Capital One Cyber Staff Raised Concerns Before Hack

Capital One Cyber Staff Raised Concerns Before Hack

Cybersecurity employees reported what they saw as staffing issues and other problems to bank’s internal auditors, human-resources department and other senior executives Before a giant data breach at Capital One Financial Corp. COF 0.26% , employees raised concerns within the company about what they saw
/
Reuters news

Exclusive: Google’s jobs search draws antitrust complaints from rivals

BRUSSELS/SAN FRANCISCO (Reuters) - Google’s fast-growing tool for searching job listings has been a boon for employers and job boards starving for candidates, but several rival job-finding services contend anti-competitive behavior has fueled its rise and cost them users and profits. In a letter to
/

Real-time Communications – Voice, Messaging, Video or Collaboration

The Communications Cloud

As more and more real-time communications – whether voice, messaging, video or collaboration – move to distributed software and cloud infrastructure, the management and security of real-time services becomes increasingly complex.

Enterprises are moving to a zero-trust security posture, which means that every application must be secured. Real-time communications can no longer be ignored. This is especially true for large enterprise environments in regulated industries where human conversations fall under the compliance umbrella (financial transactions, credit card numbers being provided to contact center agents, healthcare records that include recorded and transcribed evaluations, and so forth). An increasing amount of pressure is being put on IT teams to ensure all data that traverses networks, applications and clouds is monitored and secured.

The fragmentation and complexity of unified communications cannot be an excuse to drive a security posture that is on par with other IP applications running in the enterprise. Now that technology is in place to monitor, for example, email, Dropbox, Slack, Skype and other third-party collaboration networks, it’s not okay to shrug off confidential information leaking out or accidentally being shared by employees or contractors. For real-time communications, we have moved beyond denial of service as the primary threat vector and into the domains of theft of service and use of communications channels for extraction of digital assets.

Analytics and machine learning will play a critical role in enabling enterprises to keep up with this ever-increasing surface area of attacks and increasing level of threat sophistication. Harvesting data from the entire real-time communications infrastructure backed by behavioral analytics and machine learning allows for very sophisticated threat detection and mitigation. In a way, networked analytics and policy “homogenizes” your security borders into a unified perimeter compared to independent edge products acting autonomously.

Another advantage of using data and analytics services to monitor and manage real-time communications (RTC) is the ability to control quality even when there are multiple disparate Voice over Internet Protocol (VoIP) systems interworked together with many different protocols, call routing and load balancing approaches.

Whether a user is making an internal call from Skype for Business to an AVAYA hard phone or an outbound call via SIP trunk, understanding, controlling and automating VoIP networks often requires the use of many vendor-specific tools, which may serve a purpose in their own domains, but don’t always “play well with others.”

The challenge of managing RTC sessions has been exponentially amplified with the move to dynamic cloud architectures and the rise of API-based communications services like Twilio, web services like WebRTC and CRM integrations.

What’s a responsible IT executive to do?

A unified, vendor-agnostic monitoring and security strategy that spans multiple protocols and provides interoperability and interworking is more important today than ever. Without global visibility, operationalizing complex VoIP and Over-the-Top (Internet-based) environments is becoming almost impossible without new tools that provide end-to-end visibility and control.

We Cannot Manage What We Cannot Measure

Events such as SIP registration floods, VoIP pivot attacks and failed load balancing cause disruption of service and keep IT managers awake at night. When an attack or network failure occurs on a voice system it can take days – if not weeks – to track down the issue unless software is in place that monitors all aspects of RTC, particularly as more and more functionality moves to the cloud.

While security may feel like the scariest issue, day-to-day operations can also be improved when enterprises and service providers have full visibility into basics like voice quality, IP network performance and service utilization. When one combines an over-arching analytics platform with the existing branch-office infrastructure, enterprise service network administrators can efficiently determine if a call-quality issue is unique to a type of handset, branch location or gateway.

Global visibility into cloud services for RTC, if done well, goes even further. Given the increasing reliance on services like Microsoft Skype for Business (and now Teams) it is also necessary to monitor database-processing times on backend servers to ensure call processing is going smoothly.

This can be done by monitoring the time between the last packet of a request and the first packet of the corresponding response, associated with the payload for database transactions across backend servers. This generates database latency alerts with signaling metrics useful in more advanced “grooming” of RTC networks and services. Incorporating this type of capability into a big data analytics platform enables an enterprise to monitor service quality and troubleshoot when needed from the client to the cloud from a single platform which increases efficiency and reduces down time.

Aside from service assurance and troubleshooting, enterprises can respectfully mine their user data to deliver a more personalized user experience. Leveraging big data analytics and machine learning to track communications from end-to end in the network – and thus enable a detailed view of threats, quality and user behavior – is already being done to answer questions such as what are people and systems doing? How often are they doing these things? Where are the predictable patterns? How do we immediately identify an “out-of-trend” moment, which could lead to trouble?

Harvesting data around RTC creates meaningful insights that help enterprises measure so they can manage. Using predictive and behavioral analytics helps managers literally see into the future and avoid trouble before it happens.

Predicting intent throughout the network and all the way to end users – solid gold. Predicting sentiment, for example, as part of a contact center application? Priceless. Automating network operations security and applications in multiple clouds, and across clouds? This is the future.

By Kevin Riley

Kevin Riley

As Chief Technology Officer and EVP of Advanced Research and Development, Kevin Riley drives Ribbon Communication’s innovation and development activities, with a particular focus on enabling SDN and NFV Cloud-based architectures of the future.

Prior to his current role he served as CTO and SVP of Engineering and Operations for Sonus. Kevin has more than 20 years of software development and engineering experience and previously was instrumental in Sonus’ efforts to drive an industry leading technology roadmap, including the award winning Sonus SBC SWe (software edition) and SBC 7000, the two most successful new product introduction in Sonus’ history. Before this role at Sonus, he served as Vice President of Platform Engineering and Director of Core Software.

Prior to Sonus, he held Software Development Manager positions at Verivue, Sentito Network, Cisco and Telebit.

Mark Casey Apcela

Industrial IoT will reshape network requirements

Industrial IoT The hype around IoT may have been surpassed this year by breathless coverage of topics such as artificial intelligence and cryptocurrencies, but there ...
10 Online Savings and Wealth Management Services

10 Online Savings and Wealth Management Services

Wealth Management Services There are a lot of cloud based options for those of you wanting to save for a holiday, invest some spare cash, ...
Biometric Authentication

Passwords: More Secure Than Biometric Authentication?

Biometric Authentication Biometrics has long granted or denied access to secure things like premises and vehicles. Now it is being seriously considered for the same ...
IBM News

6 DataOps essentials to deliver business-ready data

/
Nearly every business is under competitive, disruptive, and regulatory pressures. As companies face digital transformation and modernization to meet their customers’  expectations, leveraging data and AI at the speed of business ...
Wired

Facebook’s Voice Transcripts Were More Invasive Than Amazon’s – WIRED

/
The tail end of the Defcon hacking conference this week saw a remote car-start dongle and app that could have been hacked to steal cars, along with a drone hacking ...
Cisco News

Managing your SAP Digital Transformation Journey

/
Digital Transformation. We’ve heard the words, but have you wondered what it is all about? Digital Transformation is a strategic directive to redefine your business practices and processes to gain ...