The ins and outs of deception for cyber security

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach. It is no longer debated that a prevention only security strategy is enough. Security teams must go on the offense and create an environment that provides continuous real-time detection against an ever-changing landscape of cyber threats, and deception tools can play a critical role. Deception as a strategy has been used for years in war and, notably, by cyber attackers. However, using deception to address threats that have bypassed traditional prevention security measures is an emerging and additional line of defense.  Today’s deception-based technology abandons the reliance on known attack patterns and monitoring, and instead uses advanced luring techniques and engagement servers to entice an attacker away from valuable company servers.To read this article in full or to leave a comment, please click here

Microsoft moving to be ‘ultimate platform for all intelligent cars’

While Microsoft may not be building its own smart, connected vehicles, can you imagine a world in which Microsoft provides the “ultimate platform for all intelligent cars?” Microsoft certainly can and the company has previously claimed that it invented or invisibly runs nearly everything. Yet several announcements coming from CES 2016 make it seem like Microsoft’s plan to take over the world of intelligent cars is not so far-fetched.“In the near future, the car will be connected to the Internet, as well as to other cars, your mobile phone and your home computer,” said Microsoft’s Peggy Johnson, executive vice president of business development. “The car becomes a companion and an assistant to your digital life. And so our strategy is to be the ultimate platform for all intelligent cars.”To read this article in full or to leave a comment, please click here

Not in my airspace: Airbus rolls out anti-drone system

Unwanted unmanned aircraft in your airspace? Zap ‘em with a new anti-drone system from Airbus Defense and Space.As the drone world seems to be exploding -- along with increased reports of close calls with other aircraft and privacy invasion complaints -- the inevitable backlash against the unmanned aircraft may also be growing.Perhaps one example of that backlash came in the form of Airbus’ counter-UAV system rolled out at the Consumer Electronics Show in Las Vegas this week.To read this article in full or to leave a comment, please click here

In defense of Paul Graham’s “Inequality”

The simplest way of trolling people is to defend that which everyone hates. That's what Paul Graham discovered this week in his support for "inequality". As a troll, I of course agree with his position.

When your startup is success, you are suddenly rich after living like a pauper for many years. You naturally feel entitled to exploit all those tax loopholes and exemptions that rich people get. But then your accountant gives you the bad news: those loopholes don't exist. You'll have to give more than half of your new wealth to the government. The argument that the "rich don't pay their fair share of taxes" is based on cherry picking exceptional cases that apply to a tiny few. They certainly don't apply to you, the startup founder. Statistically, the top 1% earn ~20% of the nation's income but pay ~40% of taxes, twice their "fair share". There's nothing a successful entrepreneur can do to evade these taxes.

I point this out because the point of To Kill a Mockingbird is that to understand a person, you need to walk around in their shoes. That's the backstory of Paul Graham's piece. He regularly hears statements like "the Continue reading

IDG Contributor Network: 5 cybersecurity trends to watch for 2016

We may welcome in the New Year with open arms, but we must also prepare for the cybersecurity threats ahead of us. The 2015 Cost of Data Breach Study from IBM and the Ponemon Institute put the average cost of a data breach at $3.79 million, and that figure is expected to grow in the year ahead. With the right resolutions, you can drastically reduce your chances of falling prey to cybercriminals.Here are five major trends in cybersecurity that you should have in mind when updating your InfoSec plans for 2016.To read this article in full or to leave a comment, please click here

Let’s Donate Our Organs and Unused Cloud Cycles to Science

There’s a long history of donating spare compute cycles for worthy causes. Most of those efforts were started in the Desktop Age. Now, in the Cloud Age, how can we donate spare compute capacity? How about through a private spot market?

There are cycles to spare. Public Cloud Usage trends:

  • Instances are underutilized with average utilization rates between 8-9%

  • 24% of instance reservations are unused

Maybe all that CapEx sunk into Reserved Instances can be put to some use? Maybe over provisioned instances could be added to the resource pool as well? That’s a lot of power Captain. How could it be put to good use?

There is a need to crunch data. For science. Here’s a great example as described in This is how you count all the trees on Earth. The idea is simple: from satellite pictures count the number of trees. It’s an embarrassingly parallel problem, perfect for the cloud. NASA had a problem. Their cloud is embarrassingly tiny. 400 hypervisors shared amongst many projects. Analysing all the data would would take 10 months. An unthinkable amount of time in this Real-time Age. So they used the spot market on AWS.

The upshot? The test run cost Continue reading

Third try is no charm for failed Linux ransomware creators

Getting cryptographic implementations right is difficult. A group of malware creators is currently experiencing that hard truth, to the amusement of security researchers.For the past several months, a group of cybercriminals have been infecting Linux systems -- primarily Web servers -- with a file-encrypting ransomware program that the security industry has dubbed Linux.Encoder.This development is worrying, because Web server infections don't require user interaction as on desktop computers where getting users to open rogue email attachments or visit malicious websites are common attack vectors. Instead, the hackers use automated scanners to find servers that host vulnerable applications or have weak SSH passwords they can guess using brute-force methods.To read this article in full or to leave a comment, please click here

Passed the CCDE written. Now what?

I was fortunate enough to finally pass the CCDE written exam yesterday morning.

That begs the question of “Now What?”

Well, I will spend a couple of days putting together a study strategy, based on where I am now compared to where I need to be in order to pass the exam. As it looks now, I am probably going for a fall 2016 exam date. That gives me enough time to settle into a new job with everything that entails.

It also means that I will need to spend 2-3 hours of study per day (some weekends more than that), with a combination of watching Cisco Live 365 videos and reading CVD’s/Books.

On top of that, my good friend Daniel Dib and I, along with hopefully a few others will have some design discussions using Webex. We have been told its really important to iron out different design ideas with other people. Especially if we can get a group together with people from different areas of expertise (Datacenter, Service Provider, Enterprise etc.).

Alas, an update to this story will come shortly! :)

Take care!

1 3,116 3,117 3,118 3,119 3,120 3,763