Category: Secure

Secure provides guidance and insight on the myriad issues that business technologists grapple with while protecting business data assets and ensuring continuity.

Alibaba Cloud Looks for Growth Outside of China, and Indonesia Is a Good Target

by siowmeng, posted in Cloud Enable, Network, Secure
S. Soh

Summary Bullets:

  • Alibaba Cloud is gaining a stronger foothold in Indonesia with its second data centre, a growing partnership ecosystem and an initiative to support start-ups to develop their business through a cloud-native approach.
  • Alibaba needs to grow its international presence, and it is establishing an early presence in markets such as Indonesia where competitors do not yet have a local presence.

Alibaba Cloud has launched a second data centre in Indonesia after launching the first data centre 10 months earlier. The second data centre enables Alibaba Cloud to increase capacity, provide higher availability and improve disaster recovery capabilities. The company also launched the Internet Champion Global Accelerator Program to support the growth of start-ups and local talents. The program will provide training, mentorship and venture capital opportunities to enterprises and professional services. The program is launching in Jakarta, and it will be extended to Bali in January 2019, as well as other global markets in the future. This is a strategic move since start-ups and SMEs in general are more ready to adopt a cloud-native approach and can become heavy cloud users as they scale up. Continue reading “Alibaba Cloud Looks for Growth Outside of China, and Indonesia Is a Good Target”

Social Media Roasts Apple over Its Subpar Response to the FacePalm Bug

by Amy Larsen DeCarlo, posted in IT Leader, Secure
A. DeCarlo
A. DeCarlo

Summary Bullets:

  • Reports surfaced that Apple ignored multiple efforts from an Arizona lawyer to alert the company that her teenage son had uncovered a bug which allows one FaceTime user to spy on another.
  • Twitter users blasted Apple for ignoring the lawyer’s attempts and then being slow to disable the affected feature and issue a fix.

News that Apple seemingly ignored repeated reports for a week that its popular FaceTime video app had an alarming privacy-invading bug is going viral on social media. Twitter users questioned whether Apple was ignoring calls to investigate a FaceTime group chat bug that allows the initial caller to listen on the call recipient even if the person on the receiving end didn’t pick up, or if the company might have been surreptitiously working on a fix before notifying users about the embarrassing flaw. Continue reading “Social Media Roasts Apple over Its Subpar Response to the FacePalm Bug”

Orange Cyberdefense on Turning the Skills Shortage into an Advantage

by John Marcus, posted in Secure
J. Marcus

Summary Bullets:

• At a recent Orange Cyberdefense analyst event, the company addressed (among other things) the familiar topic of the skills shortage in cybersecurity

• In doing so, it illustrated ways in which it might turn this fundamental market challenge into an advantage

The theme at Orange Cyberdefense’s recent analyst event was combining the best of both human and technology resources, so it was no surprise that the inescapable cybersecurity skills shortage was a featured topic alongside sessions dedicated to strategy, portfolio, and innovation. Without directly saying so, the managed security service provider (MSSP) is clearly trying to turn this global challenge into an advantage – at least in France, where it can claim market leadership with only about a 15% share due to a highly fragmented environment involving hundreds of solution providers.

With its strategy for retraining and recruitment well underway, Orange Cyberdefense has managed to increase the size of its team despite the people shortage and its associated side effect of high turnover among qualified employees. With 100 Orange employees upskilled and recruited by its own Cyberdefense Academy since 2017, plus the addition of 300 new external recruits in 2018, the group’s security business now has 1,300 “humans” on board. Continue reading “Orange Cyberdefense on Turning the Skills Shortage into an Advantage”

TM Forum Digital Transformation Asia 2018: CenturyLink Strengthens Asia-Pacific Business

by Alfie Amir, posted in Cloud Enable, IT Leader, Network, Secure
A. Amir

Summary Bullets:

  • CenturyLink expands and enhances its portfolio in Asia-Pacific to challenge other carriers and grab the growing opportunity.
  • However, there are still gaps with its competitors, especially in portfolio and presence in the region.

At the TM Forum Digital Transformation Asia 2018 in Malaysia earlier this month, CenturyLink shared its direction to strengthen its presence and expand the business in Asia-Pacific. The move is in line with its global expansion strategy announced this year at its annual Analyst Forum. In Asia-Pacific, CenturyLink has over 2,000 employees, on-net presence in 12 countries and sales presence in six key markets (i.e., Australia, China, Hong Kong, India, Japan and Singapore). With the existing resources in the region, the carrier plays to its strength by focusing on inbound MNCs as well as Asian-based enterprises expanding beyond the region. It focuses in certain verticals, including OTT/content, media, entertainment, financial services, energy and utilities, retail and manufacturing sectors. Continue reading “TM Forum Digital Transformation Asia 2018: CenturyLink Strengthens Asia-Pacific Business”

Super Micro Supply Chain Attack May Be Fake, But Supply Chain Risk is Genuine

by Eric Parizo, posted in Secure
E. Parizo

Summary Bullets:

• It turns out a recent bombshell report detailing how rogue microchips infected an unknown number of computer servers may not be true.

• The event illustrates that supply chain risk is legitimate, and enterprises must plan for the risk and implement methods to detect such compromises.

Cybersecurity’s biggest mystery is centered on a microchip so small, it might not even exist.

It all started on 4 October, when U.S. news agency Bloomberg reported that many of the motherboards manufactured by Super Micro Computer had been compromised before they ever left the factory. Continue reading “Super Micro Supply Chain Attack May Be Fake, But Supply Chain Risk is Genuine”

Web Pioneer Lays Out Ambitious Plan to Disrupt Digital World Order

by Amy Larsen DeCarlo, posted in Secure
A. DeCarlo
A. DeCarlo

Summary Bullets:

  • Consumers’ unease with the misinformation, disinformation, and mishandling of personal digital data is driving new regulations and investment in developing new ways to protect content.
  • Inrupt, a startup founded by Tim Berners-Lee, wants to shake up the status quo with technology that will effectively decentralize the web and put more control in the hands of end users.

Twenty-nine years after the first successful Internet transmission using Hypertext Transfer Protocol (HTTP), the protocol’s developer, Tim Berners-Lee, wants to disrupt the web status quo. In an effort to address mounting concerns about privacy on the web, Berners-Lee is forging a path to return control over data access and storage to end users. Berners-Lee’s new startup, Inrupt, is pushing for adoption of an open source platform which could, if widely implemented, effectively decentralize the web. The platform, known as ‘Solid,’ takes aim at the current digital data model in which a relatively small number of dominant web players maintain significant access and storage control over the majority of end-user information. Continue reading “Web Pioneer Lays Out Ambitious Plan to Disrupt Digital World Order”

Blockchain Platforms Vendors Jockey for Mindshare

by Charlotte Dunlap, posted in IT Leader, Mobilize, Secure
C. Dunlap

Summary Bullets:

  • IBM touts advancements made in Food Trust, its blockchain solution for the food ecosystem.
  • SAP highlights three blockchain technologies built on SAP Cloud Platform: Hyperledger Fabric, MultiChain, and Quorum.

The buzz around blockchain is intensifying, and mindshare grabs among platform vendors are playing out through an upswing in strategy and ecosystem updates. Cloud platform providers are being pressed to define the early stages and use cases of this emerging market, which promises to modernize decades-old financial and supply chain systems into digital ledgers. GlobalData has reported that platform services providers are well suited to expand their cloud services to include blockchain, which represents an abstraction layer for making it easier to incorporate blockchain capabilities into applications improving developer productivity (please see “Blockchain Watch: App Platform Vendors Dominate in Laying the Groundwork for Digital Ledger Transformations,” September 10, 2018). Continue reading “Blockchain Platforms Vendors Jockey for Mindshare”

Anti-Bot as Additional Protection Layer in IoT

by Alfie Amir, posted in Internet of Things, Secure
A. Amir

Summary Bullets:

  • Security remains a key inhibitor in IoT, driven by the convergence of IT and OT.
  • IoT providers should consider bundling anti-bot offerings into their IoT solution as an additional protection layer.

Security and privacy have been the key topics in IoT. They are also the main inhibitors slowing down IoT adoptions by enterprises. As seen in the figure below, GlobalData IoT research conducted in 2017 with 281 Asian enterprises showed that security and privacy were the second and fourth biggest challenges for them with their IoT deployments. Continue reading “Anti-Bot as Additional Protection Layer in IoT”

Advanced SOC Capabilities Give Back Time

by John Marcus, posted in Secure
J. Marcus

Summary Bullets:

  • AI and machine learning are reducing the constraints of traditional SOC operations.
  • Time saved through resulting automation can be put to use on high-priority investigation and response.

Recently, classic rock band The Kinks brought out a previously unreleased track called “Time Song,” which muses on the slippery ubiquity of this thing called time:

Time is ahead of us
Above and below us
Is standing beside us
And looking down on us…

While the song’s message is universal, that last part of the quoted lyrics above may be true when it comes to the key realities of security operations management. The number of person hours available does not come close to the number required to investigate every incident reported by an organization’s systems and users. When it takes a security analyst 10 to 15 minutes to research each incident, but the number of incidents pouring in via collected intelligence is in the hundreds or thousands daily, it can indeed feel like time itself is “looking down on us” and cruelly watching us fail to keep pace. Continue reading “Advanced SOC Capabilities Give Back Time”

Privacy and Data Integrity in the Disinformation Era

by Amy Larsen DeCarlo, posted in Secure
Amy Larsen DeCarlo – Principal Analyst, Security and Data Center Services

Summary Bullets:

  • Facebook executives have been on a summer apology tour after the Cambridge Analytica fiasco came to light but new information surfaced that shows the company is still not adequately protecting consumer personal data.
  • Lawmakers aren’t waiting for tech to self-regulate with California’s legislature passing a sweeping consumer privacy bill and federal regulators looking to follow suit.

 

Digital advertising, an $88 billion industry in 2017, is driving notable revenue expansion for some of the top social media platforms.  However, this growth has brought with it some questionable practices in how user information is mined and shared.  Facebook became a focus of intense scrutiny when it came to light that during the 2016 U.S. presidential election U.K.-based political consulting house Cambridge Analytical tapped data from tens of millions of Facebook users to build out voter profiles without express permission.  Facebook executives conducted something of an apology tour, testifying in front of a U.S. Congressional Committee and promising more transparency about how user data is handled and applied. Continue reading “Privacy and Data Integrity in the Disinformation Era”