Fall World 2016

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 29, Issue 3

Full Contents Now Available!

Jon Seals

According to the results of a recent Tripwire survey of more than 220 information security professionals, just 30 percent of respondents said their organizations are prepared for the security risks associated with Internet of Things (IoT) devices, and just 34 percent believe their organizations accurately track the number of IoT devices on their networks.

Still, 47 percent of respondents expect the number of IoT devices on their networks to increase by at least 30 percent in 2017.

"The Internet of Things presents a clear weak spot for an increasing number of information security organizations," Tripwire director of IT security and risk strategy Tim Erlin said in a statement. "As an industry, we need to address the security basics with the growing number of IoT devices in corporate networks."

...

http://www.esecurityplanet.com/network-security/just-30-percent-of-organizations-feel-prepared-for-iot-security-risks.html

The rapid digitization of business is driving a lot of changes in the way wireless and WAN technologies are utilized. The latest Cisco Cloud Index report estimates that the amount of data center traffic in 2014 was 3.5 ZB, which would will triple to reach 10.4 ZB by 2019, while the amount of global traffic crossing the Internet and IP WAN networks is projected to reach 2.0 ZB by 2019.

Traffic from wireless and mobile devices will account for two-thirds of total IP traffic by 2020, and wired devices will account for 34 percent of it. Wired devices accounted for more than half of all IP traffic last year.

Follow that last sentence? Wireless devices are about to eclipse wired devices as the major carrier of IP traffic. This means it’s time to take a hard look at your WAN, how you deploy critical resources, and what you can do to optimize it all.

Your Wide Area Network has become the distributed carrier for critical data points supporting a truly distributed user. Let’s look at some ways you can support a new kind of digital user and how you can better control all of that wireless traffic coming into your data center.

...

http://www.datacenterknowledge.com/archives/2016/08/26/data-center-connectivity-why-your-wan-is-more-critical-than-ever/

(TNS) - Surveying the devastation of centuries-old villages pummeled by a major earthquake in central Italy this week, it’s easy for Californians to think that the more modern buildings here would better survive the shaking.

But seismic experts and structural engineers say there remain many buildings across California that could not withstand the type of magnitude 6.2 temblor that on Wednesday hit Amatrice and other rural villages in the Apennine Mountains that form Italy’s spine.

The structural flaw in those ancient stone homes is not so different from unreinforced brick buildings built in California before 1933, they say. That year, the Long Beach earthquake flattened many structures and left 120 people dead.

...

http://www.emergencymgmt.com/disaster/Destruction-from-Italy-quake-is-a-grave-warning-for-Californias-old-brick-buildings.html

Data is the lifeblood of today’s economy. Whether it’s an in-depth analysis of a customer’s preferences to offer them more personalised deals, or real-time updates on a business’ performance to inform their future direction, there’s almost no part of the modern business that doesn’t rely on digital information to some extent.

But having data is only the start. If firms want to make sure they’re using this successfully, they need to be able to get it to the people who need it most. For many solutions, this means that applications will need to effectively talk to one another, share data seamlessly and deliver instant results.

At the heart of this is application programming interfaces (APIs). You may have heard a lot of talk about these in recent years, and with good reason, as they’re set to become the backbone of many key online services in the coming years. Therefore, if you’re not familiar yet with what these tools can do, you need to learn quickly.

...

http://blog.krollontrack.co.uk/the-world-of-data/5-cool-things-people-have-done-with-data-and-an-api/

Friday, 26 August 2016 00:00

The Case Against Biometrics

Two related pieces of commentary on biometrics may put the security and development community at odds.

The first is that mobile developers like biometrics; an Evans Data study released last month and reported upon this week at eWeek says that developers’ preferred approach to security is biometrics. It was favored in the Evans survey by 36 percent of developer respondents. On-device hardware encryption followed at 25 percent, near field communications (NFC) at 18 percent, and on-device software encryption at 14 percent.

The problem with biometrics is simply that it isn’t seen as the most effective option; the second piece of commentary is in a piece at BetaNews pointing to significant security issues and concerns with the biometrics technique.

...

http://www.itbusinessedge.com/blogs/data-and-telecom/the-case-against-biometrics.html

Microsoft and the FBI in 2013 joined forces to break up a nasty botnet called Citadel that stole more than $500 million from bank accounts in multiple countries. Police forces, tech companies and banking organizations in 80 countries participated in the effort to take down the botnet.

With cybercriminals becoming more sophisticated in how they run their operations, such joint efforts between law enforcement agencies and security researchers will become increasingly necessary, said Jornt van der Wiel, a security researcher with the Global Research and Analysis Team, Kaspersky Lab.

Kaspersky has teamed up with Intel Security, Europol and the Dutch National Police to launch an online portal called No More Ransom that both aims to inform the public about ransomware and to help some ransomware victims recover their data without paying ransoms.

...

http://www.esecurityplanet.com/hackers/tech-vendors-law-enforcement-team-to-take-on-ransomware.html

Spear phishing has become great sport for cyber criminals. It offers a simple but highly effective cyber attack vector that takes advantage of the most vulnerable of prey – humans!

Unlike regular phishing emails, which are sent out in great numbers to victims who have no relationship to each other, spear phishing emails are highly targeted and sent to only a few select victims at a specific organization; for example, select employees working in a particular department at a particular company.

The Federal Bureau of Investigation warned of a dramatic rise of a form of spear phishing known as a “business email compromise” or “CEO imposter” scam. Hackers send emails posing as a company executive – often, a CEO – and ask users to provide sensitive information or initiate wire transfers. The number of victims of CEO phishing scams has risen by 270% since January 2015, totaling $2.3 billion in losses to 17,642 organizations.

...

http://mspmentor.net/msp-mentor/five-ways-prevent-your-organization-being-speared-ceo-phishers

There was a time when having a digital strategy was a sideline, much like installing new office carpeting or designing employee appreciation events. It was a low-priority afterthought — a good, but non-essential business action item.

In today’s digital atmosphere, the integration of technologies and automation is more prevalent. Financial services businesses embed digital technologies into existing channels for a more personalized, timely customer experience. Insurance and banking customers can carry on everyday finance maintenance with less time required and no travel necessary. While the ability to make consumers happy can translate into larger market shares and a competitive edge for financial institutions, the journey does not come without challenges. At the top of that list of challenges is security. Financial services applications are especially hot targets for hacking because highly sensitive personal data is involved.

In a recent Forrester research study* of 134 IT executives in the financial services and insurance industry, more than 50 percent indicated they had had a breach in the past 12 months, with 42% of them having had three or more breaches in the past 12 months. The top three external methods of attack were user interaction, exploitation of vulnerable software, and use of stolen credentials.

Especially when financial services institutions extend their digital business to the Internet of Things, the need for security becomes even more real due to the increased number of potential data breach points. More than 51 percent indicate that IoT is an initiative that concerns them. The top two initiatives noted were external hackers and privacy violations*.

...

https://www.citrix.com/blogs/2016/08/25/the-security-implications-of-digital-finance-business/

(TNS) - Lots of flood insurance prices are being tossed around since high water overwhelmed tens of thousands of properties and their owners across south Louisiana.

The cost varies depending on location, but in low- to moderate-risk areas about $450 a year buys coverage for $250,000 worth of damage on a person’s primary residence and $100,000 worth of contents, said Terri Forsman, flood-risk coordinator for Louisiana Companies in Baton Rouge. The policies also carry two deductibles, $1,250 for the structure and $1,250 for contents.

"Everybody's in a flood zone. If it rains where you live, you're in a flood zone,” Forsman said. “The difference is if you're in a preferred-risk zone, which everybody is calling a no-flood zone ... it just means you're less likely to flood. If you're in a high-risk zone, you're more likely to flood.”

...

http://www.emergencymgmt.com/disaster/Costly-misconception-Insurance-rates-can-vary-greatly-but-everybodys-in-a-flood-zone.html

The way people research and make purchase decisions has changed drastically during the past few years.

Just look at what’s happening in the retail industry: online shopping is decimating iconic brands that have thrived for decades. It’s all about an empowered buyer getting exactly what they want, when they want on their terms.

And it’s not just the disruption of traditional retailing. iTunes transformed the music industry. Netflix has effectively made the video rental store industry irrelevant. SiriusXM Radio is redefining broadcast media. The Internet of Things (IOT) and artificial intelligence (AI) are almost certain to accelerate this kind of disruption.

Closer to the data center industry, in particular on the cloud side, there’s enormous pressure on many smaller providers coming from Amazon, Microsoft, and IBM.

...

http://www.datacenterknowledge.com/archives/2016/08/25/your-data-center-brand-is-no-longer-what-you-say-it-is/

Page 1 of 1080