Does a data breach really affect your firm’s reputation?

The long-held view is that breached companies are cast aside by consumers, investors and shareholders. A breach isn’t just a temporary glitch – it’s a mistake, a faux pas, which you can’t just shake off.This warning that has been used by information security professionals over the course of the last five years and for good reason; nothing gets a CEO or CFO’s attention on security matters more than "this is losing us money".However, on closer inspection, it could be argued that this reputation argument is a falsehood.Over the course of the last 18 months, we’ve seen some of the biggest, most widespread, data breaches in the history of the Internet.To read this article in full or to leave a comment, please click here

Overcoming stubborn execs for security sake

Even with the greater awareness for strong security within organizations—and the high-profile hacks that have contributed to that increased awareness—security executives still encounter significant hurdles in doing their jobs to protect data and systems.Clashes with senior business executives as well as those at lower levels of organizations make it more challenging for CSOs and CISOs to create a secure environment, and yet they continue to happen.Many of the conflicts that occur between security and business executives are due to ongoing philosophical differences regarding risk, says Dave Dalva, vice president at Stroz Friedberg, who has worked in the position of CISO for a number of clients.To read this article in full or to leave a comment, please click here

MANET: Mobile Ad Hoc Networks

The MANET stands for mobile ad hoc network; in practice, the term generally applies to ad hoc wireless networks of sufficient complexity that some internal routing mechanism is needed to enable full connectivity. The term mesh network is also used for MANETs. MANET nodes communicate by radio signals with a finite range, as in the Figure – […]

The post MANET: Mobile Ad Hoc Networks appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

MANET: Mobile Ad Hoc Networks

The MANET stands for mobile ad hoc network; in practice, the term generally applies to ad hoc wireless networks of sufficient complexity that some internal routing mechanism is needed to enable full connectivity. The term mesh network is also used for MANETs. MANET nodes communicate by radio signals with a finite range, as in the Figure – […]

The post MANET: Mobile Ad Hoc Networks appeared first on Network Design and Architecture.

What is Routing Loop and How is Routing Loop Prevented ?

A potential problem to packet forwarding is a possibility of a routing loop. It occurs because some packets circulate endlessly due to the set of entries in the forwarding table. Figure – 1 For example, in the Figure -1 we would have a routing loop if, for (nonexistent) destination G, A forwarded to B, B forwarded to D, D forwarded to E, E forwarded to C, and C […]

The post What is Routing Loop and How is Routing Loop Prevented ? appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

New Webinar: BGP-LS and PCEP

I was often asked about two emerging technologies that enable standard controller-based WAN traffic engineering: BGP-LS to extract the network topology and PCEP to establish end-to-end tunnels from a controller.

Unfortunately, I never found time to explore these emerging technologies and develop a webinar. However, after Julian Lucek from Juniper did such a great job on the NorthStar podcast, I asked him whether he would be willing to do a deep dive technology webinar on the two technologies and he graciously agreed to do it.

Read more ...

There and back again – After the Cloud, the Fog

Everything old is new again. That applies to most industries, trends and businesses, so why wouldn’t it apply to how we use resources and where they are placed.

A history lesson

In the 1970’s, IBM developed the first time sharing service implementation via virtual machines and the VM OS.

A few years back, everyone was building data centers.

Then, computing power and data storage were moved to a place everyone called “Cloud” but no one actually knew what it was and that in fact represented a new name for an old dream Douglas Parkhill was writing about it in 1966 in “The Challenge of Computer Utility”. The term became popular starting 2006, when Amazon launched its EC2 (Elastic Cloud Compute) service. In 2008, Microsoft followed the footsteps and launched Azure, their own Cloud service and in 2013 IBM announced the acquisition of SoftLayer, forming the IBM Cloud Services Division.

cloud floppy father

IoT is the new hit

Now, there’s the mighty Internet of Things, which promises to connect everything, but brings us back at least to the partial decentralization of resources and leads the way for the so called “Fog”. IoT is estimated to connect approximately 50 billion devices by 2020, according to Continue reading

Uber to pay $20,000 in settlement on privacy issues with New York attorney general

Uber has agreed to pay a penalty of US$20,000 in a settlement with New York Attorney General Eric T. Schneiderman for delaying in reporting to drivers the data breach of their personal information in 2014.The ride-hailing company has also agreed to tighten employee access to geo-location data of passengers, following reports that the company's executives had an aerial "God View" of such data, the office of the attorney general said in a statement Wednesday.Uber notified Schneiderman's office on Feb. 26, 2015 that driver names and license numbers were accessed by an unauthorized third party in a data breach that was discovered as early as September 2014. The fine has been imposed on the company for its delay in providing timely notice of the data breach to the affected drivers and the office of the attorney general.To read this article in full or to leave a comment, please click here

Malvertising campaign used a free certificate from Let’s Encrypt

Cybercriminals are taking advantage of an organization that issues free digital certificates, sparking a disagreement over how to deal with such abuse.On Wednesday, Trend Micro wrote that it discovered a cyberattack on Dec. 21 that was designed to install banking malware on computers.The cybercriminals had compromised a legitimate website and set up a subdomain that led to a server under their control, wrote Joseph Chen, a fraud researcher with Trend.If a user went to the site, the subdomain would show a malicious advertisement that would redirect the user to sites hosting the Angler exploit kit, which looks for software vulnerabilities in order to install malware.To read this article in full or to leave a comment, please click here

Launching a New Podcast

After quite a bit of deliberation and planning, I’m excited (and nervous!) to announce the launch of a new podcast, titled “The Full Stack Journey Podcast”. Here are the details, structured in a Q&A format.

What topics does this new podcast cover?

The focus of The Full Stack Journey Podcast is to talk about the journey to becoming a full-stack engineer. That term is a bit of a loaded term—some people like it, some people don’t, and there’s some disagreement over exactly what it means. I use the term to describe someone who can work at multiple layers of the modern data center stack, crossing between different silos. This isn’t to say that a full-stack engineer is an expert in all these areas, but it does mean that a full-stack engineer has at least some knowledge and experience in all these areas, with expertise and experience in at least one of them. The podcast aims to provide real, relevant, practical information at helping people with their “full-stack journey.”

Why is the idea of becoming a full-stack engineer important enough to warrant launching a podcast?

I strongly believe the future of the infrastructure engineer does not lie in being Continue reading

The ins and outs of deception for cyber security

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach. It is no longer debated that a prevention only security strategy is enough. Security teams must go on the offense and create an environment that provides continuous real-time detection against an ever-changing landscape of cyber threats, and deception tools can play a critical role. Deception as a strategy has been used for years in war and, notably, by cyber attackers. However, using deception to address threats that have bypassed traditional prevention security measures is an emerging and additional line of defense.  Today’s deception-based technology abandons the reliance on known attack patterns and monitoring, and instead uses advanced luring techniques and engagement servers to entice an attacker away from valuable company servers.To read this article in full or to leave a comment, please click here

Microsoft moving to be ‘ultimate platform for all intelligent cars’

While Microsoft may not be building its own smart, connected vehicles, can you imagine a world in which Microsoft provides the “ultimate platform for all intelligent cars?” Microsoft certainly can and the company has previously claimed that it invented or invisibly runs nearly everything. Yet several announcements coming from CES 2016 make it seem like Microsoft’s plan to take over the world of intelligent cars is not so far-fetched.“In the near future, the car will be connected to the Internet, as well as to other cars, your mobile phone and your home computer,” said Microsoft’s Peggy Johnson, executive vice president of business development. “The car becomes a companion and an assistant to your digital life. And so our strategy is to be the ultimate platform for all intelligent cars.”To read this article in full or to leave a comment, please click here

1 3,188 3,189 3,190 3,191 3,192 3,837