CIO — The obsolescence of enterprise security was at the core of McAfee's talk this week at the RSA Conference in San Francisco. The Target breach clearly showcased that you simply can't secure a company by trying to prevent unauthorized access, malware or any other internal or external security breach.
You have to step back and recognize that someone is going to break in and you must therefore focus on catching them before they can do any damage. This is a very different approach to security, and the lessons apply to both home and business and both electronic and physical security approaches. As an older woman who lives near me discovered this week when armed men pushed into her house and stole her safe, a perimeter approach to security is no longer adequate.
McAfee's presentation was so compelling it actually held my wife's interest because she could see how the lessons learned could be applied more broadly to personal defense.
McAfee argued it is in a war-like arms race, and its lead offering, which I spoke about last week (Threat Intelligence Exchange), is only the start of the first battle.
For a variety of reasons, backup and recovery over the years has not only become more complex, it’s become a lot more expensive. With the addition of multiple types of new platforms across the enterprise, backup and recovery offerings for each platform have proliferated.
Acronis wants to simplify backup and recovery with the release this week of backup and recovery software based on what the company dubs AnyData technologythat not only supports any platform, but also includes universal restore, de-duplication, and application support as part of the base offering. As an extension of that capability, Acronis this week also announced Acronis Backup-as-a-Service, a cloud-based backup and recovery service based on the company’s AnyData technology that the company’s partners can deliver via a variety of cloud service providers that Acronis has partnered with to create the service.
New high-sulfur fuel capability enables OEMs and operators to utilize leading-edge MTU engine technology in markets where ultra-low sulfur fuel is not available
NOVI, Mich., March 3, 2014 – As part of its continuous effort to provide the most advanced off-highway diesel engine technology to original equipment manufacturers (OEMs) and customers around the world, Rolls-Royce Power Systems has announced a new high-sulfur fuel capability for its family of MTU industrial engines.
MTU’s new Sulfur Tolerance Solution will be available in mid-2014 for Tier 4 interim MTU Series 900, 500 and 460 engines, followed by MTU’s complete lineup of Tier 4-final certified Series 1000 – 1500 engines in the future. This new solution will enable OEMs to utilize the latest MTU engine technology in countries where ultra-low sulfur diesel (ULSD) fuel is not available, and will also protect MTU engines from harmful effects of high sulfur fuel.
“The MTU Sulfur Tolerance Solution is designed to provide more than just our proven reliability and durability to OEMs and equipment operators,” said Bernd Krueper, vice-president of global industrial sales, MTU Friedrichshafen. “This new capability will also simplify design, ordering and installation processes for OEMs and repower customers around the world.”
About MTU America Inc.
MTU America Inc. based in Novi, Michigan, is the American regional headquarters of Rolls-Royce Power Systems AG. It is responsible for the manufacture, development, sales and service of MTU and MTU Onsite Energy branded products in North and Latin America. Production facilities are located in Aiken, South Carolina and Mankato, Minnesota.
Rolls-Royce Power Systems AG, based in Friedrichshafen, Germany, is a world-leading provider of high- and medium-speed diesel and gas engines, drive systems, distributed energy systems and fuel injection systems for the most demanding requirements. The product portfolio includes MTU-branded high-speed engines and drive systems for ships, heavy land, rail and defense vehicles and for the oil and gas industry. Under the MTU Onsite Energy brand, the company sells diesel and gas-based power system solutions: from mission-critical to standby power to continuous power, heating and cooling. The Norwegian subsidiary Bergen Engines AS manufactures medium-speed engines for ships and power plants. L'Orange completes the portfolio with injection systems for large engines.
Rolls-Royce plc and Daimler AG each has a 50 percent shareholding in the company via a joint venture–Rolls-Royce Power Systems Holding GmbH. The company, which employs over 10,000 people, has been fully consolidated in the results of Rolls-Royce plc since January 2013. www.mtu-online.com
Enhanced transformation technology creates VMware vCenter integration hub for hybrid networking management; expands capabilities of data protection policy engine
Santa Clara, Calif. – HotLink® Corporation, the market leader in transformation solutions for hybrid virtualization management, today announced the addition of HotLink CIMple™ software-defined networking (SDN) to its HotLink DR Express™ technology. CIMple SDN enables easier testing, greater automation and faster operational recovery in Amazon Web Services (AWS) following a failure in on-premise VMware data centers. Additionally, the new HotLink DR Express features enhanced backup retention and scheduling policies, as well as support for VMware vCenter and vSphere 5.5.
The award-winning HotLink DR Express is the only solution to enable low-cost, comprehensive VMware data protection by leveraging AWS for backup, replication, disaster recovery (DR) and business continuity (BC), using VMware vCenter as the single point of administration and management. Within minutes of a failure, VMware virtual machines (VMs) can be transformed and fully operational in Amazon EC2, with AWS workloads managed side-by-side with on-premise vSphere VMs inside VMware vCenter.
The new release extends VMware vCenter capabilities to include hybrid SDN, so on- and off-premise networking can be seamlessly and holistically managed and pre-configured with VMware vCenter as the integration hub. By automatically discovering, transforming and mirroring on-premise network configurations in AWS, the new HotLink DR Express removes the complexity and labor-intensive nature of managing hybrid DR networking, maintains networking consistency across application tiers in a recovery, and enables easy DR testing without disturbing production operations. The most important benefit is that with pre-configured, automated network provisioning in AWS, VMware workloads can be accurately and automatically restored in Amazon EC2 in minutes, so operations are minimally disrupted following an on-premise failure.
“Businesses are accelerating their public cloud spending, with data backup and disaster recovery being some of the top IaaS usage scenarios. By enabling VMware shops to leverage Amazon Web Services for business continuity, HotLink is filling in the missing link (integrated management) that really makes BC/DR achievable – from a technical and a financial perspective. HotLink’s solution appears to be as elegant as it is powerful, which makes it a solution worth investigating as part of modernizing your data protection strategy,” said Jason Buffington, senior analyst for data protection at Enterprise Strategy Group.
Many CIOs and IT managers live in a continuous state of fear that their infrastructure will fail because the process of testing backup and business continuity plans is time consuming, resource intensive and rarely done effectively. When a failure occurs – whether it is hardware failure, software bug or security breach – it can take days or weeks for IT to reconfigure the infrastructure and restore normal operations from backup. HotLink DR Express democratizes DR/BC and makes it affordable for every VMware workload by leveraging AWS as the VMware mirror site.
“Disaster recovery and business continuity are essential for our business, but the cost of a secondary data center using a colocation provider was prohibitive,” said Scott McGillivray, VP director of Information Technology at Seattle Bank. “HotLink DR Express lets us benefit from the attractive economics of Amazon to ensure that our VMware operations continue uninterrupted, and at only a fraction of the infrastructure and personnel cost of industry alternatives.”
Features of the new HotLink DR Express include:
- HotLink CIMple SDN: Hybrid networks spanning VMware and AWS are intuitively administered and managed in VMware vCenter. Auto-discovery, AWS transformation, granular per-VM configurations and pre-configuration of test and production DR networks enable easy setup and testing ¾ with recovery in minutes in Amazon EC2.
- Enhanced retention policies: HotLink DR Express offers configurable consolidation options for restore points, which enables faster recovery in a failure scenario, reduced storage requirements in AWS and assistance with compliance efforts regarding discovery policies.
- Improved backup scheduling: Enhanced VM protection scheduling allows for off-cycle or non-recurring VM backups to accommodate events such as planned upgrades, security breaches or other periodic activity.
- Support of VMware vCenter and vSphere 5.5: As companies evaluate and migrate from prior VMware versions, HotLink DR Express now readily supports the new VMware environments.
Lynn LeBlanc, CEO and founder of HotLink, said, “Not only does HotLink make DR/BC accessible to cost-sensitive environments, we enable testing and implementing DR/BC plans to be as intuitive as day-to-day operations by seamlessly leveraging VMware vCenter management infrastructure. Our new release takes this ease-of-use even further by automating hybrid networking for the fastest possible recovery following any type of failure, whether it’s a large disaster or everyday hardware failure.”
The new version of HotLink DR Express is available on February 28 with subscription pricing at $300 per VM per year.
- Review data sheet: http://www.hotlink.com/resources/DR_Express_DS.pdf
- Register for webinar: http://www.hotlink.com/news/event.php
- Request demo or price quote: http://www.hotlink.com/contact/
About HotLink Corporation
HotLink is on a mission to dramatically simplify IT management complexity with the first-ever transformation technology for heterogeneous and hybrid computing infrastructure. HotLink’s customers include organizations spanning technology, financial services, e-commerce, manufacturing, cloud service providers, education, telecommunications and more. HotLink’s advisory board includes visionary leaders from Facebook, E*TRADE, Equinix, AstraZenca, Electronic Arts, Clorox, Citrix and BMC. The company’s patented transformation technology has received many industry accolades, including: Winner of 2013 Best of VMworld awards in Public and Hybrid Cloud Computing, and Storage and Backup; 2012 VMworld Best of Show and Top Virtualization Management; Virtualization Review’s 2013 Best Cloud Application; Gartner Cool Vendor 2013 and Network World Companies to Watch 2013. HotLink is a privately held, venture capital-backed company based in Santa Clara, Calif. For more information, visit www.hotlink.com or connect with us on Facebook, Twitter or LinkedIn.
Annie Searle & Associates LLC (also known as ASA Risk Consultants) has just published Reflections on Risk II (ISBN 978-0-9839347-6-9) two years after the first volume was issued.
There are a total of 14 authors for the 26 research notes to be found in the new volume. The volume is edited by former ASA research associate Emily Oxenford, who organized the research into the following chapters: Critical Infrastructure, Privacy, Finance, Data Security, Building Resiliency in the IT Sector, and Policies and Governance.
Links to the book are available both on Searle’s Advice From A Risk Detective blog, and at amazon.com. The series is designed to be readable by senior executives as well as subject matter experts. “As they leave the university and become part of a new generation of practitioners, I expect [the authors] to begin to reshape public and private sector understandings of risk frameworks, ethics, policy, strategy and opportunity,” said Searle.
UW senior lecturer Mike Crandall says that the new volume provides “a glimpse into the minds that will be shaping our future” and “continue the tradition of bringing critical issues facing our society to the forefront through a careful combination of education, collaboration and inspiration.” Victoria Tozer-Pennington, editor of The Risk Universe magazine suggests that “the sheer range of current operational risk issues addressed in this book makes it required reading for all risk managers.” The authors of the Reflections on Risk II volume are current members or alumni of the Master of Science in Information Management (MSIM) program at the University of Washington Information School, where Searle is an affiliate faculty member: Daniel Arnaudo, Swati Chaturvedi, Andrew Hansen, Delbert Hazeley, Abbas Khambati, Ilya Krivulin, Devin Luco, Jess Mauer, Suzann Parker, Chitra Raman, Rashmi Shekhar, Rajesh Subramanian, Travis J. Warren, and Divya Yadav.
The first volume in the Reflections on Risk series was published in 2012 and includes 21 research notes. In addition to these two volumes from Tautegory Press, Searle has published both a first and second edition of Advice From A Risk Detective. More about the three publications can be found in the “Books” section of as well as on the www.advicefromariskdetective.com blog.
New Liebert® CRV Model Provides All the Cooling Capacity in Half the Space
COLUMBUS, Ohio – Emerson Network Power, a business of Emerson (NYSE: EMR) and a global leader in maximizing availability, capacity and efficiency of critical infrastructure, today introduced the Liebert® CRV row-based cooling system in a smaller, 12-inch (300mm) footprint. The new Liebert CRV delivers superior efficiency with industry leading capacity per square foot to support small data centers and network closet applications. The compact cooling unit is available now for applications in North America.
The new Liebert CRV model is an air-cooled, direct expansion (DX) unit with a nominal cooling capacity of 19.6 kW. It offers double the footprint capacity of the standard air-cooled row-based system, and fits seamlessly within a row of racks to deliver energy efficient, high capacity cooling close to the server heat source. The Liebert CRV contains a digital scroll compressor and variable speed fans, managed by Liebert iCOM™ technology, to deliver capacity-matched operation and enhanced efficiency. The digital scroll compressor features modulation to match changing cooling demand without cycling on and off, while reducing energy consumption. Five variable speed fans regulate airflow and reduce the fan input power based on the IT load, using up to 50 percent less power than centrifugal fans or two-stage fans that are typical in these applications.
“With the industry’s highest delivered row-based efficiency and most advanced control and performance, the Liebert CRV is an ideal solution for data center managers looking to reduce energy consumption and optimize operating conditions for IT equipment,” said John Schneider, vice president and general manager, thermal management, Emerson Network Power. “The new 300mm DX version of the Liebert CRV product line allows data centers to have a high capacity and high energy efficiency row-based cooling system in just half the footprint of a standard row-based system.”
The integrated Liebert iCOM control system adds intelligent control capabilities that allow the unit to adapt quickly to changing environmental conditions. It provides advanced control and monitoring capabilities that allow up to 32 cooling units to work together as a single system to precisely control temperature and humidity across a room while optimizing the efficiency of the entire cooling system. The system utilizes up to 20 rack sensors per unit to monitor conditions, including variations in temperature and humidity for up to 10 racks, and smoothly adjusts the cooling output to match the conditions.
Designed for hot-aisle/cold-aisle configuration, the Liebert CRV can be installed in data center or network environments with raised or non-raised floors. Two Liebert IntelliSlot communication card slots allow easy plug-in for multiple modes of communication and control. It is compatible with Emerson Network Power’s data center infrastructure management (DCIM) system, the Trellis™ platform, as well as the Liebert Nform and Liebert SiteScan™ monitoring and reporting systems.
For more information on the Liebert CRV cooling system, or other Liebert technologies and services from Emerson Network Power, visit www.Liebert.com.
About Emerson Network Power
Emerson Network Power, a business of Emerson (NYSE: EMR), delivers software, hardware and services that maximize availability, capacity and efficiency for data centers, healthcare and industrial facilities. A trusted industry leader in smart infrastructure technologies, Emerson Network Power provides innovative data center infrastructure management solutions that bridge the gap between IT and facility management and deliver efficiency and uncompromised availability regardless of capacity demands. Our solutions are supported globally by local Emerson Network Power service technicians. Learn more about Emerson Network Power products and services at www.EmersonNetworkPower.com.
Emerson (NYSE: EMR), based in St. Louis, Missouri (USA), is a global leader in bringing technology and engineering together to provide innovative solutions for customers in industrial, commercial, and consumer markets around the world. The company is comprised of five business segments: Process Management, Industrial Automation, Network Power, Climate Technologies, and Commercial & Residential Solutions. Sales in fiscal 2013 were $24.7 billion. For more information, visit www.Emerson.com.
Managing third-party suppliers presents significant compliance challenges that often span an organization, raising legal, insurance, human resources and technology concerns, to name just a few. Corporations will continue to wrestle with these risks in the year ahead, but the convergence of external threats, abundance of valuable corporate data and the current regulatory environment has highlighted the importance of corporate cybersecurity practices. Cybersecurity is perhaps one of the hottest topics being discussed in boardrooms today. The Cybersecurity Framework, anticipated legislation and litany of high-profile data breaches have resulted in even more heightened scrutiny.
The landscape for corporate cybersecurity is rapidly changing and outsourced services, including IT and business process services, all stand to be impacted. Corporate stakeholders, particularly in the legal, information security and information technology departments, should be keenly focused on the current cybersecurity climate and the state of cybersecurity across third-party outsourcing agreements.
Findings from the eighth annual survey of chief audit executives in power and utilities, January 2014
How Utility IA Organizations Plan to Bolster Their Relevance and Response to Risks
Utilities are navigating dramatic and pronounced change. Demand management, smart grids, big data, shifting regulatory needs and growing capital investments are forcing utilities to change how they manage their businesses. At the same time, the growth of distributed generation, new sources of fossil fuel and the advent of shale gas and tight oil supplies are changing the industry’s economics and demanding new strategies. Utility company internal audit (IA) groups are pivotal to their company’s ability to navigate the risks inherent in these pervasive changes.
However, PwC’s eighth annual survey of Power and Utilities Chief Audit Executives (CAEs) found that IA groups are facing significant challenges in maintaining a central role. For example, respondents fear their groups won’t have the required skills to keep pace with a growing portfolio of capital projects, increasing regulatory complexity and new technologies. In addition, CAEs feel there is an opportunity to achieve closer alignment with the expectations of their stakeholders—from the critical risks that should be IA’s focus to advanced technologies that strengthen IA’s efficiency and efficacy.
I am currently studying Medieval England including the reign of Alfred the Great. As you might expect with someone monikered as ‘The Great’ he is certainly considered right up there with the greatest Kings of England. Not only did he largely drive out the Viking invaders from his country but he also set the stage for the unification of England under one crown, for the first time since the days of Roman Britain under the Caesars. One of the innovations he developed was fortified towns, called burgs, from which to resist Viking raids and incursion. But more than simply walled cities for defense, within these fortified towns was a wide road running down the middle of the town called the ‘High Street’ and a street situated next to the town’s walls appropriately called ‘Wall Street’. These streets were wider than the others in the town to facilitate the movement of troops in the time of crisis, such as a Viking raid. In other words, Alfred evaluated the risk to his kingdom and put multiple layers of steps into place to manage those risks.
In the Foreign Corrupt Practices Act (FCPA) compliance world, one of the key components that the Department of Justice (DOJ) wants to see is a risk assessment and a company managing its risks, based upon said risk assessment. One company’s response to a risk or set of risks does not necessarily mean that another company must follow it. The DOJ’s Ten Hallmarks of an Effective Compliance Program are broad enough to allow companies to manage their own risks, hopefully effectively. I thought about this concept when I was listening to a presentation by Flora Francis and Andrew Baird of GE Oil & Gas at the 2014 SCCE Utility and Energy Conference in Houston this week on GE’s third party risk management. First of all, if you have the chance to hear a couple of nuts and bolts compliance practitioners from GE like these two speak, run, don’t walk, to their presentation. GE’s commitment to compliance is well known but also the company’s willingness to share about their compliance program is a great boon to the compliance community. Lastly, is the gold-standard nature of the GE compliance program and while it may be more than your company needs to manage their own risks, the GE compliance regime does shine a light that we can all aspire to in our own compliance programs.
Despite the publicity given to Big Data and (to a lesser extent) the Internet of Things, their practical advantage has yet to be clarified. It’s difficult to think of them in terms of business continuity when they don’t influence the fortunes of an enterprise; unless you count the negative impact of money spent investigating them. A few companies cite gains in marketing effectiveness for example by analysing huge amounts of online data from customer interactions, but Big Data is not mainstream – or not yet. Similarly, the Internet of Things in which phones, PCs, cars, fridges and more are all web-enabled is a conversation starter rather than a reality. Things would change if either one acquired a killer app.