During the McAfee FOCUS 14 event in Las Vegas I was able to spend some time the McAfee CTO for EMEA, Raj Samani. Our discussion primarily revolved around the skills shortage within the information security industry.
One constantly hears the very abstract notion of there being a skills shortage within the information security industry but nobody really focuses on why this is. Given the fact that the information security domain touches on virtually every aspect of the business, the key to recruiting information security resources is in identifying those resources that have a broad understanding of how information security impacts the business and the wider technology landscape. Raj believes this is where the…
Given all the attention lately on Cloud, I thought I'd write a short piece on what organisations need to think of when moving to the cloud. It is reasonable to say that there are some risks involved when migrating to the cloud. Such as; a hacker only needs to compromise a single infrastructure (i.e. the cloud provider) to potentially access data from multiple organisations, conduct a denial of service that could impact an entire industry, etc.
However there are also benefits to moving to the cloud, such as agility in deploying products and services, infrastructure cost savings, availability of skilled resources at the cloud provider, etc. When considering a move to the cloud, organisations ought to conduct an appropriate level of due diligence and recognise the fact that migrating to the cloud does not mean migrating risk or compliance obligations to the cloud provider. Risk and regulatory compliance obligations are still owned by…
Everybody who uses a smartphone or a tablet and has downloaded apps, has exchanged personal data. The average user – which is most of us – will not know where their data is processed or even what data has been collected. The regulators are doing all that they can to tighten up the regulation but the reality is they will always be a few steps behind. There are now so many headlines of security breaches that it would appear it has numbed a users’ concept of the severity of these breaches.
We, the current generation of professionals still remember a time before everything could be done online - before Facebook and Twitter and Snapchat. And it is this generation that is fighting to ingrain information security and privacy in virtually everything that we do and use. This is because we know what it is like not to have our data or identity stolen by a faceless criminal on the other side of the world. We know what it's like to be able to control who we pass our personal data to and…
As a society we are fast approaching a world where everything is connected, our lives will potentially be logged at an infinite level. Connected fridges and cars are the just the first steps toward my shirts having sensors and notifying my tailor that my shirt has been through 50 washes at 40 degrees and has been worn 49 times in average temperatures of 12 degrees Celsius. Therefore he should start tailoring a new shirt for me now because my current shirt is going to show wear and tear in three weeks time. At which point I will come in for a new shirt.
Is it only a matter of time before implanting chips into humans is the norm? The level of data that can be collected from that could be astronomical. There are advantages to this also, my doctor could predict any potential illness and can help me prevent it through lifestyle change or medication. However the thought of having everything connected, with all manner of data being collected and an infinite number decisions being made based on the analytics of that data - That is a scary thought,…
The focus on IT security continues to be a major issue for most organizations. The findings from our latest APEJ Continuum Study 2013 confirm that spending on IT security remains strong in this era of cautious IT budget.
As part of our annual Continuum Survey of 1,623 end-user organizations in APEJ, we looked at buyers' investment plans for security solutions. IT security is once again rated as the most important technology investment area. As organizations intensify their adoption of advanced technologies, significant gaps in information-security programs are exposed. Further, the list of organizations hit by cyber-attacks this year was long and varied. Thus IT security management remains high on companies'…
Surprised about Edward Snowden's leaks of classified data to the entire world? Well, it shouldn't be a surprise to everyone. Snowden's now-famous revelations follow a set of known, predictable patterns that his managers might well have recognized, if they were looking.
My January 2013 report, Insider Theft Through IT Sabotage, describes the perfect storm of conditions that led to Snowden's acts. Saboteurs will continue to "surprise" the management of organizations that don't consider the following.
Who, what, when, where, how?
IT insiders commit 21% of cyber incidents, and systems administrators (like Snowden) are among the principal instigators of information systems sabotage. The crime is conceived and set up while the perpetrator is still employed and…
We recently completed the security appliance APEJ (Asia/Pacific excluding Japan) market sizing and forecast. Here are some key takeaways:
- The security appliance market remains relatively positive and is expected to reach US$3,059 million in customer revenues by 2017.
- We expect the growth to be strong especially in fast-growing, emerging markets like China, India, and the ASEAN.
- We expect the security appliance market to enjoy healthy growth across various market segments, particularly in the UTM, content management (Web, Messaging) and IPS segments.
- Driven by the adoption of next-gen firewalls, the UTM function is…
We released the 2013 IT Security report, IDC’s annual attempt to predict the course of security industry in this part of world in the coming year, in February. IDC expects security to continue to be a hot market in 2013. Major trends like Compliance, Threat Landscape, Cloud, Mobility, Social, and Big data/analytics will continue to shape IT security. The Asia/Pacific excluding Japan (APEJ) region has a very broad spectrum of capabilities, maturity and variations in its outlook and optimism.
The following are the top 10 predictions for the IT security market in 2013. The document is also available on www.idc.com
This document was co-authored by Poon Wei Ang, Vern-Harn Hue and Pei Wang.
1.Chief Information Officers Will Become Extinct
The adoption of social, mobile, analytics/big data, and cloud by organizations to create agility and adapt to the changing environment has created a need to relook at the roles and responsibilities of the IT department. As a result, the role of…
Parallels, the hosting and cloud services enablement provider announced a major enhancement to the Application Packaging Standard (APS) including a number of new products at their annual Parallels Summit 2013, last month. Parallels has developed the open APS program, a technology standard, that gives ISVs a consistent way to package and syndicate their offerings for sale through the service provider channel. It can be applied to hundreds of commercial applications ranging from WordPress to Microsoft Office 365, Google Apps, and VMware Zimbra, which are already packaged and certified under the APS standard.
The firm claims that the APS 2.0 now includes a pluggable single sign-on (SSO), service bus architecture, and customizable user interface enabling service providers to offer differentiated bundles of cloud services with an easy purchase and activation experience. This will allow Parallels service provider customers/partners access to cloud-based services that they can offer to their end user customers.
Service providers prefer to automate the services by way of common single sign-on between…
The newly created FIDO (Fast IDentity Online) Alliance is promoting a standardized, global protocol and the necessary interfaces to allow organizations to support authentication solutions appropriate to the level of risk involved. The FIDO protocol will allow the interaction of technologies within a single infrastructure so security options can be tailored to the distinct needs of each user and organization. Users will be able to choose their own authentication form factor and not be reliant on passwords.
I was sitting on the other side of the dark mahogany desk when my local insurance agent, who had been staring intently at his monitor, suddenly turned to rummage frantically through his desk drawer. Quickly glancing up at me, he apologetically explained that he had forgotten the password for a certain web site, and he could not complete my transaction until he found it. "This will only take a minute," he said, abandoning the drawer search and grabbing a small box on his desk, shaking it…
About this channel
- 510k views
- 32 articles
- 10 followers