|By Bob Gourley||
|April 26, 2012 09:45 AM EDT||
Study after study refutes the myth that cybersecurity is compromised by malicious, brilliant hackers. Advanced persistent threats, state-sponsored hackers, and foreign intelligence agencies are serious threats, especially to major targets, but the vast majority of breaches and leaks result from the cyber equivalent of forgetting to lock your door or losing your wallet.
Two recent, prominent studies show how negligence is the greatest cybersecurity threat. A study by Verizon this month discovered that in 97% of data breaches, hackers only had to use simple methods, and that in 80% of attacks hackers hit websites with weak security rather than targeting a specific firm. Last month, a study by the Ponemon Institute found that negligent insiders were the most common cause of data breaches, causing leaks 39% of the time. Breaches caused by negligent security policies or employees are the most important to protect against, not only because they are the most common, but also because they are the simplest to prevent. It takes little effort to keep your PDF reader updated, for example, but it’s nearly impossible to protect against many 0-day or undiscovered vulnerabilities exploited by advanced and well-funded attackers.
Education and transparency are two keys to making sure your enterprise has the basics covered and your employees don’t leave any glaring gaps in your security. These should go beyond the cybersecurity staff or the IT department to include all employees, as anyone with access to a computer can download an infected file from an email or accidentally reveal their passwords. In the Security Development Lifecycle, which reversed Microsoft’s once-struggling security culture over 10 years to be an industry leader and was later adopted by other tech titans, all employees get some form of training and auditing regularly. This is, unfortunately, very difficult for many companies to implement across many employees on many devices, especially when an organization has a Bring Your Own Device Policy. Surveys of organizations and employees show that while most companies and agencies try to educate users on mobile device best practices, it isn’t reaching employees, as most don’t remember getting any training.
Scott McNealy, the founder of Sun Microsystems, has a new start up called Wayin that may be able to help. Wayin’s instant and anonymous polling can be used to augment cybersecurity education and help IT get a better view of the security practices within their organization. Wayin allows users to vote on polls attached to media for real-time, anonymous surveys. Thus far, it’s been used mostly for entertainment, but there has been some corporate interest in using it to poll employees. A similar method can be used to assess the cybersecurity practices of a workforce and to better target education initiatives.
Employees can get quick, attention-grabbing daily questions on their security practices, such as “When did you last update your Internet browser?” of “Do you open attachments on emails from users you don’t recognize?” The questions will take seconds to answer and employees can be truthful because their responses are anonymous. The results would then be sent to the CISO who can then get an idea of what employees really do and think about security. After answering, the employees can be routed to a quick reminder or informative message about security best-practices or current risks to the company related to the question so that they get a little cybersecurity training every day. Aggregated weekly or monthly, poll results can help IT recognize where the threats to the organization lie, whether negligence is increasing or decreasing, and what areas to target with countermeasures or education.
This is just one of the possible use cases for Wayin. If you haven’t checked it out, try it here: http://www.wayin.com/#!/home
Things are being built upon cloud foundations to transform organizations. This CEO Power Panel at 15th Cloud Expo, moderated by Roger Strukhoff, Cloud Expo and @ThingsExpo conference chair, addressed the big issues involving these technologies and, more important, the results they will achieve. Rodney Rogers, chairman and CEO of Virtustream; Brendan O'Brien, co-founder of Aria Systems, Bart Copeland, president and CEO of ActiveState Software; Jim Cowie, chief scientist at Dyn; Dave Wagstaff, VP and chief architect at BSQUARE Corporation; Seth Proctor, CTO of NuoDB, Inc.; and Andris Gailitis, C...
Jan. 27, 2015 12:00 AM EST Reads: 2,545
SYS-CON Media announced that Cisco, a worldwide leader in IT that helps companies seize the opportunities of tomorrow, has launched a new ad campaign in Cloud Computing Journal. The ad campaign, a webcast titled 'Is Your Data Center Ready for the Application Economy?', focuses on the latest data center networking technologies, including SDN or ACI, and how customers are using SDN and ACI in their organizations to achieve business agility. The Cisco webcast is available on-demand.
Jan. 26, 2015 11:30 PM EST Reads: 1,348
Today’s enterprise is being driven by disruptive competitive and human capital requirements to provide enterprise application access through not only desktops, but also mobile devices. To retrofit existing programs across all these devices using traditional programming methods is very costly and time consuming – often prohibitively so. In his session at @ThingsExpo, Jesse Shiah, CEO, President, and Co-Founder of AgilePoint Inc., discussed how you can create applications that run on all mobile devices as well as laptops and desktops using a visual drag-and-drop application – and eForms-buildi...
Jan. 26, 2015 09:00 PM EST Reads: 2,554
The Industrial Internet revolution is now underway, enabled by connected machines and billions of devices that communicate and collaborate. The massive amounts of Big Data requiring real-time analysis is flooding legacy IT systems and giving way to cloud environments that can handle the unpredictable workloads. Yet many barriers remain until we can fully realize the opportunities and benefits from the convergence of machines and devices with Big Data and the cloud, including interoperability, data security and privacy.
Jan. 26, 2015 07:45 PM EST Reads: 2,518
IoT is still a vague buzzword for many people. In his session at @ThingsExpo, Mike Kavis, Vice President & Principal Cloud Architect at Cloud Technology Partners, discussed the business value of IoT that goes far beyond the general public's perception that IoT is all about wearables and home consumer services. He also discussed how IoT is perceived by investors and how venture capitalist access this space. Other topics discussed were barriers to success, what is new, what is old, and what the future may hold. Mike Kavis is Vice President & Principal Cloud Architect at Cloud Technology Pa...
Jan. 26, 2015 06:15 PM EST Reads: 3,882
SYS-CON Events announced today that CodeFutures, a leading supplier of database performance tools, has been named a “Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York, NY. CodeFutures is an independent software vendor focused on providing tools that deliver database performance tools that increase productivity during database development and increase database performance and scalability during production.
Jan. 26, 2015 06:00 PM EST Reads: 1,692
Dale Kim is the Director of Industry Solutions at MapR. His background includes a variety of technical and management roles at information technology companies. While his experience includes work with relational databases, much of his career pertains to non-relational data in the areas of search, content management, and NoSQL, and includes senior roles in technical marketing, sales engineering, and support engineering. Dale holds an MBA from Santa Clara University, and a BA in Computer Science from the University of California, Berkeley.
Jan. 26, 2015 06:00 PM EST Reads: 3,085
The Internet of Things (IoT) is rapidly in the process of breaking from its heretofore relatively obscure enterprise applications (such as plant floor control and supply chain management) and going mainstream into the consumer space. More and more creative folks are interconnecting everyday products such as household items, mobile devices, appliances and cars, and unleashing new and imaginative scenarios. We are seeing a lot of excitement around applications in home automation, personal fitness, and in-car entertainment and this excitement will bleed into other areas. On the commercial side, m...
Jan. 26, 2015 06:00 PM EST Reads: 2,815
The Internet of Things (IoT) promises to evolve the way the world does business; however, understanding how to apply it to your company can be a mystery. Most people struggle with understanding the potential business uses or tend to get caught up in the technology, resulting in solutions that fail to meet even minimum business goals. In his session at @ThingsExpo, Jesse Shiah, CEO / President / Co-Founder of AgilePoint Inc., showed what is needed to leverage the IoT to transform your business. He discussed opportunities and challenges ahead for the IoT from a market and technical point of vie...
Jan. 26, 2015 05:45 PM EST Reads: 3,124
The 3rd International Internet of @ThingsExpo, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that its Call for Papers is now open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than 20 years ago.
Jan. 26, 2015 05:00 PM EST Reads: 7,620
"People are a lot more knowledgeable about APIs now. There are two types of people who work with APIs - IT people who want to use APIs for something internal and the product managers who want to do something outside APIs for people to connect to them," explained Roberto Medrano, Executive Vice President at SOA Software, in this SYS-CON.tv interview at Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Jan. 26, 2015 02:30 PM EST Reads: 2,377
Performance is the intersection of power, agility, control, and choice. If you value performance, and more specifically consistent performance, you need to look beyond simple virtualized compute. Many factors need to be considered to create a truly performant environment. In his General Session at 15th Cloud Expo, Harold Hannon, Sr. Software Architect at SoftLayer, discussed how to take advantage of a multitude of compute options and platform features to make cloud the cornerstone of your online presence.
Jan. 26, 2015 02:15 PM EST Reads: 2,943
SYS-CON Media announced that Splunk, a provider of the leading software platform for real-time Operational Intelligence, has launched an ad campaign on Big Data Journal. Splunk software and cloud services enable organizations to search, monitor, analyze and visualize machine-generated big data coming from websites, applications, servers, networks, sensors and mobile devices. The ads focus on delivering ROI - how improved uptime delivered $6M in annual ROI, improving customer operations by mining large volumes of unstructured data, and how data tracking delivers uptime when it matters most.
Jan. 26, 2015 02:00 PM EST Reads: 3,544
In this Women in Technology Power Panel at 15th Cloud Expo, moderated by Anne Plese, Senior Consultant, Cloud Product Marketing at Verizon Enterprise, Esmeralda Swartz, CMO at MetraTech; Evelyn de Souza, Data Privacy and Compliance Strategy Leader at Cisco Systems; Seema Jethani, Director of Product Management at Basho Technologies; Victoria Livschitz, CEO of Qubell Inc.; Anne Hungate, Senior Director of Software Quality at DIRECTV, discussed what path they took to find their spot within the technology industry and how do they see opportunities for other women in their area of expertise.
Jan. 26, 2015 01:45 PM EST Reads: 2,128
DevOps Summit 2015 New York, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that it is now accepting Keynote Proposals. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete at launch. DevOps may be disruptive, but it is essential.
Jan. 26, 2015 01:15 PM EST Reads: 2,292
Almost everyone sees the potential of Internet of Things but how can businesses truly unlock that potential. The key will be in the ability to discover business insight in the midst of an ocean of Big Data generated from billions of embedded devices via Systems of Discover. Businesses will also need to ensure that they can sustain that insight by leveraging the cloud for global reach, scale and elasticity.
Jan. 26, 2015 01:00 PM EST Reads: 3,876
"BSQUARE is in the business of selling software solutions for smart connected devices. It's obvious that IoT has moved from being a technology to being a fundamental part of business, and in the last 18 months people have said let's figure out how to do it and let's put some focus on it, " explained Dave Wagstaff, VP & Chief Architect, at BSQUARE Corporation, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Jan. 26, 2015 11:30 AM EST Reads: 2,564
“The age of the Internet of Things is upon us,” stated Thomas Svensson, senior vice-president and general manager EMEA, ThingWorx, “and working with forward-thinking companies, such as Elisa, enables us to deploy our leading technology so that customers can profit from complete, end-to-end solutions.” ThingWorx, a PTC® (Nasdaq: PTC) business and Internet of Things (IoT) platform provider, announced on Monday that Elisa, Finnish provider of mobile and fixed broadband subscriptions, will deploy ThingWorx® platform technology to enable a new Elisa IoT service in Finland and Estonia.
Jan. 26, 2015 11:00 AM EST Reads: 1,590
Advanced Persistent Threats (APTs) are increasing at an unprecedented rate. The threat landscape of today is drastically different than just a few years ago. Attacks are much more organized and sophisticated. They are harder to detect and even harder to anticipate. In the foreseeable future it's going to get a whole lot harder. Everything you know today will change. Keeping up with this changing landscape is already a daunting task. Your organization needs to use the latest tools, methods and expertise to guard against those threats. But will that be enough? In the foreseeable future attacks w...
Jan. 26, 2015 11:00 AM EST Reads: 2,923
As enterprises move to all-IP networks and cloud-based applications, communications service providers (CSPs) – facing increased competition from over-the-top providers delivering content via the Internet and independently of CSPs – must be able to offer seamless cloud-based communication and collaboration solutions that can scale for small, midsize, and large enterprises, as well as public sector organizations, in order to keep and grow market share. The latest version of Oracle Communications Unified Communications Suite gives CSPs the capability to do just that. In addition, its integration ...
Jan. 26, 2015 11:00 AM EST Reads: 2,858