Industry Hot News (6797)
Fully 95 percent of cloud services in use in the average enterprise aren't enterprise-ready, according to the January 2017 Netskope Cloud Report.
Specifically, 82 percent of cloud services don't encrypt data at rest, 66 percent don't specify in their terms of service that the customer owns the data, and 42 percent don't allow admins to enforce password controls.
An average of 1,031 cloud services are now in use per enterprise, up from 977 in the previous quarter.
In 2014, I collaborated with EY to develop Russia’s first risk management business game. It was great fun, and as a result, we created a pretty sophisticated business simulation.
Participants were split into teams of 10, each person receiving a game card that describes their role (CEO, CFO, risk manager, internal auditor, etc.). At the start of the game, teams must choose one of four industry sectors (telecom, oil and gas, energy or retail) and name their company. The game consists of four rounds, and in each round, teams must make risk-based decisions. Each decision has a cost associated with it and a number of possible outcomes. Teams must analyze and document the risks inherent in each decision they make. The riskier the decision, the higher the probability of adverse outcome. At the end of each round, computer simulation model chooses a scenario and the outcome is announced to each team. Each decision has consequences, and the outcome may either make money for the business or lose money.
The aim of the game is to increase the company valuation by properly weighing risks and making balanced business decisions. The winning team is the one that increases its company’s value the most after four rounds.
Despite the redundancy and resilience the enterprise has gained from virtualization and cloud computing, disaster recovery remains one of the most overlooked functions on the IT to-do list.
In many cases, organizations have established backup and recovery services for their primary applications, but without constant care and attention to the processes behind B&R, and the way they are affected by constantly evolving data loads and architectures, the reliability of these services is questionable at best. In the digital economy, it’s not enough to recover – you must recover quickly and thoroughly.
According to recent research from cloud recovery specialist Asigra, the typical enterprise recovers less than 5 percent of its data during the restore process, most of it from file systems. Most data recovery requests are the result of ransomware attacks and losses from cloud-based platforms like Office 365 and Salesforce, and more than half of all requests across multiple industry verticals are for previous generations of data. Only about 13 percent of recovered data was lost due to user error or accidental deletion. What this shows is that while only a small portion of data is typically needed to get applications and services up and running, many organizations still pay a premium for 100 percent backup of their online data.
Cloud-based security continues to emerge as a key growth area. The main reasons for this growth is due to the overall ease of deployment and strong expertise of cloud security teams, and the reduction in investment in hardware/infrastructure required to support the business. Businesses are no longer required to maintain equipment onsite that need a specialist to operate and maintain.
Cloud-based security solutions lower the operating cost because there is less need for upgrading software, monitoring and documenting software security activities. The cost of hardware and software is increasing dramatically which makes cloud-based security an attractive option for companies of all sizes.
According to PWC’s Key findings from The Global State of Information Security® Survey 2016, 79% said they use cloud-based cybersecurity services like real-time monitoring and analytics, advanced authentication, identity and access management. This survey included input from more than 10,000 IT professionals from around the globe.
With 2017 already underway, it’s a good time to look at what we think will be major drivers in the mass notification system market. One recent report estimates this market is to grow from $4.16 billion in 2016 to more than $9 billion by 2021. It appears the focus will be on business continuity strategies and IP-based notification devices. Let’s break those down a bit.
When an emergency happens, its ripple effect can extend beyond the initial incident to produce plenty of collateral damage. Any interruption in service and/or operations will directly impact the bottom line as well as customer satisfaction, brand reputation, and other less concrete but equally important metrics. Companies can spend millions of dollars to recover and continue operating as quickly as possible, from repairs and rebuilding to marketing and PR strategies.
As more companies fear the worst, which would be prolonged or complete organizational shutdowns, they are getting smarter about their emergency response plans. In today’s 24×7 news and social media, one misstep can lead to irreparable damage. Consumers expect a rapid response, one that balances the potential personal loss of its key stakeholders (employees/customer/supplier/partner base) and community with recovery strategies to get the business up and running. Consumers’ patience is fragile.
According to most experts, 2.5 quintillion bytes of data are being created each day, and 90% of the data that exists in the world today has been created in the last two years alone. By the year 2020, it is estimated that 1.7 megabytes of new information will be created every second for every human being on the planet.
More data brings more opportunities to businesses, but it brings new challenges with it, too. A specific challenge that many organizations are facing is safely storing and backing up the unprecedented amounts of data that they are finding themselves in charge of. Research shows that 60% of companies that improperly manage their data and lose it to a disaster will shut down within six months of the event. The importance of a proper disaster recovery plan is more critical than it ever has been before.
Here are six shocking statistics you may not know about Disaster Recovery. They might make you rethink the necessity of having a proven, tested plan in place should something go wrong.
2016 Cyber breach: likely the greatest threat of our lifetime. Kaspersky Lab has released a summary of the major incidents of 2016 and has looked forward into 2017 as to what may happen.
In 2016, the world’s biggest cyber threats were related to three things:
- Desire to disrupt.
The notable threats included the underground trade of tens of thousands of compromised server credentials, hijacked ATM systems, ransomware and mobile banking malware – as well as targeted cyber-espionage attacks and the hacking and dumping of sensitive data. These trends, their impact and the supporting data are covered in the annual Kaspersky Security Bulletin Review and Statistics reports.
A survey of more than 1,200 risk managers and corporate insurance experts in over 50 countries identified business interruption as the top concern for 2017. According to the sixth annual Allianz Risk Barometer of top business risks, this is the fifth successive year that business interruption has been seen as the biggest risk.
To build any cybersecurity program, you need buy-in at the highest levels. Your C-suite and the board of directors all need to be on board for a successful cyber-program initiative. But how do you get their attention?
The key to getting and keeping the attention of those at the highest levels is to provide just the right amount of information in a clear, concise, educational format that ties directly to the business objectives.
Before asking for funding for your program, it’s important you show your executives the risk to the organization of not providing the funding. What damage to reputation or brand will occur if the company’s name is in the headlines due to a data breach? The old adage, “all publicity is good publicity,” is no longer true in the era of hacking, malware, ransomware and other cybersecurity threats.