Boards are getting more involved in cybersecurity, but is it enough?

An escalation in the frequency, severity and impact of cybersecurity attacks damaging corporate operations, finances and reputations is forcing boards of directors to take more active roles in their company's defensive posture. However, the level of participation in their companies' risk mitigation strategy remains lacking, according to new research from PwC.Forty-five percent of 10,000 CEOs, CFOs, CIOs and other executives PwC polled said that their boards participated in corporate cybersecurity strategy, up from 42 percent when PwC conducted a similar survey for 2014, according to David Burg, PwC's global cybersecurity practice leader. But given the glut of cybersecurity attacks Burg says the numbers are lower than they should be. "It is surprising that this number isn't north of 75 percent,” says Burg, who published the data in a new report. “In a world of connected business ecosystems, you’re only as strong as your weakest link.”To read this article in full or to leave a comment, please click here

Docker’s acquisition aims to improve application container management

Docker containers have spread like wildfire across the technology industry, and now one of the biggest companies behind the movement has taken a big step toward making it easier to manage application containers across various infrastructure environments.+MORE AT NETWORK WORLD: Amazon’s case for running containers in its cloud | 12 Hot application container startup companies to watch +To read this article in full or to leave a comment, please click here

Mozilla mulls early cutoff for SHA-1 digital certificates

In light of recent advances in attacks against the SHA-1 cryptographic function, Mozilla is considering banning digital certificates signed with the algorithm sooner than expected.The CA/Browser Forum, a group of certificate authorities and browser makers that sets guidelines for the issuance and use of digital certificates, had previously decided that new SHA-1-signed certificates should not be issued after Jan. 1, 2016.Browser makers have also decided that existing SHA-1 certificates will no longer be trusted in their software starting Jan. 1, 2017, even if they're technically set to expire after that date.On Tuesday, Mozilla announced that it's re-evaluating the cutoff date and is considering the feasibility of pushing it forward by six months, on July 1, 2016. The decision is guided by recent research that improves the practicality of attacks against SHA-1.To read this article in full or to leave a comment, please click here

Prayer Time at Tokyo Summit

This is something I’ve had the pleasure of organizing at VMworld over the last couple of years, and I’d like to start doing it at the OpenStack Summits as well. So, next week in Tokyo, I’d like to offer Christians attending the Summit the opportunity to gather together for a brief time of prayer before the day’s activities get started.

If you’re interested in attending, here are the details.

What: A brief time of prayer

Where: The pool outside the Grand Prince Hotel New Takanawa (the pool outside the red building on this map of the Summit campus)

When: Tuesday, October 27 through Thursday, October 29, at 8:00 am each day (this should give you time to grab some breakfast before the keynotes and sessions start at 9:00 am)

Who: All courteous attendees are welcome, but please note that this will be a distinctly Christian-focused and Christ-centric activity. This is not to exclude anyone, but rather to focus on like-minded individuals. (I encourage believers of other faiths/religions to organize equivalent activities.)

Why: To spend a few minutes in prayer over the day, the Summit, and the other attendees gathered there

You don’t need to RSVP to let me know Continue reading

Stop CISA now!

Many of the world's top tech companies want to put a stop to the fundamentally flawed Cybersecurity Information Sharing Act (CISA) bill which is on the Senate floor.Put another way on "Decide the future of the Internet," the corporate scorecard lists companies against CISA as "Team Internet," while "Team NSA" is "collaborating with the government to control the Internet." Decide the Future CISA will automate sharing with the following government agencies:To read this article in full or to leave a comment, please click here

5 Lessons from 5 Years of Building Instagram

Instagram has always been generous in sharing their accumulated wisdom. Just take a look at the Related Articles section of this post to see how generous.

The tradition continues. Mike Krieger, Instagram co-founder, wrote a really good article on lessons learned from milestones achieved during Five Years of Building Instagram. Here's a summary of the lessons, but the article goes into much more of the connective tissue and is well worth reading.

  1. Do the simple thing first. This is the secret of supporting exponential growth. There's no need to future proof everything you do. That leads to paralysis. For each new challenge find the fastest, simplest fix for each. 
  2. Do fewer things better. Focus on a single platform. This allows you to iterate faster because not everything has to be done twice. When you have to expand create a team explicitly for each platform.
  3. Upfront work but can pay huge dividends. Create an automated scriptable infrastructure implementing a repeatable server provisioning process. This makes it easier to bring on new hires and handle disasters. Hire engineers with the right stuff who aren't afraid to work through a disaster. 
  4. Don’t reinvent the wheel. Instagram moved to Facebook's infrastructure because Continue reading

Worth Reading: The Value of Strategic Network Design

Every organization has its own philosophy when it comes to managing its IT network. And over the years as a senior engineer, I’ve learned to recognize that philosophy almost immediately. While each company is distinct in how its network evolved and how it performs, most IT departments manage and maintain that network with some combination of a reactive and proactive mindset. via netcraftsmen

The post Worth Reading: The Value of Strategic Network Design appeared first on 'net work.

Michael Dell buying a house in Boston, thankfully

Dell CEO and Chairman Michael Dell is a few pen strokes away from buying a house in the city of Boston, Fortune reports, which may help assuage concerns here in Massachusetts that his company’s recent $67 billion purchase of EMC will result in the storage powerhouse and its some 9,500 local employees moving to Texas.Dell from the moment the deal was announced has said he plans to keep EMC right where it is, but nothing says “We’re sticking around” quite like ponying up for a local abode (Dell has other homes in Texas and Hawaii).  And, local jobs aside, I have an even more parochial concern about Dell’s intentions: I live and pay taxes in the town of Hopkinton, which is the longtime home of EMC. There must be a second-largest employer/taxpayer, but I couldn’t tell you who that might be.To read this article in full or to leave a comment, please click here

Oracle slams door on Russian cyberspies who hacked Nato PCs through Java

Oracle has fixed a vulnerability in Java that a Russian cyberespionage group used to launch stealthy attacks earlier this year.At the same time, Oracle fixed 153 other security flaws in Java and a wide range of its other products, it said Tuesday.The Java vulnerability can be used to bypass the user confirmation requirement before a Web-based Java application is executed by the Java browser plug-in. This type of protection mechanism is commonly referred to as click-to-play.The flaw was reported to Oracle by security researchers from Trend Micro, who first spotted the vulnerability in July in attacks launched by a Russian hacker group dubbed Pawn Storm that commonly targets military and governmental institutions from NATO member countries.To read this article in full or to leave a comment, please click here

IT/IT: Distributed OpenFlow

According to ECI, it’s a naïve view to have a single controller control large-scale networks in a reactive mode. Such a global view doesn’t scale, ECI claims. It means the first frame of each new flow is sent to the controller, where an SDN app decides on the desired behavior, derives the required network configurations and then uses the SDN controller to configure all the relevant switches. via sdxcentral

If I were a bit more snarky, I’d be tempted to say something like, “well, if you add a small hello protocol to each of the applets to monitor neighbor reachability, and a small protocol that can exchange local reachability information, and then perhaps a local algorithm to determine which path is the shortest, you can reinvent IS-IS.” But I’m not that snarky, of course…

I have come to believe that at least half of what we invent in the networking world is simply a product of not spending the time nor effort to study what’s already been invented, or the perception that what’s already been invented is “too complex,” and hence not stuff anyone wants to spend time learning nor understanding. A full three quarters of what remains is Continue reading

Malvertising – the new silent killer?

Malvertising is the latest way for criminals to infect your computer with malware – and the only thing you need to do to allow it is to visit your favorite website that relies on advertising. That's because they're slipping bad code into ads that are put onto those websites through advertising networks. Big name websites like Forbes, Huffington Post and the Daily Mail have been the focus of attacks.In a recent report by Cyphort found that malvertising has spiked 325 percent in 2014. A more recent report shows that malvertising reached record levels this past summer. To read this article in full or to leave a comment, please click here

Ever Heard of Role-Based Access Control?

During my recent SDN workshops I encountered several networking engineers who use Nexus 1000V in their data center environment, and some of them claimed their organization decided to do so to ensure the separation of responsibilities between networking and virtualization teams.

There are many good reasons one would use Nexus 1000V, but the one above is definitely not one of them.

Read more ...
1 3,133 3,134 3,135 3,136 3,137 3,696