee benefits, perks The latest G2 Crowd report for 2017 is based on hundreds of reviews written by HR and recruiting professionals. For a visual ranking, check out The Grid, which is created by factoring in customer satisfaction reported by users and vendor market presence determined from social and public data to rank the products. Here, based on G2 Crowd's data and ranking, are the top 10 recruiting software platforms.To read this article in full or to leave a comment, please click here

5 open source security tools too good to ignore

Open source is a wonderful thing. A significant chunk of today’s enterprise IT and personal technology depends on open source software. But even while open source software is widely used in networking, operating systems, and virtualization, enterprise security platforms still tend to be proprietary and vendor-locked. Fortunately, that’s changing. If you haven’t been looking to open source to help address your security needs, it’s a shame—you’re missing out on a growing number of freely available tools for protecting your networks, hosts, and data. The best part is, many of these tools come from active projects backed by well-known sources you can trust, such as leading security companies and major cloud operators. And many have been tested in the biggest and most challenging environments you can imagine. To read this article in full or to leave a comment, please click here

5 open source security tools too good to ignore

Open source is a wonderful thing. A significant chunk of today’s enterprise IT and personal technology depends on open source software. But even while open source software is widely used in networking, operating systems, and virtualization, enterprise security platforms still tend to be proprietary and vendor-locked. Fortunately, that’s changing. If you haven’t been looking to open source to help address your security needs, it’s a shame—you’re missing out on a growing number of freely available tools for protecting your networks, hosts, and data. The best part is, many of these tools come from active projects backed by well-known sources you can trust, such as leading security companies and major cloud operators. And many have been tested in the biggest and most challenging environments you can imagine. To read this article in full or to leave a comment, please click here

5 open source security tools too good to ignore

Open source is a wonderful thing. A significant chunk of today’s enterprise IT and personal technology depends on open source software. But even while open source software is widely used in networking, operating systems, and virtualization, enterprise security platforms still tend to be proprietary and vendor-locked. Fortunately, that’s changing. If you haven’t been looking to open source to help address your security needs, it’s a shame—you’re missing out on a growing number of freely available tools for protecting your networks, hosts, and data. The best part is, many of these tools come from active projects backed by well-known sources you can trust, such as leading security companies and major cloud operators. And many have been tested in the biggest and most challenging environments you can imagine. To read this article in full or to leave a comment, please click here

5 built-in Windows 10 apps that do the job (with video)

The touch-friendly apps built into Windows 8 and Windows 10 (originally called Metro apps and now just called Windows apps) were, for a long time, roundly denounced by many reviewers as being underpowered -- and justifiably so. The first release of Mail in Windows 8, for example, didn't have threaded messaging, and the first release of Calendar made it confusing to do something as simple as changing the view to a day, week or month.To read this article in full or to leave a comment, please click here

Why you need a bug bounty program

Every business needs to have a process in place for handling security vulnerability reports, but some organizations take a much more proactive approach to dealing with security researchers.An increasing number of hardware and software vendors have formal bug bounty programs. Google, for example, runs its own vulnerability rewards program, and Microsoft has multiple bug bounties covering Office 365, Azure, .NET and Edge as general programs covering exploits and defenses.To read this article in full or to leave a comment, please click here(Insider Story)

Why you need a bug bounty program

Every business needs to have a process in place for handling security vulnerability reports, but some organizations take a much more proactive approach to dealing with security researchers.To read this article in full or to leave a comment, please click here(Insider Story)

Renewed effort begins to save Calif. university’s IT jobs

At least 10 U.S. lawmakers have written University of California officials about their plan to move IT jobs offshore. It has been called it "ill-advised" and "dangerous," and some have demanded its reversal. But the letters have had no apparent impact, and employees are slated to be laid off Feb. 28.The next step in the fight is legislation.[ Join our H-1B/Outsourcing group on Facebook to discuss this story. ] California Assembly member Kevin McCarty, (D-Sacramento), introduced a bill (AB 848) Thursday in the state legislature that's backed by university unions. It would require the University of California and California State University to certify that any contracted work "will be performed solely with workers within the United States."To read this article in full or to leave a comment, please click here

Intel’s mobile future is in blazing modems as it buries Atom failure

Apple's iPhone has twice been linked to Intel's mobile future. The chip maker bungled it up once, but is coming on strong the second time.Intel passed on the opportunity to make chips for the first iPhone, and in May discontinued Atom smartphone chips after wasting billions trying to get them in handsets. The chip company instead started building a new mobile identity around its modems and wireless connectivity assets.Intel's had success, and some iPhone 7 smartphones are already using the chip maker's modem. The company is now building faster modems, and carrying out trials for future 5G wireless networks.To read this article in full or to leave a comment, please click here

Would killing Bitcoin end ransomware?

Ransomware is running rampant. The SonicWall GRID Threat Network detected an increase from 3.8 million ransomware attacks in 2015 to 638 million in 2016. According to a Radware report, 49 percent of businesses were hit by a ransomware attack in 2016. Quite often the attacker asks for some amount of cybercurrency – usually Bitcoin – in exchange for providing a decryption key.One question this raises is whether ransomware attacks would decrease if Bitcoin ceased to exist? Security experts answer that question with a resounding “no”, indicating that cybercriminals would just move on to another anonymous payment method to continue their extortion."Getting rid of Bitcoin to stop ransomware would be like the U.S. Government getting rid of $100 bills to try to stop drug dealers from laundering their dirty money. It’s not the right solution. Would it momentarily create a bump in the road for cyber attackers who are making millions off of ransomware? Absolutely, but only for a fleeting moment,” said Richard Henderson, global security strategist at Absolute.To read this article in full or to leave a comment, please click here(Insider Story)

Would killing Bitcoin end ransomware?

Ransomware is running rampant. The SonicWall GRID Threat Network detected an increase from 3.8 million ransomware attacks in 2015 to 638 million in 2016. According to a Radware report, 49 percent of businesses were hit by a ransomware attack in 2016. Quite often the attacker asks for some amount of cybercurrency – usually Bitcoin – in exchange for providing a decryption key.To read this article in full or to leave a comment, please click here(Insider Story)

8 steps to regaining control over shadow IT

A dangerous practice on the riseImage by Pexels“Shadow IT” refers to the too-common practice whereby managers select and deploy cloud services without the consent or even the knowledge of the IT department. These services act as extensions of the corporation but are steered entirely by groups that lack the knowledge or process to ensure they follow necessary guidelines, introducing security, compliance, and brand risk throughout the enterprise. Gartner predicts that by 2020, one-third of security breaches will come in through shadow IT services.To read this article in full or to leave a comment, please click here

8 steps to regaining control over shadow IT

A dangerous practice on the riseImage by Pexels“Shadow IT” refers to the too-common practice whereby managers select and deploy cloud services without the consent or even the knowledge of the IT department. These services act as extensions of the corporation but are steered entirely by groups that lack the knowledge or process to ensure they follow necessary guidelines, introducing security, compliance, and brand risk throughout the enterprise. Gartner predicts that by 2020, one-third of security breaches will come in through shadow IT services.To read this article in full or to leave a comment, please click here

Intel takes on IoT complexity with carrier-approved boards

Getting cellular devices certified for carriers’ networks is an expensive, complicated process that’s even harder in the new field of IoT.Smartphone and tablet makers have been dealing with certification for years, spending as much as US$1 million on the process for just one device, GlobalData analyst Avi Greengart says. It’s gotten harder as carriers add new frequency bands.But at least phone makers have been through this before. When enterprises have new ideas about how to use the internet of things, and when manufacturers try to turn those ideas into reality, they're new to the process. Certification delays can hold up devices and IoT rollouts.To read this article in full or to leave a comment, please click here

Kubernetes is now generally available on Azure Container Service

Microsoft and Google don’t get along all that often, but they do agree on using Kubernetes for cloud container orchestration.Kubernetes is generally available for use with Azure Container Service, Microsoft’s managed cloud container hosting offering, as of Tuesday. ACS support for Kubernetes comes along with the service’s existing support for the Apache Mesos-based DC/OS and Docker Swarm.Containers provide an isolated, portable and consistent runtime for applications that’s particularly well-suited to deployment in a cloud environment. Orchestrators like Kubernetes help manage groups of containers. Many cloud providers like Microsoft offer services that help simplify the management of that whole system even further. ACS is one such service.To read this article in full or to leave a comment, please click here

1 2,299 2,300 2,301 2,302 2,303 3,849