TM ONE Leap Summit 2019: Firming Up Its Position to Capture Workplace Transformation and Digital Payment Opportunities

A. Amir

Summary Bullets:

  • TM ONE has the right products and capabilities to address the growing trend of workplace transformation.
  • Increasing digital wallet adoption in Malaysia drives the opportunity for service providers, especially with PCI-DSS compliance in data centers.

At the TM ONE Leap Summit held in Kuala Lumpur in November 2019, the Malaysian incumbent fixed-line provider shifted the conversation from product solutions to business outcomes. This is in line with its direction moving from connectivity to a solution provider. The event focuses on two digital transformation areas: the importance of workplace transformation in today’s digital era and the disruption of digital payment in fintech. Continue reading “TM ONE Leap Summit 2019: Firming Up Its Position to Capture Workplace Transformation and Digital Payment Opportunities”

Security Providers Should Focus Less on Selling Security and More on Selling Trust by Becoming Service-Centric

Rajesh Muru

Summary Bullets:

  • Orange Cyberdefense has an aggressive strategy to drive its cybersecurity business by capitalizing on its strengths in its home market and expanding its security portfolio.
  • Acquisition is part of its expansion strategy, with the purchase of SecureLink and SecureData. The seamless integration of these businesses will be important to its success.

The strategic growth plans laid out by Orange Cyberdefense at its recent Analyst Day in Paris were impressive and tactical. The cybersecurity business has grown since its inception, mainly because it has been able to capitalize on its strengths in the home market with a strong security offering addressing global multinationals with multi-country locations, as well as serving the midmarket. Continue reading “Security Providers Should Focus Less on Selling Security and More on Selling Trust by Becoming Service-Centric”

API World 2019: API Security Tops API Management Priorities

C. Dunlap

Summary Bullets:

  • A new API lifecycle management approach is founded on emerging security innovations, including AI.
  • Pure-play API security providers threaten to outshine API management leaders through best-of-breed security.

This month’s API World in San Jose conveyed one dominant theme throughout keynotes, sessions, and the show floor: API security.

Alongside the usual suspects of leading API management providers, including IBM, Axway, and Akana, were a heap of API security providers, clearly generating a large amount of buzz among attendees. I recall a number of them attending API World last year, but the dominant theme of 2018 was Istio and other service mesh technologies, critical in helping move microservices-based apps into production. Following a year’s progress in digital transformations and the rollout of new app development architectures – including microservices and serverless computing – and the realization of all those unsecured APIs at the heart of DevOps-backed projects, unsurprisingly, security was the new belle of the ball. Continue reading “API World 2019: API Security Tops API Management Priorities”

Cisco’s Settlement Over Video Surveillance Flap Signifies a New Era in Vendor Accountability

Amy Larsen DeCarlo – Principal Analyst, Security and Data Center Services

Summary Bullets:

• After a protracted legal battle that spanned nearly a decade, Cisco settled a lawsuit accepting accountability for a security flaw in a video surveillance system sold to Homeland Security, the Secret Service, and other U.S. government agencies.

• As part of the settlement, the partner’s employee who originally reported the vulnerability will receive $1.5 million.

Eight years after the filing of a lawsuit against Cisco on behalf of U.S. public sector customers and more than a decade after a Cisco contractor initially called attention to a serious security flaw in one of the vendor’s video surveillance solutions, the IT equipment maker reached an $8.6 million settlement with the aggrieved parties and admitted culpability. In a blog posted in late July, Cisco General Counsel Mark Chandler wrote that software developed by Broadware – a company acquired by Cisco – used an open architecture that could be vulnerable to a breach. The settlement amount equates to a partial refund to the U.S. federal government and 16 states that bought products between 2008 and 2013. And the $8.6 million settlement included a $1.6 million payment to the person who first identified the vulnerability, although ultimately, no breach ever occurred. Continue reading “Cisco’s Settlement Over Video Surveillance Flap Signifies a New Era in Vendor Accountability”

At Last, We Can Bid a Fond Farewell to Microsoft’s Troubled Skype for Business Online

B. Shimmin

Summary Bullets:

  • Starting on September 1, 2019, Microsoft will begin onboarding new Office 365 users directly into Microsoft Teams, in essence removing the option for customers to run both Teams and the soon-to-be-retired Skype for Business Online.
  • Though somewhat extreme, this migration plan has been coming on for some time now, frankly ever since Microsoft introduced Microsoft Teams in 2017.

Via blog post earlier this week, Microsoft made the wholly unsurprising announcement that it would officially retire its long-term messaging solution, Skype for Business Online, on July 31st, 2021. Unlike many similar migration plans, where rival products can linger for years after closure, Microsoft does not intend to let Skype for Business Online slowly fade away. Continue reading “At Last, We Can Bid a Fond Farewell to Microsoft’s Troubled Skype for Business Online”

New Research Reveals C-Level Execs Are Prime Targets for Cyber Attackers

A. DeCarlo
A. DeCarlo

Summary Bullets:

  • Due to their privileged access to high-value corporate assets, executives are in the crosshairs of cyber attackers, according to the latest Verizon Data Breach Investigations Report.
  • The Verizon report found that the combination of access and the need to make quick decisions made C-level executives more vulnerable to social engineering attacks.

Enterprising cyber attackers driven by a money motive are setting their sights on objects that will deliver the highest returns. Thanks to their access to high-value systems and data, C-level executives are a prime target for social engineering hacks. This year’s Verizon Data Breach Investigation Report (DBIR) found social attacks, including business e-mail compromises (BECs) against enterprise executives, are on the rise. Speculating that the combination of proximity to high-value assets and the intensive pressure of their roles, which limits executive time to scrutinize messages, makes them more vulnerable than most employees with less critical roles, the Verizon DBIR claimed that staffers in leadership are 12 times more likely to be the victims of credential theft or other social incidents, such as being tricked into transferring money to an adversary’s bank account. Continue reading “New Research Reveals C-Level Execs Are Prime Targets for Cyber Attackers”

Can We Use Blockchain to Thwart Fake News?

J. Marcus

Summary Bullets:

  • Digital media faces a ‘fake news’ problem where sources may be biased or worse, and actual content may be manipulated.
  • Orange is behind Safe.press, a blockchain-based consortium for certifying news sources as legitimate – and not ‘fake.’

As investigative journalists and whistleblowers struggle to be heard in calling out the rampant abuse of social networks in propagating ‘fake news,’ one startup is trying to tackle the issue with new technology. Continue reading “Can We Use Blockchain to Thwart Fake News?”

Amazon Catches Heat for Alexa’s Dependence on Human Intellect

A. DeCarlo
A. DeCarlo

Summary Bullets:

  • Amazon Alexa is relaying recorded consumer speech for analysis by Amazon staff and contractors for product improvements.
  • There is a simple workaround to turn off the default communications between Alexa and Amazon employees.

Alexa apparently needs a little help from human sources to better decipher user requests. Amazon acknowledged that individual staff and contractors in a number of countries including Romania, India, Costa Rica, and the U.S. each evaluate as many as 1,000 recorded requests to Alexa during their nine-hour shift. The staffers feed notes into software that provides better context to requests, which Amazon said will ultimately produce a better user experience. Continue reading “Amazon Catches Heat for Alexa’s Dependence on Human Intellect”

Deutsche Telekom’s Car SOC is Ready to Protect Drivers—Is the Auto Industry?

J. Marcus

Summary Bullets:

• Connected cars are vulnerable to the same threats facing any Internet user or device

• Deutsche Telekom proposes its Car SOC to the industry, but as of today no one is responsible for protecting drivers from cyber attacks

Connected cars, like anything else using the Internet, are exposed to a range of vulnerabilities most drivers dare not even contemplate. Even without being connected, the digital technology in place is at risk from attackers, whether through the cloning of remote control key entry and engine starting, or from malware introduced to internal systems via infected diagnostic tools at the local garage. Continue reading “Deutsche Telekom’s Car SOC is Ready to Protect Drivers—Is the Auto Industry?”

Google in Hot Water Over Latest Privacy Misstep

A. DeCarlo
A. DeCarlo

Summary Bullets:

  • Google is under fire for failing to disclose that its Nest Secure home alarm system has an embedded microphone.
  • Privacy advocates are calling for significant change in light of the digital giant’s checkered data handling history.

When Google announced in early February that the company had added a feature to its Google Nest Secure system that allows it to work with Google Assistant to become a smart speaker, some consumers were surprised to learn the home security and alarm system has an embedded microphone. Google copped to failing to disclose the integrated microphone, admitting that detail should have been included in product information. Continue reading “Google in Hot Water Over Latest Privacy Misstep”