Software-defined networking is turning concern about security in the cloud on its head, enabling a winning model for protecting businesses.
Enterprises get predictable cost and value, security vendors streamline go-to-market and service delivery, and network providers gain revenue from vendor partners by hosting ecosystems in a B2B2B role.
Protecting a business network has traditionally meant plugging in a bunch of different security ‘appliances,’ in each business location, to protect all the many different devices and machines connected to the LAN or WAN. Managing the process can be a nightmare for companies of even a modest size, to the point where many often simply give up. Continue reading “When Cloud-Based Security Can Mean Everybody Wins”→
Just as multi-cloud usage is recognized as a necessity, IT suppliers are keen to help enterprises reduce its inherent complexity.
Fujitsu is strengthening its multi-cloud integration and operations services by partnering with key platform vendors and training thousands of service professionals to achieve relevant certifications.
Starting in the second half of last year, the focus on hybrid cloud implementations shifted towards the need to accommodate concurrent management of workloads running on multiple cloud platforms, and this has emerged as one of the biggest themes in cloud computing. Whether it is the case of central IT looking for some level of control over enterprise-wide consumption or the equally common justification for the same organization using, say, Amazon EC2 for one set of workloads while using Azure and/or VMware for others, ‘hybrid’ management solutions now need to support this multi-cloud usage. Continue reading “Multi-Cloud Services: Fujitsu’s Take”→
• WPA3 is the new WLAN security standard, with the network and device industry on board for migration from WPA2 starting now
• Stronger authentication and encryption will thwart attackers, while Easy Connect configuration will make set-up easy for connected home and IoT devices
Fourteen years is a long time in Wi-Fi technology. In fact, it’s almost its entire history. That’s why this week’s announcement by the Wi-Fi Alliance introducing Wi-Fi CERTIFIED WPA3 is garnering much more notice than a new security standard usually gets.
Cyber threats are impacting the bottom line, leading to increased security spending.
Priority is being placed on managed firewalls, identity management, and SIEM.
Telcos like BT are stepping forward with shared threat intelligence initiatives.
Endless new threats impacting businesses and consumers are driving demand for IT and cybersecurity products and services both by besieged IT departments – with the thankless task of protecting against invisible thieves and miscreants – and by their bosses, who have been firmly pulled into cybersecurity decision making.
• The German appliance manufacturer Bosch has announced it is building its own cloud to serve customers that connect their Bosch devices to its own-brand Internet of Things. Once it’s up and running, Bosch will look to sell cloud services to other businesses—presumably adjacent manufacturers and service providers (but not direct competitors), e.g., suppliers of consumables such as soap or spare parts, and non-competing consumer product makers.
• It is not the first time a company operating in a sector other than ICT has planned to turn its ICT investment into a profit centre. Could this be one of the few successful examples?
Bosch announced at the Bosch ConnectedWorld event in Berlin last week the launch of its own cloud for web-based services. The Bosch IoT Cloud includes technical infrastructure owned by the company as well as platform and software offerings for the Internet of things (IoT), enabling solutions for smart cities and the connected home. To begin with, Bosch will use it for in-house solutions. From 2017, the Bosch IoT Cloud will be made available as a service to other companies, putting it in direct competition with IT and cloud service providers such as Amazon Web Services and Microsoft Azure.
Most vertical cloud solutions to date have been industry applications offered as a service
Public cloud services dedicated to key verticals could remove some barriers to utility computing adoption
Some vertical cloud service offerings have been around for some time, although not quite as long as horizontal SaaS offerings for applications like CRM. In Europe, there are a handful of consortia and trading platforms ranging from the UK public sector’s G-Cloud to the EU scientific community’s Helix Nebula cloud marketplace, the latter supported by Atos, CGI, CloudSigma, T-Systems and others. In both cases, end user organizations have the choice of a range of providers for a number of defined solutions across IaaS, SaaS, PaaS and value-added services. Individual service providers have well-developed solutions for core verticals – e.g., healthcare, financial trading and e-commerce – but the focus there tends to be on business applications. Continue reading “Could Vertical Public Clouds Become Reality in Europe?”→
• The 15-year old Safe Harbour agreement between the EU and US was effectively thrown out by the Court of Justice of the EU (CJEU).
• US companies (and all MNCs) are now vulnerable to litigation and loss of customers over privacy concerns.
• While authorities have been tasked with coming up with an alternative by January, that is highly unlikely. Enterprises may need managed security and cloud providers to secure customer data in specific jurisdictions.
October 6 Decision
The CJEU, which interprets EU law to make sure it is applied in the same way in all EU countries, ruled that the Safe Harbour agreement in place for the last 15 years between the European Commission and US authorities did not offer the necessary legal guarantees that it was supposed to have. This ruling erased the quasi-legal framework under which US companies have been handling their EU customers’ data, potentially creating a legal minefield. Continue reading “EU Puts Global Businesses on Notice as Safe Harbour is Struck Down”→
Crowdsourcing in cybersecurity is not new, but it is gaining significant traction with heavyweight sponsors
Enterprises can benefit from participating, with the potential value outweighing any perceived costs
It’s impossible for any one organization to keep up with every current security threat on its own. That’s why enterprises use tools and managed services from security vendors in the first place, right? But even those specialists who have invested millions in real-time security intelligence and analytics platforms–and/or armies of security analysts—can’t know or predict everything. That’s why numerous initiatives have been started to pool threat monitoring resources together in a cooperative fashion and on a large scale, using crowdsourcing techniques to protect the community as a whole.
On May 14th, IBM announced that more than 1,000 organizations across 16 industries are participating in its X-Force Exchange threat intelligence network, just one month after its launch. IBM X-Force Exchange provides open access to historical and real-time data feeds of threat intelligence, including reports of live attacks from IBM’s global threat monitoring network, to help enterprises defend against cybercrime. The company provided free access to its 700 terabyte threat database, including two decades of malicious cyberattack data from IBM, as well as anonymous threat data from thousands of its managed security clients. It already supports an average of 1,000 data queries from participating organizations each day. Continue reading “All in it Together: Enterprises Join Threat Intelligence Alliances to Combat Security Risk”→
Cybersecurity insurance has been around for a few years, but take-up in Europe has been very limited so far.
Rather than just try to sell customers insurance policies, network and cloud providers should share the cost of mitigating risk from use of their services.
Businesses routinely take out insurance in order to protect against a myriad of risks. In many industries and professions, of course, it is even a regulatory requirement. The risks from fraud and other cybercrime have not gone uncounted by insurance underwriters and brokers, leading to a spate of new product development over the last couple of years. In the U.S., the Department of Homeland Security’s (DHS) National Protection and Programs Directorate (NPPD) took a proactive role in bringing together a diverse group of stakeholders ranging from insurance carriers, risk managers, and IT/cyber experts to critical infrastructure owners and even social scientists, to encourage cybersecurity insurance adoption and improve cyber risk management. In Europe, the European Network and Information Security Agency (ENISA) studied incentives and barriers for the cyber insurance market and made a number of recommendations. Both of these efforts began back in 2012, so what is the state of play now? Continue reading “Cyber Insurance: Good Idea, So Why Isn’t It Taking Off in Europe?”→