Anti-Bot as Additional Protection Layer in IoT

A. Amir

Summary Bullets:

  • Security remains a key inhibitor in IoT, driven by the convergence of IT and OT.
  • IoT providers should consider bundling anti-bot offerings into their IoT solution as an additional protection layer.

Security and privacy have been the key topics in IoT. They are also the main inhibitors slowing down IoT adoptions by enterprises. As seen in the figure below, GlobalData IoT research conducted in 2017 with 281 Asian enterprises showed that security and privacy were the second and fourth biggest challenges for them with their IoT deployments. Continue reading “Anti-Bot as Additional Protection Layer in IoT”

Advanced SOC Capabilities Give Back Time

J. Marcus

Summary Bullets:

  • AI and machine learning are reducing the constraints of traditional SOC operations.
  • Time saved through resulting automation can be put to use on high-priority investigation and response.

Recently, classic rock band The Kinks brought out a previously unreleased track called “Time Song,” which muses on the slippery ubiquity of this thing called time:

Time is ahead of us
Above and below us
Is standing beside us
And looking down on us…

While the song’s message is universal, that last part of the quoted lyrics above may be true when it comes to the key realities of security operations management. The number of person hours available does not come close to the number required to investigate every incident reported by an organization’s systems and users. When it takes a security analyst 10 to 15 minutes to research each incident, but the number of incidents pouring in via collected intelligence is in the hundreds or thousands daily, it can indeed feel like time itself is “looking down on us” and cruelly watching us fail to keep pace. Continue reading “Advanced SOC Capabilities Give Back Time”

Privacy and Data Integrity in the Disinformation Era

Amy Larsen DeCarlo – Principal Analyst, Security and Data Center Services

Summary Bullets:

  • Facebook executives have been on a summer apology tour after the Cambridge Analytica fiasco came to light but new information surfaced that shows the company is still not adequately protecting consumer personal data.
  • Lawmakers aren’t waiting for tech to self-regulate with California’s legislature passing a sweeping consumer privacy bill and federal regulators looking to follow suit.

 

Digital advertising, an $88 billion industry in 2017, is driving notable revenue expansion for some of the top social media platforms.  However, this growth has brought with it some questionable practices in how user information is mined and shared.  Facebook became a focus of intense scrutiny when it came to light that during the 2016 U.S. presidential election U.K.-based political consulting house Cambridge Analytical tapped data from tens of millions of Facebook users to build out voter profiles without express permission.  Facebook executives conducted something of an apology tour, testifying in front of a U.S. Congressional Committee and promising more transparency about how user data is handled and applied. Continue reading “Privacy and Data Integrity in the Disinformation Era”

When Cloud-Based Security Can Mean Everybody Wins

J. Marcus

Summary Bullets:

  • Software-defined networking is turning concern about security in the cloud on its head, enabling a winning model for protecting businesses.
  • Enterprises get predictable cost and value, security vendors streamline go-to-market and service delivery, and network providers gain revenue from vendor partners by hosting ecosystems in a B2B2B role.

Protecting a business network has traditionally meant plugging in a bunch of different security ‘appliances,’ in each business location, to protect all the many different devices and machines connected to the LAN or WAN. Managing the process can be a nightmare for companies of even a modest size, to the point where many often simply give up. Continue reading “When Cloud-Based Security Can Mean Everybody Wins”

Be Smarter When Building Smart Cities

G. Barton
G. Barton

Summary Bullets:

  • Enterprises and communities should have clear aims when considering smart city projects.
  • Smart cities should be built on a per-project basis rather than looking at the city/community as a whole.

There have been successful ‘smart city’ projects.  Orange Business Services (OBS) has enjoyed success working with Saudi Arabia on large-scale projects in the kingdom.  OBS has also helped ski resorts identify where visitors are travelling from and how they can make it easier for them to visit their resort.  This later example is not strictly a smart city program, but both of these projects point to important aspects of why projects seeking to use technology to aid communities can succeed and fail. Continue reading “Be Smarter When Building Smart Cities”

New WPA3 Makes Wi-Fi Security Stronger for Enterprise, Easier for Consumers Connecting IoT Devices

Summary Bullets:

• WPA3 is the new WLAN security standard, with the network and device industry on board for migration from WPA2 starting now

• Stronger authentication and encryption will thwart attackers, while Easy Connect configuration will make set-up easy for connected home and IoT devices

Fourteen years is a long time in Wi-Fi technology. In fact, it’s almost its entire history. That’s why this week’s announcement by the Wi-Fi Alliance introducing Wi-Fi CERTIFIED WPA3 is garnering much more notice than a new security standard usually gets.

Continue reading “New WPA3 Makes Wi-Fi Security Stronger for Enterprise, Easier for Consumers Connecting IoT Devices”

What Telcos Might Be Good For: Leading the Charge in the Cyber War

J. Marcus

Summary Bullets:

  • Cyber threats are impacting the bottom line, leading to increased security spending.
  • Priority is being placed on managed firewalls, identity management, and SIEM.
  • Telcos like BT are stepping forward with shared threat intelligence initiatives.

Endless new threats impacting businesses and consumers are driving demand for IT and cybersecurity products and services both by besieged IT departments – with the thankless task of protecting against invisible thieves and miscreants – and by their bosses, who have been firmly pulled into cybersecurity decision making.

It’s starting to feel like an endless war. Continue reading “What Telcos Might Be Good For: Leading the Charge in the Cyber War”

New-Look Micro Focus Crafts an Analytics-Driven Enterprise Security Strategy

E. Parizo

Summary Bullets:

  • Micro Focus may not yet be known for enterprise security, but it has become a significant player with the addition of HPE’s software assets.
  • Micro Focus must go beyond touting its size and promote its analytics-centric strategy to better secure users, applications, and data.

Micro Focus may not yet be well known on the enterprise security landscape, but that’s about to change.

The vendor has been around since the ‘80s working on COBOL, but on September 1, 2017, Micro Focus became a new company. That’s when it completed its so-called ‘spin-merger’ with Hewlett Packard Enterprise, absorbing most of the software assets of HPE. Overnight, Micro Focus became a goliath: $4.4 billion in annual revenue, 18,000 employees, and offerings in segments including DevOps, hybrid IT, data management, analytics, and cybersecurity. Continue reading “New-Look Micro Focus Crafts an Analytics-Driven Enterprise Security Strategy”

Telstra Vantage 2017: Redefining Managed Security

D. Kehoe

Summary Bullets:

  • Service providers are starting to build their own IP and open source capabilities to provider better interoperability, richer features, faster rollout and market differentiation within their product capabilities.
  • The market is changing from a defensive posture to one that can address security before, during and after an attack.

While 2017 has seen its fair share of security announcements across Asia-Pacific, with everything from the launch of a new SOC in one city (BT) to another portfolio refresh (CenturyLink), there have also been a few operators (e.g., NTT Group, Singtel and Vodafone) looking to consolidate and globalize their security capabilities. Some operators see a future not so much around filling out a portfolio with more and more products, but shifting focus from reselling to building their own ‘IP’ and using more open source at an accelerated pace. Two SPs with similar products leave little room for differentiation. Many businesses want to avoid vendor lock-in and demand interoperability. Providers, too, need better margins, as well as the ability to offer differentiation and wield more influence on roadmaps. Vendor roadmaps never seem to be fast enough in an era of DevOps. Continue reading “Telstra Vantage 2017: Redefining Managed Security”

Equifax Data Breach Teaches the Importance of a Counterintuitive Breach Response

E. Parizo

Summary Bullets:

  • The Equifax breach is already one of the largest known corporate data breaches in U.S. history, affecting up to 143 million Americans.
  • Despite seeming counterintuitive, breached organizations should offer as much detail as possible, refrain from firing anyone immediately, and keep talking about the incident after it is over.

By now, most know of the data breach at credit-monitoring firm Equifax. Revealed September 7, attackers compromised a software flaw in the Apache Struts web application framework to access the personal and financial data of up to 143 million Americans, likely more than half of the U.S. adult population. Continue reading “Equifax Data Breach Teaches the Importance of a Counterintuitive Breach Response”