CISOs adopt a portfolio management approach for cybersecurity

Enterprise CISOs are in an unenviable position. Given today’s dangerous threat landscape and rapidly evolving IT initiatives, CISOs have a long list of tasks necessary for protecting sensitive data and IT assets. At the same time, however, most organizations are operating with a shortage of skilled cybersecurity professionals.  According to ESG research, 46 percent of organizations claim  they have a “problematic shortage” of cybersecurity skills in 2016.In the past, CISOs (and let’s face it, all cybersecurity professionals) were control freaks often suspicious of vendors and service providers. Faced with today’s overwhelming responsibilities, however, many CISOs I’ve spoken with lately say they’ve changed their tune and have adopted more of a portfolio management approach to their jobs. To read this article in full or to leave a comment, please click here

CISO Portfolio Management

Enterprise CISOs are in an unenviable position.  Given today’s dangerous threat landscape and rapidly evolving IT initiatives, CISOs have a long list of tasks necessary for protecting sensitive data and IT assets.  At the same time however, most organizations are operating with a shortage of skilled cybersecurity professionals.  According to ESG research, 46% of organizations claim that they have a “problematic shortage” of cybersecurity skills in 2016 (note: I am an ESG employee).In the past, CISOs (and let’s face it, all cybersecurity professionals) were control freaks often suspicious of vendors and service providers.  Faced with today’s overwhelming responsibilities however, many CISOs I’ve spoken with lately say they’ve changed their tunes and have adopted more of a portfolio management approach to their jobs. To read this article in full or to leave a comment, please click here

ForeScout simplifies IoT security

Smart lighting, smart meters, smart building systems and other smart endpoints. It seems every device today is a “smart” device.The level of intelligence for the various devices can vary greatly. For example, a smart automobile must make far more autonomous decisions than, say, a wearable fitness monitor. While the range of devices varies greatly, all smart devices have in one thing in common: they are connected to a network. It’s this vast number of connected endpoints—50 billion by 2020, according to ZK Research—that is the foundation for the Internet of Things (IoT).+ Also on Network World: IoT security threats and how to handle them +To read this article in full or to leave a comment, please click here

Anatomy of a service outage: How did we get here?

Although vendor-written, this contributed piece does not promote a product or service and has been edited and approved by Network World editors.As euphemisms go, it's hard to beat the term “service outage” as used by IT departments. While it sounds benign -- something stopped working but tech teams will soon restore order -- anyone familiar with the reality knows the term really means “Huge hit to bottom line.”A quick perusal of the tech news will confirm this. Delta Airline’s global fleet was just grounded by a data center problem.  A recent one day service outage at Salesforce.com cost the company $20 million.  Hundreds of thousands of customers were inconvenienced in May when they couldn't reach Barclays.com due to a “glitch.” And a service outage at HSBC earlier this year prompted one of the Bank of England's top regulators to lament that, “Every few months we have yet another IT failure at a major bank... We can’t carry on like this.”To read this article in full or to leave a comment, please click here

Anatomy of a service outage: How did we get here?

Although vendor-written, this contributed piece does not promote a product or service and has been edited and approved by Network World editors.As euphemisms go, it's hard to beat the term “service outage” as used by IT departments. While it sounds benign -- something stopped working but tech teams will soon restore order -- anyone familiar with the reality knows the term really means “Huge hit to bottom line.”A quick perusal of the tech news will confirm this. Delta Airline’s global fleet was just grounded by a data center problem.  A recent one day service outage at Salesforce.com cost the company $20 million.  Hundreds of thousands of customers were inconvenienced in May when they couldn't reach Barclays.com due to a “glitch.” And a service outage at HSBC earlier this year prompted one of the Bank of England's top regulators to lament that, “Every few months we have yet another IT failure at a major bank... We can’t carry on like this.”To read this article in full or to leave a comment, please click here

Anatomy of a service outage: How did we get here?

Although vendor-written, this contributed piece does not promote a product or service and has been edited and approved by Network World editors.

As euphemisms go, it's hard to beat the term “service outage” as used by IT departments. While it sounds benign -- something stopped working but tech teams will soon restore order -- anyone familiar with the reality knows the term really means “Huge hit to bottom line.”

A quick perusal of the tech news will confirm this. Delta Airline’s global fleet was just grounded by a data center problem.  A recent one day service outage at Salesforce.com cost the company $20 million.  Hundreds of thousands of customers were inconvenienced in May when they couldn't reach Barclays.com due to a “glitch.” And a service outage at HSBC earlier this year prompted one of the Bank of England's top regulators to lament that, “Every few months we have yet another IT failure at a major bank... We can’t carry on like this.”

To read this article in full or to leave a comment, please click here

IDG Contributor Network: Industrial monolith sold hackable thermostats, says expert

Commonly installed Trane thermostats were vulnerable to hacking for a while, says a security firm. The Internet of Things-connected gadgets had been liable to provide burglar-friendly, private information because their authentication system was weak and they use hardcoded credentials, Trustwave claims in its SpiderLabs blog.Trane is an Ingersoll Rand brand that specializes in heating, ventilation and air conditioning systems (HVAC). Ireland-based Ingersoll Rand is a “$13 billion global business,” it proclaims on its website.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Industrial monolith sold hackable thermostats, says expert

Commonly installed Trane thermostats were vulnerable to hacking for a while, says a security firm. The Internet of Things-connected gadgets had been liable to provide burglar-friendly, private information because their authentication system was weak and they use hardcoded credentials, Trustwave claims in its SpiderLabs blog.Trane is an Ingersoll Rand brand that specializes in heating, ventilation and air conditioning systems (HVAC). Ireland-based Ingersoll Rand is a “$13 billion global business,” it proclaims on its website.To read this article in full or to leave a comment, please click here

Taking stock of Apple’s 2016 acquisitions

Apple’s acquisition this past week of Turi, a Seattle machine learning company that has its roots in the open source GraphLab project, brings to six the number of deals Apple has made this year that have gone public. So while Apple’s $2.5 billion in R&D spending during its recently completed second quarter represented a 25% increase over the year-ago period and indicates that Apple is building plenty of futuristic technology in-house, the company continues to buy startups at roughly the same pace it has for the past three years, during which it has snapped up 9 to 15 businesses annually – at least that we know about.To read this article in full or to leave a comment, please click here

Taking stock of Apple’s 2016 acquisitions

Apple’s acquisition this past week of Turi, a Seattle machine learning company that has its roots in the open source GraphLab project, brings to six the number of deals Apple has made this year that have gone public. So while Apple’s $2.5 billion in R&D spending during its recently completed second quarter represented a 25% increase over the year-ago period and indicates that Apple is building plenty of futuristic technology in-house, the company continues to buy startups at roughly the same pace it has for the past three years, during which it has snapped up 9 to 15 businesses annually – at least that we know about.To read this article in full or to leave a comment, please click here

Twitter is not liable for ISIS activity on its service, judge rules

Twitter is not liable for providing material support to the Islamic State group, also referred to as the ISIS, by allowing its members to sign up and use accounts on its site, a federal judge in California ruled Wednesday.The lawsuit against Twitter filed by the familes of two victims of a terror attack in Jordan is similar to another filed by the father of a victim of the Paris attack in November against Twitter, Google and Facebook for allegedly providing material support to terrorists by providing them a forum for propaganda, fund raising and recruitment.To read this article in full or to leave a comment, please click here

Twitter is not liable for ISIS activity on its service, judge rules

Twitter is not liable for providing material support to the Islamic State group, also referred to as the ISIS, by allowing its members to sign up and use accounts on its site, a federal judge in California ruled Wednesday.The lawsuit against Twitter filed by the familes of two victims of a terror attack in Jordan is similar to another filed by the father of a victim of the Paris attack in November against Twitter, Google and Facebook for allegedly providing material support to terrorists by providing them a forum for propaganda, fund raising and recruitment.To read this article in full or to leave a comment, please click here

Ecuador says Swedes will question Assange at its UK embassy

Ecuador has granted a request from Swedish prosecutors to question WikiLeaks’ founder Julian Assange at its embassy in London, where he has been holed up for over four years.Assange was granted asylum by Ecuador in 2012 after he slipped into the country’s embassy in the U.K. He is wanted by police in Sweden for questioning in connection with a sexual assault investigation.U.K. police have said that they would arrest Assange to meet an extradition request from Sweden if he steps out from the Ecuador embassy. But Assange and his supporters have expressed fear that from Sweden, he could be transferred to the U.S. to face charges under the country's Espionage Act.To read this article in full or to leave a comment, please click here

10 killer PC upgrades that are shockingly cheap

No need to break the bankSure, swanky new Surface Pros and $1,200 graphics cards may capture all the headlines, but on a practical level, the real story is that PCs aren’t cheap. As a working father with two kids and a mortgage to pay, I understand that all too well. But if your computer’s starting to feel pokey, there’s fortunately no reason to rush out a spend hundreds on a new one.To read this article in full or to leave a comment, please click here

Want secure code? Give devs the right tools

The Internet has serious security problems that need to be fixed. Despite many calls to action over the years for the industry to band together and work on solutions, progress has been mild. What’s needed isn’t necessarily more security technology. What’s needed are better tools for developers so that they can improve the security of their code.In his keynote at Black Hat in Las Vegas, Dan Kaminsky, chief scientist and co-founder of White Ops, advocated for environments and coding frameworks that make it easier for developers to implement security without compromising usability or stifling creativity. His keynote, “The Hidden Architecture of Our Time: Why This Internet Worked, How We Could Lose It, and the Role Hackers Play,” called on the security industry to think about how new programming environments could have basic functionality and security features built in and turned on by default.To read this article in full or to leave a comment, please click here

Want secure code? Give devs the right tools

The Internet has serious security problems that need to be fixed. Despite many calls to action over the years for the industry to band together and work on solutions, progress has been mild. What’s needed isn’t necessarily more security technology. What’s needed are better tools for developers so that they can improve the security of their code.In his keynote at Black Hat in Las Vegas, Dan Kaminsky, chief scientist and co-founder of White Ops, advocated for environments and coding frameworks that make it easier for developers to implement security without compromising usability or stifling creativity. His keynote, “The Hidden Architecture of Our Time: Why This Internet Worked, How We Could Lose It, and the Role Hackers Play,” called on the security industry to think about how new programming environments could have basic functionality and security features built in and turned on by default.To read this article in full or to leave a comment, please click here

Tech sector employment sees gain in July

In industries such as finance, retail, healthcare and others, IT employment broadly declined in July by 88,000 jobs, or 1.9%, according to tech industry trade group CompTIA.The cuts last month reduced occupational IT employment by 46,000 jobs so far this year, to about 4.43 million.That sounds alarming, right? Perhaps not -- if you widen the picture a bit.INSIDER: 15 ways to screw up a job interview In June, IT occupational employment showed a net gain of 74,000 jobs, and this month-to-month volatility is normal because of the way the U.S. Bureau of Labor Statistics (BLS) reports the data, according the industry group. The government data includes part-time workers, such as someone doing Web design on the side.To read this article in full or to leave a comment, please click here

6 shocking gaps in your data security strategy

Crumbling wallsImage by Steve TraynorDespite billions of dollars invested in cybersecurity, businesses lose critical data daily. We’ve secured our organizations like fortresses, building layers of walls around networks, applications, storage containers, identity, and devices. But when an unhappy employee moves high-value designs onto a USB drive or sends important email attachment outside the “secure” network, those walls crumble the moment we need them the most.To read this article in full or to leave a comment, please click here

6 shocking gaps in your data security strategy

Crumbling wallsImage by Steve TraynorDespite billions of dollars invested in cybersecurity, businesses lose critical data daily. We’ve secured our organizations like fortresses, building layers of walls around networks, applications, storage containers, identity, and devices. But when an unhappy employee moves high-value designs onto a USB drive or sends important email attachment outside the “secure” network, those walls crumble the moment we need them the most.To read this article in full or to leave a comment, please click here

1 2,759 2,760 2,761 2,762 2,763 3,849