Category: Secure

Secure provides guidance and insight on the myriad issues that business technologists grapple with while protecting business data assets and ensuring continuity.

COVID-19: Impact on Cybersecurity

by Rajesh Muru, posted in Secure
Rajesh Muru

Summary Bullets:

• Vendors are prioritizing portfolio and marketing effort on the most common types of COVID-19 related cyber events, covering phishing and identity attacks.

• Cybersecurity vendors are reconfiguring their service and support functions encompassing remote working. Vendors face internal operational challenges in scaling up quickly with the right level of security posture.

The COVID-19 pandemic is having a huge impact globally across families and communities. In turn, this is having a massive impact on businesses of all sizes, including global multinationals. Almost all Fortune 100 and 500 companies have experienced major disruptions to their operations and markets, resulting in some economists predicting losses of more than $1.1 trillion worldwide. COVID-19 has created shutdowns and major disruptions in employee working styles and supply chains in all sectors, and in particular across government, finance, manufacturing, IT, and media. As these sectors reconfigure their operations, one of the most critical issues arising are increased cyber-attack threats as organizations become more dependent on technology. Continue reading “COVID-19: Impact on Cybersecurity”

COVID-19: Netherlands Innovator Taps Blockchain and AI in the War Against COVID-19

by Charlotte Dunlap, posted in Big Data, Cloud Enable, Communicate, Internet of Things, IT Leader, Mobilize, Network, Secure

Summary Bullets:

• VirusBlockchain deployed this week to identify and monitor COVID-19 free zones

• The blockchain monitoring system is backed by technology provider Qlikchain

This week the tech industry partnered with a public health consortium to launch a blockchain-enabled monitoring system aimed at keeping communities at bay from the COVID-19 pandemic.

The Public Health Blockchain Consortium (PHBC) announced the new system which monitors healthy, uninfected individuals as they move between locations in order to automatically identify zones that are safe or unsafe. The system is built on a blockchain solution which combines AI, geographical information systems (GIS), and real-time information systems provided by virus surveillance providers.

Called VirusBlockchain, the system serves as a systematic, continuous, and anonymous verification of citizens and all workplaces in an effort to prevent the spread of the COVID-19 infection. The project is unlike other approaches that would typically track infected persons. Continue reading “COVID-19: Netherlands Innovator Taps Blockchain and AI in the War Against COVID-19”

COVID 19: Keep Calm and Corona On – A Global Perspective

by Jonathan Cordwell, posted in Big Data, Cloud Enable, Communicate, Internet of Things, IT Leader, Mobilize, Network, Secure
Jonathan Cordwell – Principal Analyst, UK Health & Social Care Technology

Summary Bullets:               

  • Companies that have yet to jump on the remote working bandwagon may have their hand forced due to the self-isolation and social separation measures put in place by their respective national governments.
  • We will undoubtedly see an uptick in the adoption of telehealth technologies, including remote monitoring.

 

On the 11th March 2020, the World Health Organization (WHO) declared COVID-19 (Coronavirus) a pandemic. As of writing, there have been over 130,000 cases reported across 123 countries, areas or territories and almost 5,000 deaths from the virus, which emanated from Wuhan in China. We have witnessed a wide variety of responses to the threat including mass self-isolation in Italy, travel bans, fiscal stimulus packages, health insurance policy allowances, business and school closures, and the cancellation of large events such as Mobile World Congress in Barcelona and HIMSS20 in Orlando, at which U.S. President Trump was scheduled to address the situation. Continue reading “COVID 19: Keep Calm and Corona On – A Global Perspective”

Alibaba Cloud Continues Its Momentum in ASEAN as Competition Increases

by Alfie Amir, posted in Cloud Enable, Communicate, IT Leader, Mobilize, Network, Secure
A. Amir

Summary Bullets:

  • Alibaba Cloud strengthens its ASEAN presence with a new win in East Malaysia and its first event in Indonesia.
  • As competition intensifies, it is important for the cloud provider to expand its partner ecosystem, especially with the domestic players.

The Southeast Asia region (a.k.a. ASEAN) has been a new battleground for the hyperscalers for a few years. Cloud adoption is still relatively low compared to other markets. As the cloud becomes a commodity and the market grows, this opportunity has attracted global hyperscalers to expand their presence in the region. Alibaba Cloud opened its data centers in Malaysia and Indonesia in 2017 and 2018, respectively. Google announced in October 2018 that it will have its Indonesian data centers ready in early 2020, and AWS responded with a similar announcement in April 2019. These global hyperscalers are also offering their respective cloud stacks (e.g., AWS Outposts, Alibaba Apsara Stack, Google Anthos, and Azure Stack) for deployments in customers or third-party data centers to address the data residency requirement. They have also been strengthening their domestic presence by expanding the in-country sales forces and their partner ecosystem in the region through various collaborations with local providers, governments (such as universities), and other vertical players. Some of Alibaba’s recent initiatives include its partnership with SCC to offer Sabah Pay in East Malaysia and its first Cloud Day event in Indonesia. Continue reading “Alibaba Cloud Continues Its Momentum in ASEAN as Competition Increases”

TM 5G Showcase Langkawi: Leading the 5G Race in Malaysia

by Alfie Amir, posted in Cloud Enable, Communicate, IT Leader, Mobilize, Network, Secure
A. Amir

Summary Bullets:

  • The 5G race in Malaysia is heating up with various initiatives announced by service providers.
  • Telekom Malaysia (TM) edges out the competition by leveraging its existing ICT portfolio, professional service capabilities, and R&D to offer end-to-end solutions.

The 5G scene in Malaysia is heating up, as the market is only a few months away from expected commercial availability. The regulator, MCMC, recently announced that 5G will be available to users by July 2020. Since the kickoff of the 5G Demonstration Project (5GDP) by MCMC in September of last year, the telcos have been making regular announcements about their progress. These include Celcom’s partnership with the police and municipal council on a smart city deployment in Langkawi, Digi’s launch of its 5G OpenLab in Cyberjaya, Maxis’ 3 Gbps in C-band 5G trial spectrum, and TM’s collaboration with players from other verticals to co-develop 5G applications in Subang and Langkawi. While MCMC has outlined 55 use cases in 32 sites across six states for the 5GDP, Langkawi has been the center of the attention, as the service providers placed most of their resources for their 5G initiatives on the island. Continue reading “TM 5G Showcase Langkawi: Leading the 5G Race in Malaysia”

Verizon Payment Security Research Exposes Execution Issues

by Amy Larsen DeCarlo, posted in Secure
A. DeCarlo
A. DeCarlo

Summary Bullets:

  • Verizon’s annual Payment Security Report captures a snapshot of organizations struggling to continue successful controls and best practices over time.
  • The evidence shows those who do are rewarded with a better fortified defense against breaches.

Fifteen years after the payment card industry settled on a single data security standard with PCI DSS, there are indications that too many organizations’ security practices haven’t risen to the level of maturity which would have been anticipated at this point.  In Verizon’s annual survey of payment card industry security practices, only 37% of the 302 surveyed enterprises sustain full compliance with the 12 specifications outlined in PCI DSS consistently over time.  Effectively, most organizations are focusing on meeting the basic requirements rather than developing consistent and effective security practices – not unlike a procrastinating student who is just looking to pass the test.  Just 18% check to see if they are meeting PCI DSS specifications more often than what the standard mandates. Continue reading “Verizon Payment Security Research Exposes Execution Issues”

TM ONE Leap Summit 2019: Firming Up Its Position to Capture Workplace Transformation and Digital Payment Opportunities

by Alfie Amir, posted in Cloud Enable, Communicate, IT Leader, Secure
A. Amir

Summary Bullets:

  • TM ONE has the right products and capabilities to address the growing trend of workplace transformation.
  • Increasing digital wallet adoption in Malaysia drives the opportunity for service providers, especially with PCI-DSS compliance in data centers.

At the TM ONE Leap Summit held in Kuala Lumpur in November 2019, the Malaysian incumbent fixed-line provider shifted the conversation from product solutions to business outcomes. This is in line with its direction moving from connectivity to a solution provider. The event focuses on two digital transformation areas: the importance of workplace transformation in today’s digital era and the disruption of digital payment in fintech. Continue reading “TM ONE Leap Summit 2019: Firming Up Its Position to Capture Workplace Transformation and Digital Payment Opportunities”

Security Providers Should Focus Less on Selling Security and More on Selling Trust by Becoming Service-Centric

by Rajesh Muru, posted in Secure
Rajesh Muru

Summary Bullets:

  • Orange Cyberdefense has an aggressive strategy to drive its cybersecurity business by capitalizing on its strengths in its home market and expanding its security portfolio.
  • Acquisition is part of its expansion strategy, with the purchase of SecureLink and SecureData. The seamless integration of these businesses will be important to its success.

The strategic growth plans laid out by Orange Cyberdefense at its recent Analyst Day in Paris were impressive and tactical. The cybersecurity business has grown since its inception, mainly because it has been able to capitalize on its strengths in the home market with a strong security offering addressing global multinationals with multi-country locations, as well as serving the midmarket. Continue reading “Security Providers Should Focus Less on Selling Security and More on Selling Trust by Becoming Service-Centric”

API World 2019: API Security Tops API Management Priorities

by Charlotte Dunlap, posted in IT Leader, Secure
C. Dunlap

Summary Bullets:

  • A new API lifecycle management approach is founded on emerging security innovations, including AI.
  • Pure-play API security providers threaten to outshine API management leaders through best-of-breed security.

This month’s API World in San Jose conveyed one dominant theme throughout keynotes, sessions, and the show floor: API security.

Alongside the usual suspects of leading API management providers, including IBM, Axway, and Akana, were a heap of API security providers, clearly generating a large amount of buzz among attendees. I recall a number of them attending API World last year, but the dominant theme of 2018 was Istio and other service mesh technologies, critical in helping move microservices-based apps into production. Following a year’s progress in digital transformations and the rollout of new app development architectures – including microservices and serverless computing – and the realization of all those unsecured APIs at the heart of DevOps-backed projects, unsurprisingly, security was the new belle of the ball. Continue reading “API World 2019: API Security Tops API Management Priorities”

Cisco’s Settlement Over Video Surveillance Flap Signifies a New Era in Vendor Accountability

by Amy Larsen DeCarlo, posted in Secure
Amy Larsen DeCarlo – Principal Analyst, Security and Data Center Services

Summary Bullets:

• After a protracted legal battle that spanned nearly a decade, Cisco settled a lawsuit accepting accountability for a security flaw in a video surveillance system sold to Homeland Security, the Secret Service, and other U.S. government agencies.

• As part of the settlement, the partner’s employee who originally reported the vulnerability will receive $1.5 million.

Eight years after the filing of a lawsuit against Cisco on behalf of U.S. public sector customers and more than a decade after a Cisco contractor initially called attention to a serious security flaw in one of the vendor’s video surveillance solutions, the IT equipment maker reached an $8.6 million settlement with the aggrieved parties and admitted culpability. In a blog posted in late July, Cisco General Counsel Mark Chandler wrote that software developed by Broadware – a company acquired by Cisco – used an open architecture that could be vulnerable to a breach. The settlement amount equates to a partial refund to the U.S. federal government and 16 states that bought products between 2008 and 2013. And the $8.6 million settlement included a $1.6 million payment to the person who first identified the vulnerability, although ultimately, no breach ever occurred. Continue reading “Cisco’s Settlement Over Video Surveillance Flap Signifies a New Era in Vendor Accountability”