IDG Contributor Network: Security talent management for the digitization era

Stiff competition for talent and a limited pool of security specialists make information security staffing a perennial challenge. Complicating this is the fact that security has not yet adapted to its changing role as organizations digitize. Now more than ever, information security leaders need to understand the new business environment and adapt how they hire, compete for and manage talent for the digital era.+ Also on Network World: High-demand cybersecurity skill sets +Digitization is transforming organizations’ products, channels and operations. While this change comes with the potential for higher profit margins through enhanced efficiency, it also brings an increase in the number and variety of advanced threats, board oversight and regulatory compliance issues.To read this article in full or to leave a comment, please click here

SoftBank Invests $9.4M in Bare Metal Cloud Provider Packet

Packet competes with the likes of AWS and Azure.

Mirantis’ Kubernetes Plan Advances With TCP Cloud

Another step toward infrastructure-as-code.

28% off Western Digital 2TB My Passport Ultra Portable External Hard Drive – Deal Alert

If you're looking for a ton of portable storage at a rock bottom price, you may want to consider this deal currently available on Amazon. Rated 4.5 out of 5 stars from nearly 5,500 people (read reviews), this Western Digital external hard drive features fast USB 3.0 connectivity, is compatible with both PC and Mac, has optional 256-bit AES hardware encryption, automatic cloud backup, and comes with a 3-year warranty. List price is $119.99 but with the current 28% discount you can buy it now for $86.50 (See it on Amazon). To read this article in full or to leave a comment, please click here

How to tackle business disruption

Southwest Airlines CIO Randy Sloan remained in the airline's Dallas headquarters for nearly 40 hours last in July, as he and his team scrambled to find the technical problems that grounded 2,300 flights. Hunkering down, checking IT systems and strategizing in office war rooms for hours isn't ideal for any employee, let alone the IT chief. Southwest Airlines CIO Randy Sloan.To read this article in full or to leave a comment, please click here

Security through Community: Introducing the Vendor Security Alliance

Today Docker is proud to announce that we are founding member of the Vendor Security Alliance (VSA), a coalition formed to help organizations streamline their vendor evaluation processes by establishing a standardized questionnaire for appraising a vendor’s security and compliance practices.The VSA was established to solve a fundamental problem: how can IT teams conform to its existing security practices when procuring and deploying third-party components and platforms?

The VSA solves this problem by developing a required set of security questions that will allow vendors to demonstrate to their prospective customers that they are doing a good job with security and data handling. Good security is built on great technology paired with processes and policies. Until today, there was no consistent way to discern if all these things were in place. Doing a proper security evaluation today tends to be a hard, manual process. A large number of key questions come to mind when gauging how well a third-party company manages security.

As an example, these are the types of things that IT teams must be aware of when assessing a vendor’s security posture:

• Do they securely handle sensitive customer data?
• Do they have the ability to detect when attacks occur on their Continue reading

Federal CISO’s define greatest challenges to authority

If you are a federal Chief Information Security Officers – or even if you are not, you face some serious trials just to do your difficult job.Federal agencies in particular lack clarity on how to ensure that their CISOs have adequate authority to effectively carry out their duties in the face of numerous challenges, a report out this week form the watchdogs at the Government Accountability Office stated.+More on Network World: The 7 most common challenges to cloud computing+The GAO said that 13 of the 24 agencies it reviewed – including the Departments of Defense, Commerce Energy, Justice and State-- for its report “had not fully defined the role of their CISO in accordance with these requirements. For example, these agencies did not always identify a role for the CISO in ensuring that security controls are periodically tested; procedures are in place for detecting, reporting, and responding to security incidents; or contingency plans and procedures for agency information systems are in place. Thus, CISOs' ability to effectively oversee these agencies' information security activities can be limited,” the GAO stated.To read this article in full or to leave a comment, please click here

Federal CISO’s define greatest challenges to authority

If you are a federal Chief Information Security Officers – or even if you are not, you face some serious trials just to do your difficult job.Federal agencies in particular lack clarity on how to ensure that their CISOs have adequate authority to effectively carry out their duties in the face of numerous challenges, a report out this week form the watchdogs at the Government Accountability Office stated.+More on Network World: The 7 most common challenges to cloud computing+The GAO said that 13 of the 24 agencies it reviewed – including the Departments of Defense, Commerce Energy, Justice and State-- for its report “had not fully defined the role of their CISO in accordance with these requirements. For example, these agencies did not always identify a role for the CISO in ensuring that security controls are periodically tested; procedures are in place for detecting, reporting, and responding to security incidents; or contingency plans and procedures for agency information systems are in place. Thus, CISOs' ability to effectively oversee these agencies' information security activities can be limited,” the GAO stated.To read this article in full or to leave a comment, please click here

Federal CISO’s define greatest challenges to authority

If you are a federal Chief Information Security Officers – or even if you are not, you face some serious trials just to do your difficult job.Federal agencies in particular lack clarity on how to ensure that their CISOs have adequate authority to effectively carry out their duties in the face of numerous challenges, a report out this week form the watchdogs at the Government Accountability Office stated.+More on Network World: The 7 most common challenges to cloud computing+The GAO said that 13 of the 24 agencies it reviewed – including the Departments of Defense, Commerce Energy, Justice and State-- for its report “had not fully defined the role of their CISO in accordance with these requirements. For example, these agencies did not always identify a role for the CISO in ensuring that security controls are periodically tested; procedures are in place for detecting, reporting, and responding to security incidents; or contingency plans and procedures for agency information systems are in place. Thus, CISOs' ability to effectively oversee these agencies' information security activities can be limited,” the GAO stated.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Got milk? IoT and LoRaWAN modernize livestock monitoring

With each head of cattle costing more than $2,000, care for the herd is important.  Tracking individual cows moving over large areas is challenging, though, especially when they all look alike. Harsh farming conditions and limited budgets add to the technical hurdles.Cattle Traxx, which recently exhibited its system at TechCrunch Disrupt, has an answer. Livestock monitoring that includes an IoT solution of ruggedized sensors, LoRaWAN mesh networking, geofencing and cloud-based analytics.Solution design SensorsTo read this article in full or to leave a comment, please click here

Chrome OS gets cryptographically verified enterprise device management

Companies will now be able to cryptographically validate the identity of Chrome OS devices connecting to their networks and verify that those devices conform to their security policies.On Thursday, Google announced a new feature and administration API called Verified Access. The API relies on digital certificates stored in the hardware-based Trusted Platform Modules (TPMs) present in every Chrome OS device to certify that the security state of those devices has not been altered.Many organizations have access controls in place to ensure that only authorized users are allowed to access sensitive resources and they do so from enterprise-managed devices conforming to their security policies.To read this article in full or to leave a comment, please click here

Chrome OS gets cryptographically verified enterprise device management

Companies will now be able to cryptographically validate the identity of Chrome OS devices connecting to their networks and verify that those devices conform to their security policies.On Thursday, Google announced a new feature and administration API called Verified Access. The API relies on digital certificates stored in the hardware-based Trusted Platform Modules (TPMs) present in every Chrome OS device to certify that the security state of those devices has not been altered.Many organizations have access controls in place to ensure that only authorized users are allowed to access sensitive resources and they do so from enterprise-managed devices conforming to their security policies.To read this article in full or to leave a comment, please click here

The Future of Network Virtualization and SDN Controllers Report Available Now

Download now to learn the latest on the NV and SDN Controllers market.

Orange Throws its Hat Into the Ring with AT&T’s ECOMP

ECOMP finds its first service-provider friend.

Conan’s take on Apple AirPods: Wireless. Expensive. Lost.

This short video from the Conan O'Brien late night TV show depicts exactly what everyone thought the moment they saw Apple reveal its $269 wireless AirPods during its iPhone 7 announcements last week. MORE: Bring on the iPhone 7 parody videosTo read this article in full or to leave a comment, please click here

Extreme becomes major WLAN player with Zebra buy

There are many factors to consider when a technology vendor decides to pull the trigger on an acquisition. Things such as impact to channel, customer reaction, product rationalization and other issues must be thought out.However, sometimes an acquisition seems to be a great fit and the decision is “black and white,” meaning it’s crystal clear with no shades of grey. This appears to have been the case for Extreme Networks, which earlier this week scooped up the wireless LAN (WLAN) business from Zebra Technologies for $55 million.To read this article in full or to leave a comment, please click here

Extreme becomes major WLAN player with Zebra buy

There are many factors to consider when a technology vendor decides to pull the trigger on an acquisition. Things such as impact to channel, customer reaction, product rationalization and other issues must be thought out.However, sometimes an acquisition seems to be a great fit and the decision is “black and white,” meaning it’s crystal clear with no shades of grey. This appears to have been the case for Extreme Networks, which earlier this week scooped up the wireless LAN (WLAN) business from Zebra Technologies for $55 million.To read this article in full or to leave a comment, please click here

Nokia Takes a DevOps Approach to the Cloud

Cloud Design Center’s aim is to simplify multivendor cloud networks for operators.

IDG Contributor Network: In an attempt to disrupt Splunk, Elastic makes another acquisition

Elastic is the commercial vendor that sits behind the Elasticsearch, Kibana, Logstash and Beats open source projects. Elasticsearch was created back in 2010 by Shay Banon, co-founder and CTO of the Elastic company, and is built upon the Apache Lucene information retrieval project. All of the different projects focus on taking structured and unstructured data and delivering search, logging and analytics on top of it.Since that time, its commercial products—Elastic Stack, X-Pack and Elastic Cloud—have seen over 70 million cumulative downloads.Elastic has been smart about making strategic acquisitions. It acquired visualization vendor Kibana, and a year or so ago it acquired Norwegian company Found, which was commercializing Elasticsearch and offering it as a service on top of Amazon Web Services. This strategy appears to have worked, and it is interesting to look at the graph below that tracks the relative exposure of Elasticsearch and one of the competitive offerings, Splunk.To read this article in full or to leave a comment, please click here

Worth Reading: Big buffers and reality

This whole big buffer nonsense has gotten out of hand (kinda like Trump and his H-yuge Border Wall or Clinton and her lack of ethics) and it’s time for this issue to be put to rest. For the last few years, the main messaging from Arista has been that you need big buffers for everything, especially for big data applications. I’m not saying it doesn’t make for a good marketing soundbite… —Packet Pushers

The post Worth Reading: Big buffers and reality appeared first on 'net work.