Category Archives: Security

Ad Infinitum – Internet For Everything

Ad Infinitum – Internet For Everything

Internet For Everything

The hypothesis that a new Internet-for-everything society will come, as it is desired by the fundamentalists, is in fact very weak, not to say improbable” —Philippe Breton

Despite what Breton wrote in 2011, small devices across the globe are increasingly capable of fully qualified networking. This technological advancement of small, autonomous devices equipped with adequate sensors builds up the foundation for the Internet of Things. What Breton was pointing out is that this development is like a Trojan horse, incurring massive social implications. His key message was that this transformation of society is largely unquestioned. Under the populistic notion of practicality, the issue is presented as inevitable, despite the challenges it poses to the core values of his society as he expresses them: the Law, Speech and the Individual.

Clearly, with its close connection to contemporary globalization, the increasing number of tiny, autonomous devices operating throughout society will also raise concerns and research questions about security, privacy and ethical matters. Consequently, there is more and more research published on the technical security of these devices, the networking between them, and their backend systems. Take for example what Hossain, Fotouhi and Hasan contributed in their recent paper for IEEE World Congress. While technical solutions essentially and comprehensively identify and classify the parts and their interconnected links, they leave out the important questions of “who governs” and “whose security”.

Furthermore, technical maneuvers rarely bring about direct financial advantages for businesses.

Backdoor in the refrigerator

future-techThe technical vulnerabilities of interconnected devices are often explained using rather abstract, if not surreal, scenarios. Yet the fact is that networked small devices often provide new injection points for various rogue actors, and also generate new business for security appliance providers.

These fictional examples are often reinforced by referring to more severe environments like healthcare, industrial or military appliances where a backdoor in one small device could compromise the whole system. Many nations are presenting these threats as real, and investing in research both to identify them and sometimes also to gain offensive capabilities. As the basis of the Westphalian State is to be in possession of the ultimate coercive force, the local law enforcement office eagerly wants to secure their ability to invade your fridge. The armed forces, on the other hand, might want to do the same thing abroad for the sake of national security.

The threat is not that far-fetched, as recent headlines have demonstrated how innocent game consoles were used for plot against the sovereign. While competent security agencies are well aware that state security involves much more than taking away or intercepting digital toys, this kind of headline incurs huge value for the securitizing process in the public mind.

Global Business Infrastructure

The fundamental aims when securing any information system are to ensure that the data stays coherent, confidentiality is not lost and the data is available when needed. While these and any derived requirements are commonly implemented today in traditional web applications and infrastructure, by definition, the complex and evolving IoT has some particular restrictive characteristics. Yet for global businesses, and indeed, as noted, increasingly for states too, it is essential that they and their customers are able to operate safely in the world of Things.

tech evolution

Many devices in the mesh-like network of Things are expected to be rather autonomous, and yet need to be in connection with other devices. As such, a backend system is usually included in the architecture, to coordinate communication across the devices. While useful from the point of view
of the application, this kind of dependence and transfer of data will introduce an expansion of the borders of the IoT security domain. While completely autonomous devices could conceptually be developed, in practice, business and legal requirements often lead to practical hybrid solutions, where parts of the application and data are stored on the device and parts are shared across the network.

Perhaps one of the most widely spread IoT-like systems is the RFID or biometric passport. Capable of storing essential details and getting power over the air, it contains essential cryptographic features to ensure that gates at the border are not easily led astray.


(Image Source: Automatic Border Control Process – Wikipedia)

Active chips are equipped with an internal power source, so that they can initiate communication as well. While they are forerunners on the market of Things, these small devices have also been known to be tragic examples of failures of security. Setting up a trivial antenna on the street could initiate connection to any passport within range, and by knowing or guessing its password, gain access to personal details. While the feature is apparently designed for the border gates, it demonstrates the practical dangers of building backdoors in the Internet of Things.

By Kristo Helasvuo

From Startup To Becoming Enterprise Grade

From Startup To Becoming Enterprise Grade

Becoming Enterprise Grade

How can an emerging business make a successful transition from selling to SMB customers that fueled their early growth to the enterprise customers that enable long-term profitability? What works with SMB customers often won’t get you a seat at the enterprise table. To make deep inroads into enterprise accounts, you have to adopt an enterprise-grade mindset in everything you do.

Want to Win Enterprise Customers? Adopt an Enterprise-Grade Culture

How can an emerging business make a successful shift from SMB markets to enterprise? That’s a question that didn’t come up very often back when I was managing worldwide channels, first for BEA, and then for Oracle after BEA was acquired. When you’re already embedded in the enterprise space, you don’t think much about the steps it took to get there.

But it’s a question smaller companies have to ask — and solve — if they want to gain entry into enterprise accounts, and retain them. The stakes are high. In the software arena alone, worldwide enterprise sales were tracking to have hit $338B (US) in 2015, according to Gartner. The question of how to win a share of that business became relevant to me personally three years ago when I became CEO and President of Aria Systems.

Adopting Early

Aria made its mark by pioneering a cloud-based billing platform that enables businesses of any size to maximize recurring revenue and grow customer lifetime value. We initially focused the business around targeting the SMB segment of the market; due largely to the early adoption for SaaS applications we centered on these buyers. Large enterprise companies were reticent to purchase cloud-based solutions, particularly mission critical applications from young “start-ups.”


A few months after I became CEO we decided to make a very deliberate shift and focus Aria entirely on the enterprise market. My team and I concluded this was the right market to build all aspects of our company around; hiring DNA, product roadmap, infrastructure, security/compliance, marketing, support – the entire factory floor. A few conclusions that drove this decision: the quality of the revenue is much higher in this segment; the unit economics are much more compelling; and our assertion that the enterprise adoption would dramatically accelerate. More importantly from the get go, our product is architected with this enterprise use case in mind, so it was a natural to apply it to the need from which it was born.

The challenge was that we were a small company selling a mission critical technology to global enterprises, and there was no proven playbook on how to execute on this shift. So, we developed our own. In the past three years, we’ve completely transformed our business, and have successfully crossed the chasm. Today, global enterprise customers comprise 90% of our business, up from just 10% before we made the transition.

How did we pull it off? Shortly after we embarked, we realized that in order to earn our place at the table (and keep it) with larger companies, we had to become more like them in the way we operated as a company. We had to ingrain an enterprise-grade mindset into what we sold, how we sold it, and how we supported our customers for long-term success.

Here are 5 takeaways from our experience:

  • Ensure your offering really is enterprise worthy. You can’t just slap an “enterprise-grade” label on your website or power point slide with no substance behind it to back it up. Too many SaaS companies make that mistake. They pay dearly for it when they set certain expectations with their customers and come up far short. Enterprises are typically highly risk averse. They have to know your solution and your company is trustworthy — given many of the buyers are betting their careers on these critical decisions.

We invested a great deal of time and effort in fusing our cloud platform with the stringent levels of security, reliability and scalability enterprises require, aspects that we take pains to improve on an ongoing basis. But having an enterprise-grade product gets you only so far. In fact, it’s just the starting point.

  • Go all in. To make a successful push into large organizations requires a pervasive focus on serving the unique needs of enterprise customers. We recalibrated our business across the board. We started placing less emphasis on quick short-term hits. Instead, from the onset of the sales process — to the support network for long-term customers — our goal became one of customer cultivation, satisfaction and retention.
  • Take the long view. Many companies who start out pursuing SMBs usually target one type of user or a single department, and very often for short-term contracts. Generally speaking, their problems are relatively narrow in scope. Your product solves their immediate tactical needs and you move on to the next customer.

We discovered that this “won-and-done” approach doesn’t cut it with enterprise customers. Their challenges tend to be far more complex and ever changing to keep up with the dynamics of their own businesses. As a result, enterprise IT seeks solutions that can handle complexity and last for years, not just single product cycles, or target markets. Successful enterprise solutions are architected to ensure the flexibility needed to adapt to the continuous evolution of products and market trends.

  • Make the relationship your top priority. Correspondingly, to succeed with enterprise customers, you need to nurture relationships that will last years. Enterprises expect you to be as committed and steadfast as the partners they rely on. Large companies often grow and change in unpredictable ways over time. They need to know their solutions will keep pace and be supported no matter what and for however long it takes.

For us, it meant taking a longer-term approach to how we built our business relationships. As it takes certain skill sets to manage customer relationships, we began filling our ranks with talented individuals predisposed to taking the long view. We have staffed across the board with people willing to do whatever it takes to become trusted advisors for our enterprise clients. When a customer contract is signed it is often the drop-off point for the relationship, but this is exactly when it really needs to begin in earnest.

  • Embrace a collaborative approach. Enterprise infrastructure is often marked by an unruly mix of new and legacy systems, stemming from rapid growth, distributed locations, M&A activity and many other factors. Many emerging companies don’t have to contend with all or even most of these challenges. But you have to accommodate them.

We do that by fostering a spirit of collaboration with our enterprise customers. We don’t add to their infrastructure burden; we lessen it. Rather than co-opt existing ways of doing things, we peacefully co-exist with global software suppliers and implementation partners. We introduce pilot projects when it makes sense. We complement legacy systems wherever possible when the customer so chooses. To some enterprise customers change is not welcome, to others it’s encouraged. You need to have a playbook for both types of enterprise cultures; both continuity and innovative disruption.

The notion of adopting an enterprise-grade culture to steadily increase our global business now seems obvious to us. But it wasn’t when we started out. Our journey was long and hard. The lessons learned along the way surprised us more than we expected. But it’s a transformation I’m proud to have been a part of. And it’s one I highly recommend for any company that wants to excel with enterprise customers over the long haul.

By Tom Dibble

The Lighter Side Of The Cloud – Taking The Wheel

The Lighter Side Of The Cloud – Taking The Wheel

Driverless cars

By Christian Mirra

Please feel free to share our comics via social media networks such as Twitter with a clear attribution (Twitter example: via @cloudtweaks) to the original comic source. If you are a company brand looking to utilize our comics to generate leads to a specific landing page, newsletter, presentation or social media campaign, you can contact us regarding commercial licensing rates. Enjoy!

Cloud Spectator Releases The 2016 Top Ten Cloud Vendor Benchmark Report

Cloud Spectator Releases The 2016 Top Ten Cloud Vendor Benchmark Report

Top Ten Cloud Vendor Benchmark Report

Report Uncovers A Staggering 350% Performance Difference Between The Top 10 Cloud Service Providers

BOSTON, MA. JANUARY 13, 2016Cloud Spectator, the industry leading IaaS cloud benchmarking agency, today released the Top Ten Cloud Vendor Benchmark 2016 Report, a price-performance analysis of the leading public IaaS (Infrastructure-as-a-Service) vendors in North America. This annual report is the most in-depth publicly available analysis of price-performance in the IaaS marketplace ever conducted, analyzing nearly four million data points collected on 17 qualifying IaaS providers.

The report benchmarks the top 10 providers based on price and price-performance to create a CloudSpecs Value Score™.


For most buyers, comparing the different performance levels and pricing structures of Cloud Service Providers like Amazon Web Services and Microsoft Azure is challenging.” said Kenny Li, CEO of Cloud Spectator. “This report levels the playing field by providing an apples-to-apples comparison of the price performance value each provider offers, through the CloudSpecs Value Score™

Amongst the many findings, the report revealed a staggering 350% difference in performance between the top 10 Cloud Service Providers. This highlights the importance of conducting performance testing on prospective Providers before making a final purchase decision. Organizations must invest in infrastructure testing for their specific application requirements, or risk overspending on infrastructure.

The 17 CSP’s included in the study are: 1&1, AWS, Azure, CenturyLink,CloudSigma, Dimension Data, Google Cloud, Hostway, HP Helion, IBM Softlayer, Internap, Interoute, Peer1, PhoenixNAP, ProfitBricks, RackSpace and Ubiquity.

Detailed performance and price results as well as CloudSpecs Value Scores™ for block storage, vCPU and memory are included in this report for the top 10 providers.

About Cloud Spectator

Cloud Spectator is a cloud benchmarking and consulting agency focused on cloud Infrastructure-as-a-Service (IaaS) performance. The company actively monitors several of the largest IaaS providers in the world, comparing performance and pricing to achieve transparency in the cloud market.

The company helps cloud providers understand their market position and helps business make intelligent decisions in selecting cloud providers and lowering total cost of ownership. The firm was founded in early 2011 and is located in Boston, MA.

Questions regarding the press release, report and testing methodology can be addressed to: Ken Balazs, 1-617-300-0711

The Soft-Edged Cloud: A Security Challenge

The Soft-Edged Cloud: A Security Challenge

The Cloud Security Challenge

The use of the term “cloud” to describe global, offsite, computing and storage technology is apt for a number of reasons; not all of them good. The metaphor succeeds largely when people visualize their data hovering over their heads, no longer tied to a single location, and consequently easy to access from anywhere. But there are other parallels with actual meteorological clouds, specifically their soft, amorphous shape. This causes problems in perception and definition, which naturally lead to potential difficulties with security.

ISC 2 - CCSPDavid Shearer, CEO of cyber, information, software and infrastructure security certification and education body (ISC)2, points out that the enthusiasm or pressure that companies feel to build their businesses quickly into the cloud can potentially lead to a fundamental weakness. “The easier it becomes to purchase cloud solutions,” he says, “the easier it is for organizations to get ahead of themselves. Business lines within a company can easily acquire cloud-based services, and the fast time to acquire and provision cloud services is extremely attractive. Any organization would be crazy not to take advantage of that.” Shearer points out, however, that when a company elects to leverage cloud solutions and services, management needs to be smart about it; and part of that includes proper and continuous security measures:

As recently as a few years ago, security was looked at as a hindrance; something that got in the way. In these situations, sometimes bad things needed to happen for people to pay attention. In the C-suite, if nothing else, CEOs and CxOs are losing their jobs for a perceived lack of due diligence and lack of strategy to protect a corporation’s intellectual property or personally identifiable information – and that gets people’s attention. Increasingly, what is needed is better communication between those actually responsible for making security work, and the C-suite.

In addition to the lack of clear comprehension of cloud in the executive office, there is also a similar disconnect throughout other levels of business.

Defining The Cloud

Adam Gordon is an author, subject matter expert and instructor at (ISC)2. He illustrates a significant challenge to cloud security being the definition of cloud itself. There’s a great interest in anything and everything cloud,” he says, “but the problem is, as individuals and as businesses, we don’t always understand what cloud means. As a result, there tends to be a gap, where consumption is a lead indicator and security is an afterthought.” It is ill-defined in many people’s minds, Gordon adds. “Many people look at it as a marketing slogan or a marketing solution, but they don’t really get it. As a result, I think one of the biggest issues that we face, as security professionals in the cloud, is the idea of how to create a common ground in terms of what it is we are talking about and how we will frame conversation around risk, liability, security, and things that go with that.”

Yet a third challenge to effective understanding of the cloud is the change of mindset needed, especially among managers and decision makers who spent their early years in the company of mainframes, dumb terminals and internal networks. For many, there is a pervasive, almost instinctive sense that data and computing systems are physically safer when they exist inside the actual walls of a company where they can be seen and touched. The notion of storing data on someone else’s computer somewhere in the world just does not feel right. The truth is that data is generally safer when transferred to the vaults of a cloud organization whose sole mandate is secure storage, but adherence to ideas from an earlier age is a very human attribute; one that never fully disappears.

Mobile Employees

Mobile security

(Image Source: Shutterstock)

Finally, there is the relatively new phenomenon of mobile employees who see their smart devices as their office, and who expect to use them at home, at work, and in public spaces like coffee shops and transit terminals, accessing Wi-Fi connections with little thought as to security. This soft, boundary-less setting has a direct parallel to actual clouds. Where, after all, does work-related security begin and end, when the device being used shares storage space and connectivity with personal files and pursuits? Adam Gordon worries that enabling individuals to work productively in these non-traditional environments with equally non-traditional capabilities and platforms opens up a collection of unknowns in terms of security and the individualized approach to data.

The softness of the cloud reinforces the need for a new type of security specialist; someone with the experience and wisdom to stay on top of a fast changing environment, and with the skills to communicate the necessary directives to the executive as well as to the rest of the IT team. This is the reason behind the development of the CCSP designation. The cloud will only continue to grow in size and versatility. Successful usage must involve a sound and ongoing security strategy across all levels of operation.

For more on the CCSP certification from (ISC)2 please visit their website. Sponsored by (ISC)2.

By Steve Prentice

Security Survey: Enterprises Unequipped To Detect And Deal With Attacks

Security Survey: Enterprises Unequipped To Detect And Deal With Attacks

Security Survey: Many Enterprises Still Unequipped

Today’s information security teams are expected to mitigate risk in environments where employees are accessing critical and confidential data from anywhere, at any time. The network perimeter has expanded to include cloud services, mobile devices, and global forces that encompass partners and contractors, making it impossible to completely lock down the ecosystem and prevent all attacks. At the same time, preventative solutions are failing to cover the entire spectrum of attack vectors. As a result, security teams are investing in incident detection and response to detect and contain com- promise as soon as it occurs.

Survey Findings

Rapid7 conducted a survey regarding incident detection and response, in order to gain insight into today’s security teams, including strategic initiatives, current tools used, and challenges. The survey includes findings from hundreds of security professionals at organizations of varied sizes across the globe on their biggest security concerns and planned initiatives for 2016.

Punctuating the results were two key points: (1) 90% of organizations are worried about compromised credentials, though 60% say they cannot catch these types of attacks today; and (2) 62% of organizations are receiving more alerts than they can feasibly investigate.


Trends: The CIO’s Business Card – Chief Productivity Officer

Trends: The CIO’s Business Card – Chief Productivity Officer

The Chief Productivity Officer

After years of enterprises hesitating to migrate their applications and data stores to the cloud, it’s safe to say the debate is over and the cloud is here to stay. IDC even goes as far as to predict that by 2020, we will stop referring to clouds as “public” and “private,” and ultimately stop using the word “cloud” altogether. We will simply refer to it as “computing,” because we will think of the cloud as the standard way of doing business and providing IT support. Cloud computing is not just transforming how we get work done, it’s transforming the role of the CIO. In fact, that CIOs may want to begin 2016 by updating their LinkedIn profiles to include a new business title that reflects their primary responsibility: “Chief Productivity Officer.


For more than 30 years, the CIO has been the keeper of IT systems, but those responsibilities are starting to diminish as enterprises migrate to the cloud. The CIO is evolving into the person who oversees the delivery of services company-wide. There is this awakening to thinking about service management as a discipline, and includes other service-oriented business units such as HR, finance and legal. Typically, the IT department assists all these other departments roll out new services, and that makes the CIO the best candidate for overseeing all services enterprise-wide.

This represents a significant change to how the CIO, and the entire IT department for that matter, will operate, and it’s a positive change. IT will be more visible across the business because it will no longer spend the bulk of its time in the data center. Instead, they can help sales, marketing, HR, legal, finance, customer service and other departments be more efficient and effective. IT can have a broad impact on its organization’s ability to meet its business goals.

Analysing The Data

One of the main factors driving enterprises to migrate to the cloud is the need to collect, manage and analyze ever-growing volumes of information. The Internet of Things trend is producing an ever-growing array of machines and devices that connect to cloud-based applications in order to run entire factory floors to helping oil and gas companies track oil flow through pipelines, to automating a home’s heating and A/C.

Cloud computing is driving the adoption of these IoT devices, and there are no signs of slowing. Cisco Systems reports that in 2008 there were already more things connected to the Internet than people. By 2020, the amount of Internet-connected things will reach 50 billion, and the amount of information companies collect will grow just as quickly.

Big And Small Data

big-data-small-dataCompanies have already been collecting Big Data for years, and while that remains a top priority, so too is the collection and analysis of Small Data, a dataset that contains very specific attributes.

Capturing it through the use of performance analytics will help predict what enterprises should be looking at, not just looking backward at what could have been optimized. The key is to capture the work in a record-keeping system to see what’s going on, and determine what needs to be done. Transparency empowers managers to do their jobs. IT can provide the technologies and services to make this happen – not just in IT, but other service-oriented departments such as HR, finance and legal.

For example, IT can lead the creation and rollout of an online portal for employees to do everything from submit IT help desk requests, request a contract review from legal, to select healthcare benefits. This is why the CIO is the logical person to assume the role of CPO.

The maturation of cloud computing services and applications, be they public, private or a hybrid model, is enabling IT teams to spend less time on maintaining on premise systems and applications, and more time leading more strategic services-oriented initiatives that benefit users across the entire enterprise. These services have become so critical to how business gets done that it will forever change the role and responsibilities of the CIO, so a change in title to Chief Productivity Officer is more than just a ceremonial gesture. It signals that the CIO must oversee the selection and delivery of these services from multiple departments.

# # #

By David Wright

Dave Wright, Chief Strategy OfficeDavid is Chief Strategy Officer at ServiceNow, and serves as the company’s evangelist for how to improve workplace productivity. He enables ServiceNow customers to eliminate their reliance on email, spreadsheets and other manual processes so their employees can work smarter, not harder.

Prior to joining ServiceNow in December 2011, Wright spent more than six years with VMware, Inc. as vice president of Technical Services for EMEA. From 2003 to 2005, Wright headed up the technical division for Northern and Southern Europe at Mercury Interactive. Prior to that he spent six years at Peregrine Systems, Inc., where he held a variety of senior technical and marketing positions. Wright also worked for Boole & Babbage, Inc. and Candle Services (later acquired by IBM).



Cloud Traffic Growth And Content as a Service (CaaS)

Cloud Traffic Growth And Content as a Service (CaaS)

Content as a Service (CaaS)

Content as a Service (CaaS) is a relatively new take on content management systems (CMS). While traditional web content management systems like Drupal and WordPress offer one-stop-shop solutions for both creating websites and managing content, CaaS service providers narrow their focus to pure content management, disregarding the output channels such as web, print or mobile application, any of which may be selected for use by the customer.


Increasing Cloud Traffic

With projections of high increases in global cloud traffic, including Cisco Global’s forecast that cloud traffic in the Middle East and Africa will quadruple by the end of 2019, Vernon Thaver, CTO of Cisco South Africa, states that, “Cloud is moving well beyond a regional trend to becoming a mainstream solution, with cloud traffic expected to grow more than 30% in every worldwide region over the next five years.” Thaver further remarks that consumers expect “on-demand, anytime access to their content and services nearly everywhere”, and believes this creates a prime opportunity for every sphere of cloud operators. WordPress-as-a-Service is a formidable CMS with a high percentage of websites developed and managed using the open source WordPress platform, but CaaS vendors believe that solutions offering only content management, free of presentation control, will provide a simplified and superior solution that allows greater freedom.

CaaS vs. Traditional Web CMS


A few key details set CaaS and traditional web CMS apart:

  • Organized Content: CaaS encourages structured content operating in chunks instead of page blobs, shifting from page-centric web to content-centric web.
  • Detachment Tactics: CaaS separates content presentation from storage and delivery, simplifying the CMS construction so that each piece is responsible for one task.
  • Splitting Content & Presentation: CaaS is entirely separated from design, managing and delivering only the content. The channel and design choices are entirely unrestricted.
  • Cloud: A sub-group of the Software-as-a-Service (SaaS) approach, CaaS moves content from a user’s servers to the vendor’s cloud, and so CaaS users aren’t required to set up, maintain, or scale their own infrastructure.

When to Use CaaS

We’re unlikely to ever master the one-fits-all concept. CaaS performs well in some contexts, but not in others, and though not necessarily ideal for personal blogs or instances in which only a website will be required, the more complex and costlier CaaS CMS outstrips some of the earlier CMS solutions in a variety of situations.

  • Rich Web Apps: React, AngularJS, Ember, and other modern MVC front-end frameworks function well with structured content via APIs.
  • Scheduled Content Creation: With content arriving from multiple sources, uploading into a single unified repository is supported by creating content via API.
  • Content Backend for Mobile Apps: Dynamic in-app content delivery is best performed through CaaS CMS, making it unnecessary to resubmit an app to the marketplace. Moreover, repurposing an existing solution as a backend is often better than building your own.
  • Integration: CaaS CMS’ all provide an API and thus are extremely integration-friendly, thereby simplifying workflows.
  • Multi-Channel: Reusing content across different platforms is easy with CaaS CMS, allowing users to push matching content to mobile apps or a website.

The CaaS market is still fairly young, but a few vendors such as Cloud CMS, Contentful, Osmek, and Prismic are already making waves while open source CMS solutions including Drupal and WordPress have begun to move in the CaaS direction.

By Jennifer Klostermann

CloudTweaks Comics
Cloud Infographic – DDoS attacks, unauthorized access and false alarms

Cloud Infographic – DDoS attacks, unauthorized access and false alarms

DDoS attacks, unauthorized access and false alarms Above DDoS attacks, unauthorized access and false alarms, malware is the most common incident that security teams reported responding to in 2014, according to a recent survey from SANS Institute and late-stage security startup AlienVault. The average cost of a data breach? $3.5 million, or $145 per sensitive…

A New CCTV Nightmare: Botnets And DDoS attacks

A New CCTV Nightmare: Botnets And DDoS attacks

Botnets and DDoS Attacks There’s just so much that seems as though it could go wrong with closed-circuit television cameras, a.k.a. video surveillance. With an ever-increasing number of digital eyes on the average person at all times, people can hardly be blamed for feeling like they’re one misfortune away from joining the ranks of Don’t…

Security and the Potential of 2 Billion Device Failures

Security and the Potential of 2 Billion Device Failures

IoT Device Failures I have, over the past three years, posted a number of Internet of Things (and the broader NIST-defined Cyber Physical Systems) conversations and topics. I have talked about drones, wearables and many other aspects of the Internet of Things. One of the integration problems has been the number of protocols the various…

The DDoS That Came Through IoT: A New Era For Cyber Crime

The DDoS That Came Through IoT: A New Era For Cyber Crime

A New Era for Cyber Crime Last September, the website of a well-known security journalist was hit by a massive DDoS attack. The site’s host stated it was the largest attack of that type they had ever seen. Rather than originating at an identifiable location, the attack seemed to come from everywhere, and it seemed…

Reuters News: Powerfull DDoS Knocks Out Several Large Scale Websites

Reuters News: Powerfull DDoS Knocks Out Several Large Scale Websites

DDoS Knocks Out Several Websites Cyber attacks targeting the internet infrastructure provider Dyn disrupted service on major sites such as Twitter and Spotify on Friday, mainly affecting users on the U.S. East Coast. It was not immediately clear who was responsible. Officials told Reuters that the U.S. Department of Homeland Security and the Federal Bureau…

Three Ways To Secure The Enterprise Cloud

Three Ways To Secure The Enterprise Cloud

Secure The Enterprise Cloud Data is moving to the cloud. It is moving quickly and in enormous volumes. As this trend continues, more enterprise data will reside in the cloud and organizations will be faced with the challenge of entrusting even their most sensitive and critical data to a different security environment that comes with using…

What You Need To Know About Choosing A Cloud Service Provider

What You Need To Know About Choosing A Cloud Service Provider

Selecting The Right Cloud Services Provider How to find the right partner for cloud adoption on an enterprise scale The cloud is capable of delivering many benefits, enabling greater collaboration, business agility, and speed to market. Cloud adoption in the enterprise has been growing fast. Worldwide spending on public cloud services will grow at a…

Three Reasons Cloud Adoption Can Close The Federal Government’s Tech Gap

Three Reasons Cloud Adoption Can Close The Federal Government’s Tech Gap

Federal Government Cloud Adoption No one has ever accused the U.S. government of being technologically savvy. Aging software, systems and processes, internal politics, restricted budgets and a cultural resistance to change have set the federal sector years behind its private sector counterparts. Data and information security concerns have also been a major contributing factor inhibiting the…

Cloud-based GRC Intelligence Supports Better Business Performance

Cloud-based GRC Intelligence Supports Better Business Performance

Cloud-based GRC Intelligence All businesses need a strategy and processes for governance, risk and compliance (GRC). Many still view GRC activity as a burdensome ‘must-do,’ approaching it reactively and managing it with non-specialized tools. GRC is a necessary business endeavor but it can be elevated from a cost drain to a value-add activity. By integrating…

How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart  Breaches Formal verification is not a new concept. In a nutshell, the process uses sophisticated math to prove or disprove whether a system achieves its desired functional specifications. It is employed by organizations that build products that absolutely cannot fail. One of the reasons NASA rovers are still roaming Mars…

How You Can Improve Customer Experience With Fast Data Analytics

How You Can Improve Customer Experience With Fast Data Analytics

Fast Data Analytics In today’s constantly connected world, customers expect more than ever before from the companies they do business with. With the emergence of big data, businesses have been able to better meet and exceed customer expectations thanks to analytics and data science. However, the role of data in your business’ success doesn’t end…

Do Not Rely On Passwords To Protect Your Online Information

Do Not Rely On Passwords To Protect Your Online Information

Password Challenges  Simple passwords are no longer safe to use online. John Barco, vice president of Global Product Marketing at ForgeRock, explains why it’s time the industry embraced more advanced identity-centric solutions that improve the customer experience while also providing stronger security. Since the beginning of logins, consumers have used a simple username and password to…

Are CEO’s Missing Out On Big Data’s Big Picture?

Are CEO’s Missing Out On Big Data’s Big Picture?

Big Data’s Big Picture Big data allows marketing and production strategists to see where their efforts are succeeding and where they need some work. With big data analytics, every move you make for your company can be backed by data and analytics. While every business venture involves some level of risk, with big data, that risk…


Sponsored Partners