New WPA3 Makes Wi-Fi Security Stronger for Enterprise, Easier for Consumers Connecting IoT Devices

Summary Bullets:

• WPA3 is the new WLAN security standard, with the network and device industry on board for migration from WPA2 starting now

• Stronger authentication and encryption will thwart attackers, while Easy Connect configuration will make set-up easy for connected home and IoT devices

Fourteen years is a long time in Wi-Fi technology. In fact, it’s almost its entire history. That’s why this week’s announcement by the Wi-Fi Alliance introducing Wi-Fi CERTIFIED WPA3 is garnering much more notice than a new security standard usually gets.

Continue reading “New WPA3 Makes Wi-Fi Security Stronger for Enterprise, Easier for Consumers Connecting IoT Devices”

What Telcos Might Be Good For: Leading the Charge in the Cyber War

J. Marcus

Summary Bullets:

  • Cyber threats are impacting the bottom line, leading to increased security spending.
  • Priority is being placed on managed firewalls, identity management, and SIEM.
  • Telcos like BT are stepping forward with shared threat intelligence initiatives.

Endless new threats impacting businesses and consumers are driving demand for IT and cybersecurity products and services both by besieged IT departments – with the thankless task of protecting against invisible thieves and miscreants – and by their bosses, who have been firmly pulled into cybersecurity decision making.

It’s starting to feel like an endless war. Continue reading “What Telcos Might Be Good For: Leading the Charge in the Cyber War”

New-Look Micro Focus Crafts an Analytics-Driven Enterprise Security Strategy

E. Parizo

Summary Bullets:

  • Micro Focus may not yet be known for enterprise security, but it has become a significant player with the addition of HPE’s software assets.
  • Micro Focus must go beyond touting its size and promote its analytics-centric strategy to better secure users, applications, and data.

Micro Focus may not yet be well known on the enterprise security landscape, but that’s about to change.

The vendor has been around since the ‘80s working on COBOL, but on September 1, 2017, Micro Focus became a new company. That’s when it completed its so-called ‘spin-merger’ with Hewlett Packard Enterprise, absorbing most of the software assets of HPE. Overnight, Micro Focus became a goliath: $4.4 billion in annual revenue, 18,000 employees, and offerings in segments including DevOps, hybrid IT, data management, analytics, and cybersecurity. Continue reading “New-Look Micro Focus Crafts an Analytics-Driven Enterprise Security Strategy”

Telstra Vantage 2017: Redefining Managed Security

D. Kehoe

Summary Bullets:

  • Service providers are starting to build their own IP and open source capabilities to provider better interoperability, richer features, faster rollout and market differentiation within their product capabilities.
  • The market is changing from a defensive posture to one that can address security before, during and after an attack.

While 2017 has seen its fair share of security announcements across Asia-Pacific, with everything from the launch of a new SOC in one city (BT) to another portfolio refresh (CenturyLink), there have also been a few operators (e.g., NTT Group, Singtel and Vodafone) looking to consolidate and globalize their security capabilities. Some operators see a future not so much around filling out a portfolio with more and more products, but shifting focus from reselling to building their own ‘IP’ and using more open source at an accelerated pace. Two SPs with similar products leave little room for differentiation. Many businesses want to avoid vendor lock-in and demand interoperability. Providers, too, need better margins, as well as the ability to offer differentiation and wield more influence on roadmaps. Vendor roadmaps never seem to be fast enough in an era of DevOps. Continue reading “Telstra Vantage 2017: Redefining Managed Security”

Equifax Data Breach Teaches the Importance of a Counterintuitive Breach Response

E. Parizo

Summary Bullets:

  • The Equifax breach is already one of the largest known corporate data breaches in U.S. history, affecting up to 143 million Americans.
  • Despite seeming counterintuitive, breached organizations should offer as much detail as possible, refrain from firing anyone immediately, and keep talking about the incident after it is over.

By now, most know of the data breach at credit-monitoring firm Equifax. Revealed September 7, attackers compromised a software flaw in the Apache Struts web application framework to access the personal and financial data of up to 143 million Americans, likely more than half of the U.S. adult population. Continue reading “Equifax Data Breach Teaches the Importance of a Counterintuitive Breach Response”

In David Ulevitch, Cisco Has Found Its (Alternative) Rock Star Security Leader

E. Parizo

Summary Bullets:

• David Ulevitch, a seemingly unusual choice to lead Cisco’s security business, will foster ‘positive’ disruption.

• He’s the perfect choice to usher the business toward a cloud-centric future, in spite of looming challenges.

For many years, the top job in Cisco’s security business group has essentially been a revolving door. Leaders have come and gone quickly, generally in one to two year stints, with varying levels of success. It’s been a double-edged sword; ineffective leaders and misguided strategies haven’t lasted long (see: Jayshree Ullal and “Anti-X”), but innovative leaders and winning strategies often haven’t stuck (Chris Young, widely credited for the group’s turnaround, is now CEO of rival vendor McAfee). Continue reading “In David Ulevitch, Cisco Has Found Its (Alternative) Rock Star Security Leader”

GDPR: What’s an Enterprise to Do?

G. Barton
G. Barton

Summary Bullets:

• Encryption is at the heart pf GDPR and can protect enterprises from potential breaches and mitigate the problems if they occur.

• Enterprises cannot expect ICT providers now to simply accept the risks associated with data handling and should look to work collaboratively.

At its analyst day on June 29, Interoute set out its view on GDPR and how it is seeking to help customers prepare their own operations for when GDPR goes live. Most IT providers are now beginning to talk about GDPR, and some such as AWS have already launched services that pre-empt GDPR’s requirements.

Continue reading “GDPR: What’s an Enterprise to Do?”

WannaCrypt Global Ransomware Attack Highlights a Worsening Data Hijacking Epidemic

E. Parizo

Summary Bullets:

  • WannaCry, the largest-ever ransomware attack, is likely a harbinger of what’s to come.
  • The emergence of ransomware highlights the importance of tying security to data backup and recovery.

Suddenly, the whole world knows about ransomware.

While ransomware is no secret to those in the cybersecurity industry who have seen a steadily growing number of isolated incidents, to everyone else, ransomware made its presence broadly known late last week. The largest-ever single ransomware incident, a variant of the WannaCrypt strain known (aptly) as WannaCry, caught tens of thousands of organizations in at least 150 countries by surprise, likely causing millions if not billions in damage. Continue reading “WannaCrypt Global Ransomware Attack Highlights a Worsening Data Hijacking Epidemic”

The Top Five DevOps Takeaways from Google Cloud Next

C. Dunlap
C. Dunlap

Summary Bullets:

  • Google made its play for the enterprise based on hefty investment abilities and innovation in app development platforms and data analytics.
  • Google says it’s doubling down this year, and already winning over half of its cloud deal bids.

Pitted against Microsoft Azure and Amazon AWS, Google understands its messaging needs to address its ability to cater to the mission-critical businesses of global enterprises embarking on new digital initiatives. In a word, it’s about innovation. That’s exactly what execs focused on this week during Google Cloud Next in San Francisco: a shift from consumer to enterprise apps that will carry large organizations into the next wave of cloud computing, which spans from high-level concepts around applications that leverage AI and machine learning to build apps that actually learn outcomes to emerging DevOps app development models and architectures. (Please see this Advisory Report for more coverage.) Continue reading “The Top Five DevOps Takeaways from Google Cloud Next”

RSA Conference 2017 Preview: Three Themes I’m Watching

E. Parizo
E. Parizo

Summary Bullets:

  • Serverless security and security product integration frameworks are two emerging InfoSec industry market segments worth watching.
  • After contracting last year, the intrusion prevention system market should rebound thanks to new use cases and product innovation.

Next week, thousands of cybersecurity pros will converge in San Francisco for RSA Conference 2017. While there will be no shortage of interesting storylines, here are the three top themes I’ll be watching for at the industry’s largest annual confab: Continue reading “RSA Conference 2017 Preview: Three Themes I’m Watching”