Category Archives: Security

AROUND THE CLOUD: What’s Making Tech News Today

AROUND THE CLOUD: What’s Making Tech News Today

Around The Cloud

Three big stories dominate the web this Tuesday morning and signal huge shifts in the industry landscape; two involving Google and one regarding Apple.

Let’s take a quick look:

Google’s cloud services received a major endorsement with the news that streaming music service Spotify will be moving its technology to the Google Cloud Platform. The Swedish-based leaders in streaming music are not putting all their eggs in one basket, retaining some of the services of Amazon’s CloudFront and Simple Storage Service, but tech blog Engadget reports that “it’s migrating its core computing infrastructure (or its backend), which it uses to store and process data, from its own data centers to Google Cloud Platform.”

Spotify has been effusive in its praise of Google and the work it has put into its cloud infrastructure. “What really tipped the scales towards Google for us, however, has been our experience with Google’s data platform and tools,” said Nicholas Harteau, Spotify VP of Engineering. “Good infrastructure isn’t just about keeping things up and running, it’s about making all of our teams more efficient and more effective, and Google’s data stack does that for us in spades.”

Another Google-owned company, Boston Dynamics unveiled its latest technology, a droid which it is calling Atlas, via a YouTube video which showcases the machine’s capabilities. The company has become well known for the capabilities of its robots and how they respond when kicked or pushed or fall over and this new release is no exception. The robot is seen opening doors, keeping its balance while walking through the snow and picking up 10lb boxes and stacking them on shelves. When it is pushed over it manages to get up quickly and efficiently. Atlas gives us a clear indication of just how close we actually are to having machines that work alongside us in everyday human situations.

Finally, Apple continues to argue that a federal judge has no right to force it to create a software workaround which would sidestep the built-in encryption that is part and parcel of every iPhone. The Cupertino-based tech giants have hired high-profile lawyer Theodore Boutrous, Jr. to argue that it is well within its First Amendment rights to not unlock the phone which was associated with a high-profile terror attack in San Bernadino late last year.

Boutrous told the Los Angeles Times that “”The government here is trying to use this statute from 1789 in a way that it has never been used before. They are seeking a court order to compel Apple to write new software, to compel speech.” He went on to add that “it is not appropriate for the government to obtain through the courts what they couldn’t get through the legislative process.

The company will formally file its response to the court order this Friday.

By Jeremy Daniel

2016 Connected Enterprises Report

2016 Connected Enterprises Report

Connected Enterprises Report

Dimension Data’s 2016 Connected Enterprise Report is out, discussing collaboration trends, insights, and strategies in the digital age. With the promise of lower costs coupled with greater productivity, increased agility and better customer engagement, collaboration technologies are providing tools for real-time communication, file sharing, project management, and social networking which benefit product development, competition response, employee efficiency and more.

Connected Enterprise Report - Infographic_001

Fundamental Discoveries

  • 40% of organizations lack a defined unified communication and collaboration strategy.
  • Increased productivity is the most important collaboration strategy (19%), and increased sales the second (14%).
  • Only a paltry 4% of organizations use return on investment (ROI) as the primary assessment of collaboration technology success.
  • One out of four IT departments measure collaboration project success on the implementation of the technology rather than how well it’s used and adopted, with 17% or organizations not implementing collaboration training programs, and 16% of travel policies remaining unchanged and thus offering no encouragement to utilize collaboration tools.
  • A massive 81% of enterprises believe collaboration has enhanced customer engagement and improved customer service.
  • While 88% of organizations say decision-making processes have been improved through collaboration, many struggle to leverage collaboration to improve their competitive positioning.
  • Though currently only 20-25% of enterprises rely on hosted collaboration services, nearly a third of IT departments consider moving unified communication and collaboration to the cloud to be the most significant technology trend influencing their collaboration strategies.
  • The majority of businesses combine line of business and IT insights when selecting, purchasing, and implementing collaboration technology.

Productivity, Teamwork, and Profit

social-networks

These top objectives for collaborative enterprises rely on streamlined communications which make it easier for employees to interact from anywhere, at any time, via any device, and through any app, breaking down both organizational and geographical barriers and allowing people to share knowledge and quickly take action. Contact centers using collaboration tools are also better able to facilitate communication and teamwork, ensuring improved customer service, while the reduced need for air travel and hotel expenses lowers costs significantly in global organizations without the loss of face-to-face interaction.

The top five single most important objectives of collaboration are:

  • Improve individual employee productivity;
  • Improve sales/revenue;
  • Accelerate decision-making;
  • Reduce business expenses;
  • Improve teamwork among employees.

Cloud Migration

With the cloud now essential to most businesses, cloud technology is the principle platform allowing enterprises to deploy applications efficiently, cost-effectively, and at scale, and migrating collaboration applications to the cloud has become central to many enterprises’ abilities to make collaboration technology available to the greatest number of users in the most cost-effective way. Top technology trends affecting most organizations’ collaboration strategies are:

  • Adopting collaboration applications as hosted services, rather than deployed on-premise – 27% of IT departments consider this to be the most important trend affecting their collaboration strategies.
  • Adopting collaboration applications via a subscription model, rather than more traditional licensing – 14% of IT departments consider this the most important trend.
  • Moving collaboration applications to private data centers, rather than running them on dedicated hardware – 10% of IT departments believe this to be the most important trend.

The many reasons for moving collaboration to the cloud are an assorted set of strategic, operational, and financial motivations, but significantly observed is the potentially lower costs of cloud (at least initially), and when adopted as a hosted service, these costs can become operational rather than capital expenses. Furthermore, administration and updating of applications is easier in the cloud, ensuring less onerous management processes. Those with an organization-wide cloud strategy in place are likely to take the cloud direction for their collaboration applications, but currently, 75% of collaboration applications are deployed on-premise, and so it will still be some years before many enterprises entirely migrate collaboration technology to the cloud.

By Jennifer Klostermann

Protecting Devices From Data Breach: Identity of Things (IDoT)

Protecting Devices From Data Breach: Identity of Things (IDoT)

How to Identify and Authenticate in the Expanding IoT Ecosystem

It is a necessity to protect IoT devices and their associated data. As the IoT ecosystem continues to expand, the need to create an identity to newly-connected things is becoming increasingly crucial. These ‘things’ can include anything from basic sensors and gateways to industrial controls systems, retail terminals and scanners, and kiosks to medical devices, heating and lighting systems, connected homes, and smart cars.

Identity and authentication for the IoT enables the use of foundational information security concepts, including confidentiality, integrity, availability, authentication, and non-repudiation. At the core, identity binds credentials. It allows an operator to well manage IoT devices, define access, set policies, and secure communications to protect devices and data. But within the Identity of Things (IDoT), how does one clearly define the credential and the accompanying authentication and encryption services?

Identity and Access Management

The Cloud Security Alliance (CSA) first raised this issue back in September 2015 when the organization released a Summary Guidance on Identity and Access Management (IAM) for the IoT. Within the document, the CSA emphasized the importance of properly identifying things in order to enable authentication, encryption, and data integrity in an ecosystem. Currently, there are more than 20 different study groups, consortiums, alliances, and standards initiatives working toward creating a secure framework for the IDoT.

connected-iot

(Image Source: Shutterstock)

Issues such as scale, power and computational constraints, ruggedized requirements, energy limitations, increased number and variation of connectivity protocols, and cost factors, among others, make it difficult to simply impose a legacy enterprise IAM or credential management solution. Furthermore, while scenarios for IoT authentication are numerous, there are three notable challenges: token-based authentication currently only works for HTTP, symmetric key mechanisms require input at manufacture, and standard Public Key Infrastructure (PKI) is generally considered impracticable for constrained environments.

Cybersecurity Obstacles 

The three obstacles are ones the cybersecurity industry is working diligently to overcome. For token-based authentication, new methods need to be devised for all the new connectivity vectors (cellular, Bluetooth, Wi-Fi, NFC, RFID, etc.), either as one, convergent authentication method or one for each vector. Both approaches will require significant research and development.

identity

Alternatively, and with some modifications, symmetric key mechanisms can be adapted for the IDoT. For example, Digital Short Range Communications (DSRC), used in vehicle-to-vehicle communications, supports a much smaller certificate structure than the standard X.509. Meanwhile, the use of certificates requires some form of central mechanisms and management structure, such as PKI. In fact, many (and notably certification authorities) tout PKI as the contending standard for identification, encryption, and authentication of IoT devices, but traditional PKI does not scale well for the IoT. A more dynamic key architecture may need to be developed. Essentially the method chosen will depend on the constrained devices in question and their respective environment.

From a private sector perspective, a number of firms are already promoting authentication, identity, and related management services to address the challenges head-on. The movement in the private sector is dynamic, with numerous firms—from startups to big players in the enterprise IAM and authentication and key management space—investing in the IoT market. While some are offering data-centric security platforms for IoT and M2M, others are developing cloud-based IoT security platforms to create and manage digital identities. The solutions are wide-ranging and varied.

In all, the IDoT market opportunity is still nascent, but it is evidently expanding quickly. Most pressing is the development of adapted identity solutions. These solutions will need to revolve around data centric encryption, dynamic certificates and key architecture.

By Michela Menting

Will GPS, The Cloud, And The IoT Enable A New Level Of Mass-surveillance?

Will GPS, The Cloud, And The IoT Enable A New Level Of Mass-surveillance?

New Levels of Mass-surveillance?

There’s a dark cloud hanging over the cloud. Recently, US security chief James Clapper blithely revealed that the government “could” use the Internet of Things for civilian surveillance.

Given the heightened alarm caused by domestic terrorism, I take it the word ‘will’ is more applicable than ‘could’ in this case. If the FBI is capable of making the chilling’ request that Apple build a backdoor into the iPhone, it’s capable of requesting the same of the IoT. Tim Cook makes a fine point when he says bad actors would find means of encrypting iOS to circumvent the backdoor. This mirrors a point I will make about surveillance and the IoT.

IoT_push-tech

(Infographic Source: pushtechnology.com)

But first, how did we get here? Are the IoT and the cloud on which we store data a Trojan horse, a way of sneaking constant government surveillance into our lives?

In terms of the IoT, I’d like to argue it all began with a technology we sometimes take for granted: GPS. The US government started the Global Positioning System project in 1973. It has enabled a variety of innovations that are precursors to the IoT. In turn, the IoT may enable a whole new level of government surveillance.

GPS

GPS is essentially a web of 32 satellites that collect geographic and chronological data, transmitting it via radio waves to antennae, monitors, and receivers on the ground.

First, satellites communicate with a Control Segment, which consists of several master control stations, four antennae, and six monitor stations.

The Control Segment sends signals to the User Segment, which consists of hundreds of thousands of receivers in the hands of military, scientific, commercial, and civil personnel worldwide.

Finally, the civilian segment employs the accurate locational and chronological data for everything from astronomy to automotive navigation.

GPS and private sector innovation

Before 1996, any sort of private sector GPS-related business involved contracting with the military. Then, Bill Clinton made the network available to civilians. But the signal wasn’t very reliable until 2000, when Clinton discontinued ‘selective availability’, which scrambles the signal.

The government originally had selective availability in place for security reasons. After Clinton cut it, Geocaching, invented by a GPS enthusiast named Dave Ulmer, helped popularize GPS with consumers. The combination of metal detecting and Geocaching is an early example of the technological synthesis that characterizes the IoT.

wearable-gps

GPS receivers began popping up in cars, mounted on the dashboard or rearview mirror. In 2004, Qualcomm succeeded in integrating GPS with mobile phones. That same year, Dutch company TomTom invented the PND (Personal Navigation Device), a touchscreen GPS unit with software that prefigured smartphone GPS apps.

Google debuted its free navigation system for Android in 2009. By then, stand-alone GPS from the likes of Garmin and TomTom had lost out to apps. These brands then began to market premium navigation apps for iOS and Android. Meanwhile, brands were discovering they could mine user location data, paying apps for the wealth of data accumulating on the cloud.

Some auto manufacturers also began incorporating onboard GPS, and the possibility of the autonomous car, one of the harbingers of the IoT, started to look real. Gig startups such as Uber and Lyft developed apps that depend to a great extent on GPS. Automated tractors from brands such as John Deere, Case IH, and New Holland have been mobile since 2008.

In Finland, Volvo is using GPS to warn drivers about the location of herds of elk. The warning system incorporates GPS tracking, animal-vehicle collision statistics, and analysis of wildlife movement patterns. If and when the roads become smart roads, as would be the case with the IoT, sensors in the road and other locations could relay data about elk to the cloud, where it would then be analyzed in combination with GPS data to provide an alert to the driver—or to the autonomous vehicle.

Geolocation apps such as Foursquare, Gowalla, and Brightkite are bringing A-GPS (Assisted GPS, which uses cell-sites and, sometimes, Wi-Fi networks to triangulate with satellites for greater accuracy) into the social realm. These apps incorporate location check-ins, social networking, events, and games in an effort to make GPS fun.

GPS, the IoT and government surveillance

Each smartphone, and any smart device, has a GPS chip in it. In my opinion, GPS is the baseline enabling technology for the IoT. Because of it, we realized we could track objects with radio waves—thus RFID. Other specialized sensors, such as optical tags and quick response codes, only need to be added to provide qualitative information. And of course Wi-Fi is in the mix.

If the FBI succeeds in using the All Writs Act of 1789 to break Apple’s encryption, it will set a precedent for the IoT as a massive surveillance tool. Since the IoT is essentially a network of GPS-enabled smart objects, the FBI will know exactly where we are at all times. Information we store on the cloud would be fair game, too.

The FBI’s argument is that they want to hack smartphones to catch the bad guys. Why do we have to be so concerned about our privacy when this would go towards deterring crime?

The principle of privacy, that’s why. And criminals will be aware of government surveillance. Terrorists will know that to remain undetected they’ll need to remain off the smart network or implement additional encryption. As we’re seeing with groups such as Isis, they’re technologically savvy. They would only need to train and hire good hackers.

We’re now witnessing an era when the private sector innovations with GPS, the cloud, and IoT may become tools for government use. It all hangs in the balance as the IoT advances.

By Daniel Matthews

The Lurking Threat Called Passivity

The Lurking Threat Called Passivity

The Lurking Threat

What is lurking inside your company’s systems that is making them vulnerable to attack? Hacking, phishing and other types of attacks are often considered to be externally driven, with gangs of anonymous hackers operating from halfway around the world using Internet connections to break in and wreak havoc. But surprisingly, a significant proportion of network security events happen on the inside. Depending on the particular organization or industry, this percentage can range from 35% to 90%. In addition, a significant portion of the vulnerability of any system starts passively—in other words, with features and items that are not active viruses or cracking tools, but whose mere presence eats away at the defenses.

threat-data

Consider busy employees. They have lots to do, and constant distractions pull their attention away from practicing proper computer hygiene. In their haste to get to a meeting or catch a flight, laptops are lost, phones get misplaced and USB drives are borrowed. As convenient as these devices are, much of the data and documentation stored on them is unencrypted. Few people ever choose to assign a password to a Microsoft Word file; it takes too much time. The same goes for other types of passwords, too. It is time-consuming and annoying to change them every two weeks, especially if they are difficult to remember. A proper password should be a string of 16 or more essentially unintelligible characters, but most of us just don’t like to do that.

Dormant Data

Then there are those who are simply not around anymore. People leave, some get fired and others simply get promoted or move elsewhere. This results in many dormant user accounts lurking in the depths of the system. Still more accounts may never have been activated. They sit there, with their default passwords invisible due to inactivity, a fertile place for sophisticated thieves to set up shop and establish a back door.

dormant-data

(Image Source: Shutterstock.com)

Some employees access files, directories or other areas by accident, assigning documents to the wrong drives, clicking on the wrong link or simply not knowing what they are doing. Such mistakes are not the fault of the individual. Many people have never been able to bring their degree of computer literacy up to an adequate level. Even those who are familiar with password changing regimens, and who do not use a stranger’s USB drives, may be unaware of sinister activities such as Wi-Fi website spoofing, for example. This happens when the free Wi-Fi login for an honest-to-goodness coffee shop is replaced or overshadowed by a sophisticated reproduction working in the same hotspot, inviting workers to share everything on their mobile devices with them.

These actions may fly under the radar, especially when security does not or cannot maintain sufficient definitions of “correct” or “normal” activity on a network. Security specialists themselves often do not have the resources to adequately police internal activities, even when a budget has been established.

Malignant Operators

It is evident that none of these human-sourced weaknesses are the result of a specific virus or action. They are generally passive in nature, relying on the fact that people are both goodhearted and under great pressure. However, these activities are the types that offer safe harbor to malignant operators, who either hack in and sniff out these soft spaces or already work within the organization and are intent on sabotage or espionage.

Network security will always be an ongoing battle. The enemy is relentless. That’s why a strategy must come from the top. It should focus not solely on technical solutions, but also on human elements such as time management, planning and communication, backed up with adequate and ongoing training. For as distanced as these soft skills seem to be from the digital world of computers, they are the levers by which the bad guys force open a crack and move inside.

For more on this topic, go to businessvalueexchange.com, sponsored by Hewlett Packard Enterprise.

By Steve Prentice

How To Use Big Data And Analytics To Help Consumers

How To Use Big Data And Analytics To Help Consumers

Big Data Analytics

Businesses are under increasing pressure to develop data-driven solutions. The competitive advantage gained by a successful strategy can be immense. It can create new opportunities and help businesses to react to different scenarios or sudden changes in the market. But innovation and resilience are not easily achieved, and organizations always face difficult decisions about what data to collect and how to leverage insights effectively.

Even today, companies are still unsure about how to use the data they collect, with differences between C-suite executives reflecting wider organizational divisions. But, by looking at organizations that use data and analytics to identify and help consumers successfully, a few useable insights emerge.

Think Big, Start Small

The scale and technical challenges involved in big data and analytics projects can be a problem, especially when paired with lofty expectations and the high fixed costs involved in research and development. These barriers can make it difficult for small companies to keep pace with larger ones who have bigger budgets and access to the latest technology.

business

One way that small and big companies alike can exploit the disruptive potential of big data analytics is by starting small, with a clear focus on a single area and application. By increasing – and demonstrating – the value of big data and analytics in one area, such as customer support and relationship management (CRM), before moving on to the other applications, you can build expertise and understanding, with the benefits filtering down to other parts of the organization bit by bit.

Invest in Talent

Lack of talent is one of the main obstacles faced by small and medium-sized businesses looking to implement big data and analytics strategies. Many struggle to find people with the high-level skills necessary to conceive and run a big data and analytics project. With technical expertise a prerequisite for success, it’s no surprise that organizations with the largest budgets tend to attract much of the best talent. Online giants like Amazon, whose recommendation engine is a standout example of the potential of big data, or new peer-to-peer companies like Uber with sophisticated data-driven models and large pots of venture capital, find it easier to innovate and stay ahead.

big-data-talent

(Image Source: Shutterstock)

Smaller B2C companies need to ensure they overcome the skills shortage by adopting a variety of carefully targeted measures. Here the importance of arranging external or internal technical training for existing staff, and creating a data-driven culture in which analytics informs understanding of customer demand, should be underlined. This may mean turning to consultants or contract employees, at least in the short term, to build internal resources through the transfer of knowledge and expertise.

Overcome Security Challenges

Any commercial strategy that involves the collection and analysis of data is going to raise security concerns. The capacity to capture and analyze customer data is one thing, the technical expertise to keep this information secure is another. In an environment where any breach or loss of data can leave a business’s reputation irrevocably damaged, there is pressing need to invest in data encryption and information security, and for any security strategy to have broad support across the organization.

secure-device

Trust and privacy concerns may persist, however. For these to be addressed, businesses need to adopt a raft of measures designed to establish and build trust. On the one hand, these will involve outward-looking measures to do with communication and transparency; but, on the other, these must be based on solid internal processes, including – but not confined to – the implementation of compliance mechanisms, codes of conduct and company values.

The Potential of Big Data and Analytics

Having outlined what it can take to make big data work, and suggested the challenges that must be overcome, we are left asking: ‘Is it worth it?’ A concrete example can help to illustrate the potential for big data to generate increased revenues and improved customer experience. Supply shortages, poor on-time delivery and inaccurate sales forecasts are significant problems for technology manufacturers, leading to bottlenecking and, ultimately, higher prices. By using big data and analytics to improve the sophistication and accuracy of sales forecasts, manufactures can ensure their products are consistently available and on-time, and at prices that are genuinely competitive.

By George Foot

Automation – Are We At Risk?

Automation – Are We At Risk?

Future Automation 

The automation of society is happening. Those who have read Kurt Vonnegut’s Player Piano know that it depicts a dystopia in which the economic system has made material abundance plentiful, but deprives the masses of meaningful labor. He shows us a future where all work is menial and unsatisfying, and where only a small number that achieves higher education is admitted to the elite and its work. This was in 1952.

mosheToday, researchers Frey and Osborne predicted in 2013 that 47% of US jobs were susceptible to automation by 2050. According to Moshe Vardi, Professor of Computer Science, Rice University, machines could take 50% of jobs in the next 30 years.

The automation revolution is occurring at revolutionary speeds, however, the impact on our society is being felt with mass unemployment and psychological aimlessness.

The automation revolution is upon us, though it will not happen without radical changes in the social conventions surrounding labor. As the machines eat up more jobs, the dystopia is real, as we fear the mass unemployment and psychological aimlessness. Our reaction will be to stall the third industrial revolution. We can look back on futurists like Vonnegut, and develop a sense of knowing of what is to come.

The Last Job on Earth

Alice shows us a dim future in which the automation revolution takes every last job we have. The dystopian society had become real, however there is no need to fear this sort of outcome. There are many solutions and outcomes that are real today, and show us a positive outlook for a bright future.

coffee-shop

(Image Source: Shutterstock)

One idea is to de-link work from wages. You can see this taking place on any business flight or Starbucks coffee shop. Everywhere you look there are men and women hunched over laptops and tablets, they are working under trees in the park, on buses, in front of the television. It’s a futuristic factory, they flip from work to emails, and nobody sets a timer. The new work strategy is to work to targets or goals, not time.

In order to properly de-link work from our wages, we would still need a standard of income. A combination of a universal basic income, paid out of taxation, and an aggressive reduction of the working day will unleash the automation revolution at jet speeds. As usual, Europe is ahead of the curve with Sweden cutting the workday to 6 hours, while Finland has already begun experimenting with a basic citizen’s income.

The ideas are similar to the ideas presented to us in Robert Heinlein’s For Us, the Living, where he depicts an automation revolution that results in an economic system known as the “Heritage Check,” which was supplanted by taxation. The shift was made possible by huge advances in technology and production capacity as machines continued to free up our time. It seems that again, science fiction has closely predicted our current state of ideas, and the automation revolution that is upon us.

Don’t Fear Automation

The news may be more unsettling that with current economic news. The fear in the headlines reads louder than the truth. According to reports millions of jobs are at high risk for automation. This isn’t just for blue-collar workers; computers are now taking over tasks performed by professional workers, raising fears of massive unemployment. As the cost of technology reduces or the price of human labor increases, the pace of job automation is likely to accelerate.

automation

Those job areas where the tasks are manual or repetitive are more vulnerable than those that are in the creative, technical fields, or where strong interpersonal skills are required. At the same time, many new jobs are created that are directly due to automation that requires an individual to control. Technology has created far more jobs than it has destroyed and these new jobs are better paying and tend to be safer from the risk of future automation.

“As technology advances, it reverses the characteristics of every situation again and again. The age of automation is going to be the age of ‘do it yourself.’” Marshall McLuhan

By Tina Rose

How Is CISA Really Going To Affect Cybersecurity?

How Is CISA Really Going To Affect Cybersecurity?

CISA Cybersecurity

Desperate times call for desperate measures, and it was only a matter of time before the U.S. government came up with a new federal law concerning cybersecurity, since the last one, the Cyber Intelligence Sharing and Protection Act, was defeated in the Senate in 2013. Last year was “the year of the breach”, which resulted in many cyber-attacks leading to the passing of a new federal law – the Cybersecurity Information and Sharing Act.

This law is said to greatly improve cybersecurity in the United States, but it actually faces a lot of opponents due to its vagueness. It is definitely going to affect cybersecurity, but in what way? Read on to find out what this bill represents and how it actually affects cybersecurity in the U.S.

What Exactly Is CISA

CISA, or the Cybersecurity Information and Sharing Act, is a U.S. federal law that is meant to improve cybersecurity in the United States by allowing technology and manufacturing companies to share information about cybersecurity threats with the U.S. government. It is a way for every company to share “cyber threat indicators” with government agencies and the Department of Homeland Security, in an attempt to fight hackers and prevent damage before it’s too late.

The collected data can be shared with any of the U.S. government agencies, including the NSA, the FBI, the CIA and many others. This bill protects companies from Freedom of Information Act requests by protecting them from any liability lawsuits for the harm done to their customers, due to the sharing of their private information, as long as they follow government guidelines.

data-issues

What Do the “Cyber Threat Indicators” Include?

According to CISA, “cyber threat indicators” represent any information that is necessary for identifying threats and they include the following: the consequences of a cyber-attack, “malicious resonance”, that is, any spy software that can steal your passwords, network activity that shows security vulnerabilities, codes that can bypass your security measures, as well as “malicious cyber command and control” that can point to the source of the cyber-attack.

All of these indicators are pretty useful for fighting hackers and they show potential ways for improving cybersecurity. Another thing that this bill indicates is that companies can share any other information related to cybersecurity threats, unless it is not legal to share that information due to other laws. That is the vague and tricky part that makes everyone wonder whether this shared information will be misused.

Will CISA Leave Room for Privacy?

Apparently, the U.S. citizens can all say goodbye to privacy. That is the main reason why CISA has so many opponents, among which are some of the major technology companies, such as Microsoft, Apple, Google, Facebook, Twitter, Reddit, Wikipedia and many others. The greatest opponents include private companies that don’t engage in any nefarious activities and have literally no reason to be introspected and to provide the government with their customers’ private information.

data-privacy

CISA definitely leaves no room for privacy and, most importantly, it does very little to protect Americans from cyber-attacks. Instead, it greatly focuses on sharing Internet traffic and private information. Americans want real protection from hackers and cyber-attacks and all they got was a bill that threatens their privacy.

What concerns many people is the impact CISA may have internationally. The bill does not state that, of course, as it is designed only for the United States, but due to the fact that much of the world’s data flows through the U.S., American laws affect a much larger number of people than just those inside their borders. After all, the Internet is global.

That means that U.S. laws may not only apply to their citizens and that fact leaves the whole world in fear of their private information online, since CISA may give permissions for people who are not protected by U.S. laws. More importantly, this bill leaves many companies outside the U.S. very concerned about the privacy of their customers who happen to reside inside U.S. borders.

In a nutshell, the Cybersecurity Information and Sharing Act does not do much to improve cybersecurity, as it clearly should. Instead, it seems to be an effective way for the U.S. government to keep tabs on its citizens by having access to every private piece of information about them. Whether that changes eventually or not, only the future will tell.

By Pavle Dinic

CloudTweaks Comics
The Global Rise of Cloud Computing

The Global Rise of Cloud Computing

The Global Rise of Cloud Computing Despite the rapid growth of cloud computing, the cloud still commands a small portion of overall enterprise IT spending. Estimates I’ve seen put the percentage between 5% and 10% of the slightly more than $2 trillion (not including telco) spent worldwide in 2014 on enterprise IT. Yet growth projections…

12 Promising Business Intelligence (BI) Services For Your Company

12 Promising Business Intelligence (BI) Services For Your Company

12 Promising Business Intelligence (BI) Services Business Intelligence (BI) services have recently seen an explosion of innovation and choices for business owners and entrepreneurs. So many choices, in fact, that many companies aren’t sure which business intelligence company to use. To help offer you a solution, we’ve compiled a list of 12 Business Intelligence companies…

The Questions of Privacy In The Internet of Things Revolution

The Questions of Privacy In The Internet of Things Revolution

Privacy in the Internet of Things Revolution The Internet of Things (IoT) has been promising a lot to consumers for a few years and now we’re really starting to see some of the big ideas come to fruition, which means an ever-growing conversation around data security and privacy. Big data comes with big responsibilities and…

Five Cloud Questions Every CIO Needs To Know How To Answer

Five Cloud Questions Every CIO Needs To Know How To Answer

The Hot Seat Five cloud questions every CIO needs to know how to answer The cloud is a powerful thing, but here in the CloudTweaks community, we already know that. The challenge we have is validating the value it brings to today’s enterprise. Below, let’s review five questions we need to be ready to address…

The Storytelling Machine: Big Content and Big Data

The Storytelling Machine: Big Content and Big Data

Bridging The Gap Between Big Content and Big Data Advances in cloud computing, along with the big data movement, have transformed the business IT landscape. Leveraging the cloud, companies are now afforded on demand capacity and mobile accessibility to their business-critical systems and information. At the same time, the amount of structured and unstructured data…

Digital Transformation: Not Just For Large Enterprises Anymore

Digital Transformation: Not Just For Large Enterprises Anymore

Digital Transformation Digital transformation is the acceleration of business activities, processes, and operational models to fully embrace the changes and opportunities of digital technologies. The concept is not new; we’ve been talking about it in one way or another for decades: paperless office, BYOD, user experience, consumerization of IT – all of these were stepping…

SaaS And The Cloud Are Still Going Strong

SaaS And The Cloud Are Still Going Strong

SaaS And The Cloud With the results of Cisco Global Could Index: 2013-2018 and Hosting and Cloud Study 2014, predictions for the future of cloud computing are notable. Forbes reported that spending on infrastructure-related services has increased as public cloud computing uptake spreads, and reflected on Gartner’s Public Cloud Services Forecast. The public cloud service…

Cloud Infographic – Big Data Predictions By 2023

Cloud Infographic – Big Data Predictions By 2023

Big Data Predictions By 2023 Everything we do online from social networking to e-commerce purchases, chatting, and even simple browsing yields tons of data that certain organizations collect and poll together with other partner organizations. The results are massive volumes of data, hence the name “Big Data”. This includes personal and behavioral profiles that are stored, managed, and…

Public vs. Private vs. Hybrid: Which Cloud Is Right for Your Business?

Public vs. Private vs. Hybrid: Which Cloud Is Right for Your Business?

Public vs. Private vs. Hybrid The debate surrounding the deliverability of cloud computing is coming to a close. Businesses have begun to rapidly adopt the use of cloud services, courtesy the ROI this disruptive technology brings to the table. They have finally realized they cannot afford to ignore the cloud. A Forrester study found that…

Cloud Computing – The Good and the Bad

Cloud Computing – The Good and the Bad

The Cloud Movement Like it or not, cloud computing permeates many aspects of our lives, and it’s going to be a big part of our future in both business and personal spheres. The current and future possibilities of global access to files and data, remote working opportunities, improved storage structures, and greater solution distribution have…

Data Breaches: Incident Response Planning – Part 1

Data Breaches: Incident Response Planning – Part 1

Incident Response Planning – Part 1 The topic of cybersecurity has become part of the boardroom agendas in the last couple of years, and not surprisingly — these days, it’s almost impossible to read news headlines without noticing yet another story about a data breach. As cybersecurity shifts from being a strictly IT issue to…

Using Private Cloud Architecture For Multi-Tier Applications

Using Private Cloud Architecture For Multi-Tier Applications

Cloud Architecture These days, Multi-Tier Applications are the norm. From SharePoint’s front-end/back-end configuration, to LAMP-based websites using multiple servers to handle different functions, a multitude of apps require public and private-facing components to work in tandem. Placing these apps in entirely public-facing platforms and networks simplifies the process, but at the cost of security vulnerabilities. Locating everything…

Your Biggest Data Security Threat Could Be….

Your Biggest Data Security Threat Could Be….

Paying Attention To Data Security Your biggest data security threat could be sitting next to you… Data security is a big concern for businesses. The repercussions of a data security breach ranges from embarrassment, to costly lawsuits and clean-up jobs – particularly when confidential client information is involved. But although more and more businesses are…

Using Cloud Technology In The Education Industry

Using Cloud Technology In The Education Industry

Education Tech and the Cloud Arguably one of society’s most important functions, teaching can still seem antiquated at times. Many schools still function similarly to how they did five or 10 years ago, which is surprising considering the amount of technical innovation we’ve seen in the past decade. Education is an industry ripe for innovation…

The Importance of Cloud Backups: Guarding Your Data Against Hackers

The Importance of Cloud Backups: Guarding Your Data Against Hackers

The Importance of Cloud Backups Cloud platforms have become a necessary part of modern business with the benefits far outweighing the risks. However, the risks are real and account for billions of dollars in losses across the globe per year. If you’ve been hacked, you’re not alone. Here are some other companies in the past…

7 Common Cloud Security Missteps

7 Common Cloud Security Missteps

Cloud Security Missteps Cloud computing remains shrouded in mystery for the average American. The most common sentiment is, “It’s not secure.” Few realize how many cloud applications they access every day: Facebook, Gmail, Uber, Evernote, Venmo, and the list goes on and on… People flock to cloud services for convenient solutions to everyday tasks. They…

Technology Influencer in Chief: 5 Steps to Success for Today’s CMOs

Technology Influencer in Chief: 5 Steps to Success for Today’s CMOs

Success for Today’s CMOs Being a CMO is an exhilarating experience – it’s a lot like running a triathlon and then following it with a base jump. Not only do you play an active role in building a company and brand, but the decisions you make have direct impact on the company’s business outcomes for…

The Fully Aware, Hybrid-Cloud Approach

The Fully Aware, Hybrid-Cloud Approach

Hybrid-Cloud Approach For over 20 years, organizations have been attempting to secure their networks and protect their data. However, have any of their efforts really improved security? Today we hear journalists and industry experts talk about the erosion of the perimeter. Some say it’s squishy, others say it’s spongy, and yet another claims it crunchy.…

Three Factors For Choosing Your Long-term Cloud Strategy

Three Factors For Choosing Your Long-term Cloud Strategy

Choosing Your Long-term Cloud Strategy A few weeks ago I visited the global headquarters of a large multi-national company to discuss cloud strategy with the CIO. I arrived 30 minutes early and took a tour of the area where the marketing team showcased their award winning brands. I was impressed by the digital marketing strategy…