|By Bob Gourley||
|April 26, 2012 09:45 AM EDT||
Study after study refutes the myth that cybersecurity is compromised by malicious, brilliant hackers. Advanced persistent threats, state-sponsored hackers, and foreign intelligence agencies are serious threats, especially to major targets, but the vast majority of breaches and leaks result from the cyber equivalent of forgetting to lock your door or losing your wallet.
Two recent, prominent studies show how negligence is the greatest cybersecurity threat. A study by Verizon this month discovered that in 97% of data breaches, hackers only had to use simple methods, and that in 80% of attacks hackers hit websites with weak security rather than targeting a specific firm. Last month, a study by the Ponemon Institute found that negligent insiders were the most common cause of data breaches, causing leaks 39% of the time. Breaches caused by negligent security policies or employees are the most important to protect against, not only because they are the most common, but also because they are the simplest to prevent. It takes little effort to keep your PDF reader updated, for example, but it’s nearly impossible to protect against many 0-day or undiscovered vulnerabilities exploited by advanced and well-funded attackers.
Education and transparency are two keys to making sure your enterprise has the basics covered and your employees don’t leave any glaring gaps in your security. These should go beyond the cybersecurity staff or the IT department to include all employees, as anyone with access to a computer can download an infected file from an email or accidentally reveal their passwords. In the Security Development Lifecycle, which reversed Microsoft’s once-struggling security culture over 10 years to be an industry leader and was later adopted by other tech titans, all employees get some form of training and auditing regularly. This is, unfortunately, very difficult for many companies to implement across many employees on many devices, especially when an organization has a Bring Your Own Device Policy. Surveys of organizations and employees show that while most companies and agencies try to educate users on mobile device best practices, it isn’t reaching employees, as most don’t remember getting any training.
Scott McNealy, the founder of Sun Microsystems, has a new start up called Wayin that may be able to help. Wayin’s instant and anonymous polling can be used to augment cybersecurity education and help IT get a better view of the security practices within their organization. Wayin allows users to vote on polls attached to media for real-time, anonymous surveys. Thus far, it’s been used mostly for entertainment, but there has been some corporate interest in using it to poll employees. A similar method can be used to assess the cybersecurity practices of a workforce and to better target education initiatives.
Employees can get quick, attention-grabbing daily questions on their security practices, such as “When did you last update your Internet browser?” of “Do you open attachments on emails from users you don’t recognize?” The questions will take seconds to answer and employees can be truthful because their responses are anonymous. The results would then be sent to the CISO who can then get an idea of what employees really do and think about security. After answering, the employees can be routed to a quick reminder or informative message about security best-practices or current risks to the company related to the question so that they get a little cybersecurity training every day. Aggregated weekly or monthly, poll results can help IT recognize where the threats to the organization lie, whether negligence is increasing or decreasing, and what areas to target with countermeasures or education.
This is just one of the possible use cases for Wayin. If you haven’t checked it out, try it here: http://www.wayin.com/#!/home
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at Internet of @ThingsExpo, James Kirkland, Chief Architect for the Internet of Things and Intelligent Systems at Red Hat, will describe how to revoluti...
Oct. 25, 2014 05:00 PM EDT Reads: 1,659
The Internet of Things will greatly expand the opportunities for data collection and new business models driven off of that data. In her session at Internet of @ThingsExpo, Esmeralda Swartz, CMO of MetraTech, will discuss how for this to be effective you not only need to have infrastructure and operational models capable of utilizing this new phenomenon, but increasingly service providers will need to convince a skeptical public to participate. Get ready to show them the money! Speaker Bio: Esmeralda Swartz, CMO of MetraTech, has spent 16 years as a marketing, product management, and busin...
Oct. 24, 2014 09:30 PM EDT Reads: 1,325
Samsung VP Jacopo Lenzi, who headed the company's recent SmartThings acquisition under the auspices of Samsung's Open Innovaction Center (OIC), answered a few questions we had about the deal. This interview was in conjunction with our interview with SmartThings CEO Alex Hawkinson. IoT Journal: SmartThings was developed in an open, standards-agnostic platform, and will now be part of Samsung's Open Innovation Center. Can you elaborate on your commitment to keep the platform open? Jacopo Lenzi: Samsung recognizes that true, accelerated innovation cannot be driven from one source, but requires a...
Oct. 23, 2014 11:45 PM EDT Reads: 2,668
SYS-CON Events announced today that Red Hat, the world's leading provider of open source solutions, will exhibit at Internet of @ThingsExpo, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Red Hat is the world's leading provider of open source software solutions, using a community-powered approach to reliable and high-performing cloud, Linux, middleware, storage and virtualization technologies. Red Hat also offers award-winning support, training, and consulting services. As the connective hub in a global network of enterprises, partners, a...
Oct. 23, 2014 11:30 PM EDT Reads: 1,705
P2P RTC will impact the landscape of communications, shifting from traditional telephony style communications models to OTT (Over-The-Top) cloud assisted & PaaS (Platform as a Service) communication services. The P2P shift will impact many areas of our lives, from mobile communication, human interactive web services, RTC and telephony infrastructure, user federation, security and privacy implications, business costs, and scalability. In his session at Internet of @ThingsExpo, Robin Raymond, Chief Architect at Hookflash Inc., will walk through the shifting landscape of traditional telephone a...
Oct. 23, 2014 08:15 PM EDT Reads: 1,589
Oct. 23, 2014 08:00 PM EDT Reads: 1,708
BSQUARE is a global leader of embedded software solutions. We enable smart connected systems at the device level and beyond that millions use every day and provide actionable data solutions for the growing Internet of Things (IoT) market. We empower our world-class customers with our products, services and solutions to achieve innovation and success. For more information, visit www.bsquare.com.
Oct. 23, 2014 08:00 PM EDT Reads: 1,639
How do APIs and IoT relate? The answer is not as simple as merely adding an API on top of a dumb device, but rather about understanding the architectural patterns for implementing an IoT fabric. There are typically two or three trends: Exposing the device to a management framework Exposing that management framework to a business centric logic • Exposing that business layer and data to end users. This last trend is the IoT stack, which involves a new shift in the separation of what stuff happens, where data lives and where the interface lies. For instance, it’s a mix of architectural style...
Oct. 23, 2014 07:45 PM EDT Reads: 1,664
SYS-CON Events announced today that SOA Software, an API management leader, will exhibit at SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. SOA Software is a leading provider of API Management and SOA Governance products that equip business to deliver APIs and SOA together to drive their company to meet its business strategy quickly and effectively. SOA Software’s technology helps businesses to accelerate their digital channels with APIs, drive partner adoption, monetize their assets, and achieve a...
Oct. 23, 2014 06:15 PM EDT Reads: 1,695
From a software development perspective IoT is about programming "things," about connecting them with each other or integrating them with existing applications. In his session at @ThingsExpo, Yakov Fain, co-founder of Farata Systems and SuranceBay, will show you how small IoT-enabled devices from multiple manufacturers can be integrated into the workflow of an enterprise application. This is a practical demo of building a framework and components in HTML/Java/Mobile technologies to serve as a platform that can integrate new devices as they become available on the market.
Oct. 23, 2014 06:15 PM EDT Reads: 1,635
SYS-CON Events announced today that Utimaco will exhibit at SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Utimaco is a leading manufacturer of hardware based security solutions that provide the root of trust to keep cryptographic keys safe, secure critical digital infrastructures and protect high value data assets. Only Utimaco delivers a general-purpose hardware security module (HSM) as a customizable platform to easily integrate into existing software solutions, embed business logic and build s...
Oct. 23, 2014 05:45 PM EDT Reads: 1,616
Connected devices are changing the way we go about our everyday life, from wearables to driverless cars, to smart grids and entire industries revolutionizing business opportunities through smart objects, capable of two-way communication. But what happens when objects are given an IP-address, and we rely on that connection, sometimes with our lives? How do we secure those vast data infrastructures and safe-keep the privacy of sensitive information? This session will outline how each and every connected device can uphold a core root of trust via a unique cryptographic signature – a “bir...
Oct. 23, 2014 05:00 PM EDT Reads: 1,518
Internet of @ThingsExpo Silicon Valley announced on Thursday its first 12 all-star speakers and sessions for its upcoming event, which will take place November 4-6, 2014, at the Santa Clara Convention Center in California. @ThingsExpo, the first and largest IoT event in the world, debuted at the Javits Center in New York City in June 10-12, 2014 with over 6,000 delegates attending the conference. Among the first 12 announced world class speakers, IBM will present two highly popular IoT sessions, which will take place November 4-6, 2014 at the Santa Clara Convention Center in Santa Clara, Calif...
Oct. 23, 2014 01:00 PM EDT Reads: 1,679
Almost everyone sees the potential of Internet of Things but how can businesses truly unlock that potential. The key will be in the ability to discover business insight in the midst of an ocean of Big Data generated from billions of embedded devices via Systems of Discover. Businesses will also need to ensure that they can sustain that insight by leveraging the cloud for global reach, scale and elasticity.
Oct. 22, 2014 09:00 PM EDT Reads: 1,545
WebRTC defines no default signaling protocol, causing fragmentation between WebRTC silos. SIP and XMPP provide possibilities, but come with considerable complexity and are not designed for use in a web environment. In his session at Internet of @ThingsExpo, Matthew Hodgson, technical co-founder of the Matrix.org, will discuss how Matrix is a new non-profit Open Source Project that defines both a new HTTP-based standard for VoIP & IM signaling and provides reference implementations.
Oct. 22, 2014 01:15 PM EDT Reads: 1,634
SUNNYVALE, Calif., Oct. 20, 2014 /PRNewswire/ -- Spansion Inc. (NYSE: CODE), a global leader in embedded systems, today added 96 new products to the Spansion® FM4 Family of flexible microcontrollers (MCUs). Based on the ARM® Cortex®-M4F core, the new MCUs boast a 200 MHz operating frequency and support a diverse set of on-chip peripherals for enhanced human machine interfaces (HMIs) and machine-to-machine (M2M) communications. The rich set of periphera...
Oct. 21, 2014 08:30 PM EDT Reads: 1,686
SYS-CON Events announced today that Aria Systems, the recurring revenue expert, has been named "Bronze Sponsor" of SYS-CON's 15th International Cloud Expo®, which will take place on November 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Aria Systems helps leading businesses connect their customers with the products and services they love. Industry leaders like Pitney Bowes, Experian, AAA NCNU, VMware, HootSuite and many others choose Aria to power their recurring revenue business and deliver exceptional experiences to their customers.
Oct. 21, 2014 06:00 PM EDT Reads: 1,605
The Internet of Things (IoT) is going to require a new way of thinking and of developing software for speed, security and innovation. This requires IT leaders to balance business as usual while anticipating for the next market and technology trends. Cloud provides the right IT asset portfolio to help today’s IT leaders manage the old and prepare for the new. Today the cloud conversation is evolving from private and public to hybrid. This session will provide use cases and insights to reinforce the value of the network in helping organizations to maximize their company’s cloud experience.
Oct. 21, 2014 05:15 PM EDT Reads: 1,679
The Internet of Things (IoT) is making everything it touches smarter – smart devices, smart cars and smart cities. And lucky us, we’re just beginning to reap the benefits as we work toward a networked society. However, this technology-driven innovation is impacting more than just individuals. The IoT has an environmental impact as well, which brings us to the theme of this month’s #IoTuesday Twitter chat. The ability to remove inefficiencies through connected objects is driving change throughout every sector, including waste management. BigBelly Solar, located just outside of Boston, is trans...
Oct. 21, 2014 09:00 AM EDT Reads: 1,849
Oct. 20, 2014 11:45 PM EDT Reads: 1,546