|
Top Stories
Equifax Is an Enron Moment, But Not the Way You May Think
Enron changed how U.S. public companies audit and report their financial
data. There is also an opportunity to use the Equifax data breach to create a
framework for better protection of our data in future.
The credit reporting agency reported one of the largest data breaches in the
history. Hackers were able to steal sensitive information from its internal
servers. The stolen data include name, Social Security Number (SSN), date of
birth, and also credit card numbers and driver license numbers in some cases.
A massive breach like this can haunt the victims for years to come.
What makes this specific breach even more damaging is the type of the stolen
data. If someone steals your credit card number, you call your bank and get a
new card hopefully before the hacker is able to make use of the stolen card.
But, if... (more)
For health organizations, breaches are a constant threat, due to the high
value of healthcare data - Social Security Numbers, treatment records, credit
information, and other sensitive personally identifiable information (PII).
And the cost of a breach to a health system or hospital can be devastating.
And the health care industry has seen its share of breaches in the past
quarter alone. For example, the National Health Service in England and
Scotland was hit by a Wanna Decryptor ransomware attack affecting at least 16
of its organizations. Within two days 150 countries were affected. Also last
quarter, up to millions of patient records at Bronx-Lebanon Hospital Center
in New York stored on a backup system managed by iHealth Innovations were
exposed to a data breach.
Despite all the focus on preventing protected health information (PHI) theft
and thwarting the next ... (more)
Every time there’s a notable cybersecurity breach, someone (even me) writes
a comprehensive primer on the proper way to create “secure” passwords.
Lather, rinse, repeat. Until a few years ago, everyone (including me) based
their password advice on a 2003 paper from the National Institute of
Standards and Technology (NIST), with the catchy title “NIST Special
Publication 800-63.” The paper recommended that passwords be cryptic,
contain special characters, and be as close to nonsense as possible.
I was in a camp I called “How to Make a Cryptic Password You Can Easily
Remember.” The short version was this: take a phrase you know, such as a
favorite quote from a movie, and use the first letter of each word. For
example, Sheriff Brody’s famous line from Jaws, “I think we’re gonna
need a bigger boat,” becomes 1twgn@bb. The trick was using Leet (a
technique where letters ... (more)
With 2017 crossing the half way point, let’s look at some technology trends
thus far.
Breaches: Many personal records are half empty due to the continued rash of
intrusions while the crooks are half full of our personal information along
with some ransom payments. According to the Identity Theft Resource Center
(ITRC), there have been 7,689 breaches since 2005 (when they started
tracking) compromising – get this – 900,315,392 records. Almost 3 times
the U.S. population. In 2016, 56% of all Data Breaches began with a user
clicking on a phishing email. The big story for 2017 I think, is the rise of
ransomware. Kaspersky reports a 250% increase in ransomware for the first few
months of 2017. From WannaCry to Petya to Fusob, criminals are holding
systems hostage until a ransom is paid…or not. Ransomware seems to be this
year’s big trend with backups saving some from to... (more)
API Security has finally entered our security zeitgeist. OWASP Top 10 2017 -
RC1 recognized API Security as a first class citizen by adding it as number
10, or A-10 on its list of web application vulnerabilities. We believe this
is just the start. The attack surface area offered by API is orders or
magnitude larger than any other attack surface area. Consider the fact the
APIs expose cloud services, internal databases, application and even legacy
mainframes over the internet. What could go wrong?
API Security has been added to OWASP Top 10 2017 - RC1. This is a
commendable step taken by the web application security thought leaders and is
a clear indication of where the industry is heading. Security professionals
have all the tools and awareness to fence in applications, databases and
legacy systems through firewalls.
OWASP has served the security professionals well... (more)
Cloud computing is more than servers and storage. In a crisis situation it
can actually be a lifesaver. BlackBerry, in fact, has just become the first
cloud-based crisis communication service to receive a Federal Risk and
Authorization Management Program (FedRAMP) authorization from the United
States Government for its AtHoc Alert and AtHoc Connect services. If you're
not familiar with FedRAMP, it is a US government-wide program that provides a
standardized approach to security assessment, authorization, and continuous
monitoring for cloud products and services. The Blackberry certification was
sponsored by the US Federal Aviation Administration.
While you may not need a US Government certified solution in an emergency,
your organization may really want to consider the benefits of cloud computing
for crisis response. From a communications point of view, companies can... (more)
Download Slide Deck: ▸ Here
Download Slide Deck: ▸ Here
Medical Device Safety in a Connected World
Consumers increasingly expect their electronic "things" to be connected to
smart phones, tablets and the Internet. When that thing happens to be a
medical device, the risks and benefits of connectivity must be carefully
weighed. Once the decision is made that connecting the device is beneficial,
medical device manufacturers must design their products to maintain patient
safety and prevent compromised personal health information in the face of
cybersecurity threats.
Download Slide Deck: ▸ Here
In his session at @ThingsExpo, Clark Fortney, Software Engineer at Battelle,
discussed how designing safe connected medical devices begins with
systematically analyzing cyber threats against desired functionality and
making smart hardware/software architectural choices accordi... (more)
Speaker Bio
Sesh Murthy is the Co-Founder and CTO of Cloud Raxak. Before Cloud Raxak, he
was the Vice President of Cloud Innovation at IBM Global Services. He has 29
years of experience in creating value for customers in cloud and technology
services. His expertise includes cloud architecture and security, management
service automation, strategic outsourcing, software, sales, and distribution.
Download Slide Deck: ▸ Here
Download Slide Deck: ▸ Here
Enabling FinTechs for Success through Business-Driven Cloud Security
FinTechs use the cloud to operate at the speed and scale of digital financial
activity, but are often hindered by the complexity of managing security and
compliance in the cloud.
Download Slide Deck: ▸ Here
In his session at 20th Cloud Expo, Sesh Murthy, co-founder and CTO of Cloud
Raxak, showed how proactive and automated cloud security enables FinTec... (more)
"As we've gone out into the public cloud we've seen that over time we may
have lost a few things - we've lost control, we've given up cost to a certain
extent, and then security, flexibility," explained Steve Conner, VP of Sales
at Cloudistics,in this SYS-CON.tv interview at 20th Cloud Expo, held June
6-8, 2017, at the Javits Center in New York City, NY.
With major technology companies and startups seriously embracing Cloud
strategies, now is the perfect time to attend 21st Cloud Expo, October 31 -
November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14,
2018, at the Javits Center in New York City, NY, and learn what is going on,
contribute to the discussions, and ensure that your enterprise is on the
right path to Digital Transformation.
Track 1. Enterprise Cloud | Cloud-Native
Track 2. Big Data | Analytics
Track 3. Internet of Things | IIoT | S... (more)
A SecDevOps Approach to Cloud Building
As more and more companies are making the shift from on-premises to public
cloud, the standard approach to DevOps is evolving. From encryption,
compliance and regulations like GDPR, security in the cloud has become a hot
topic. Many DevOps-focused companies have hired dedicated staff to fulfill
these requirements, often creating further siloes, complexity and cost. This
session aims to highlight existing DevOps cultural approaches, tooling and
how security can be wrapped in every facet of the build and release cycle and
how to get sales and customer facing resources wrapped in.
In his session at 21st Cloud Expo, Scott Moore, Global Black Belt TSP at
Microsoft, will share real-life experiences working with customers and
explain how focusing on ‘security first' transformed their business from
product ideation to creation.
Spea... (more)
Risk Tree API: Expose Your Vulnerabilities
Vulnerability management is vital for large companies that need to secure
containers across thousands of hosts, but many struggle to understand how
exposed they are when they discover a new high security vulnerability.
In his session at 21st Cloud Expo, John Morello, CTO of Twistlock, will
address this pressing concern by introducing the concept of the
"Vulnerability Risk Tree API," which brings all the data together in a simple
REST endpoint, allowing companies to easily grasp the severity of the
vulnerability. He
will provide attendees with actionable advice related to understanding and
acting on exposure due to new high severity vulnerabilities.
Speaker Bio
John Morello is the CTO of Twistlock, leading the work with strategic
customers and partners and driving the product roadmap. Prior to Twistlock,
John was the CISO ... (more)
@CloudExpo Stories By Pat Romanski  SYS-CON Events announced today that Taica will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
ANSeeN are the measurement electronics maker for X-ray and Gamma-ray and Neutron measurement equipment such as spectrometers, pulse shape analyzer, and CdTe-FPD. For more information, visit http://anseen.com/. Oct. 2, 2017 03:45 PM EDT Reads: 833 | By Elizabeth White  SYS-CON Events announced today that SIGMA Corporation will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
uLaser flow inspection device from the Japanese top share to Global Standard! Then, make the best use of data to flip to next page. For more information, visit http://www.sigma-k.co.jp/en/. Oct. 2, 2017 02:45 PM EDT Reads: 1,356 | By Liz McMillan  SYS-CON Events announced today that Japan External Trade Organization & Six Prefectures of Japan have been named “Pavilion Sponsor” of SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Meet the leading Japanese cloud computing companies from six prefectures of Japan. The Japan External Trade Organization (JETRO) is a non-profit organization that provides business support services to foreign companies... Oct. 2, 2017 01:45 PM EDT Reads: 848 | By Pat Romanski  SYS-CON Events announced today that B2Cloud will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
B2Cloud specializes in IoT devices for preventive and predictive maintenance in any kind of equipment retrieving data like Energy consumption, working time, temperature, humidity, pressure, etc. Oct. 2, 2017 01:30 PM EDT Reads: 1,316 | By Pat Romanski  The dynamic nature of the cloud means that change is a constant when it comes to modern cloud-based infrastructure. Delivering modern applications to end users, therefore, is a constantly shifting challenge. Delivery automation helps IT Ops teams ensure that apps are providing an optimal end user experience over hybrid-cloud and multi-cloud environments, no matter what the current state of the infrastructure is. To employ a delivery automation strategy that reflects your business rules, making r... Oct. 2, 2017 01:13 PM EDT Reads: 256 | By Pat Romanski  SYS-CON Events announced today that NetApp has been named “Bronze Sponsor” of SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
NetApp is the data authority for hybrid cloud. NetApp provides a full range of hybrid cloud data services that simplify management of applications and data across cloud and on-premises environments to accelerate digital transformation. Together with their partners, NetApp em... Oct. 2, 2017 12:30 PM EDT Reads: 1,360 | By Liz McMillan  First generation hyperconverged solutions have taken the data center by storm, rapidly proliferating in pockets everywhere to provide further consolidation of floor space and workloads. These first generation solutions are not without challenges, however.
In his session at 21st Cloud Expo, Wes Talbert, a Principal Architect and results-driven enterprise sales leader at NetApp, will discuss how the HCI solution of tomorrow will integrate with the public cloud to deliver a quality hybrid cloud e... Oct. 2, 2017 12:10 PM EDT Reads: 279 | By Elizabeth White  Microsoft Azure Container Services can be used for container deployment in a variety of ways including support for Orchestrators like Kubernetes, Docker Swarm and Mesos. However, the abstraction for app development that support application self-healing, scaling and so on may not be at the right level. Helm and Draft makes this a lot easier.
In this primarily demo-driven session at @DevOpsSummit at 21st Cloud Expo, Raghavan "Rags" Srinivas, a Cloud Solutions Architect/Evangelist at Microsoft, wi... Oct. 2, 2017 12:00 PM EDT Reads: 782 | By Elizabeth White  In his session at 21st Cloud Expo, Michael Burley, a Senior Business Development Executive in IT Services at NetApp, will describe how NetApp designed a three-year program of work to migrate 25PB of a major telco's enterprise data to a new STaaS platform, and then secured a long-term contract to manage and operate the platform.
This significant program blended the best of NetApp’s solutions and services capabilities to enable this telco’s successful adoption of private cloud storage and launchi... Oct. 2, 2017 11:22 AM EDT Reads: 293 | By Liz McMillan  Join IBM November 1 at 21st Cloud Expo at the Santa Clara Convention Center in Santa Clara, CA, and learn how IBM Watson can bring cognitive services and AI to intelligent, unmanned systems.
Cognitive analysis impacts today’s systems with unparalleled ability that were previously available only to manned, back-end operations. Thanks to cloud processing, IBM Watson can bring cognitive services and AI to intelligent, unmanned systems. Imagine a robot vacuum that becomes your personal assistant th... Oct. 2, 2017 11:15 AM EDT Reads: 1,379 | By Liz McMillan  As businesses evolve, they need technology that is simple to help them succeed today and flexible enough to help them build for tomorrow. Chrome is fit for the workplace of the future — providing a secure, consistent user experience across a range of devices that can be used anywhere.
In her session at 21st Cloud Expo, Vidya Nagarajan, a Senior Product Manager at Google, will take a look at various options as to how ChromeOS can be leveraged to interact with people on the devices, and formats ... Oct. 2, 2017 09:30 AM EDT Reads: 946 | By Pat Romanski  SYS-CON Events announced today that Taica will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Taica manufacturers Alpha-GEL brand silicone components and materials, which maintain outstanding performance over a wide temperature range -40C to +200C. For more information, visit http://www.taica.co.jp/english/. Oct. 2, 2017 09:15 AM EDT Reads: 979 | By Elizabeth White  Many organizations adopt DevOps to reduce cycle times and deliver software faster; some take on DevOps to drive higher quality and better end-user experience; others look to DevOps for a clearer line-of-sight to customers to drive better business impacts. In truth, these three foundations go together.
In this power panel at @DevOpsSummit 21st Cloud Expo, moderated by DevOps Conference Co-Chair Andi Mann, industry experts will discuss how leading organizations build application success from all... Oct. 2, 2017 09:15 AM EDT Reads: 1,432 | By Pat Romanski  The last two years has seen discussions about cloud computing evolve from the public / private / hybrid split to the reality that most enterprises will be creating a complex, multi-cloud strategy. Companies are wary of committing all of their resources to a single cloud, and instead are choosing to spread the risk – and the benefits – of cloud computing across multiple providers and internal infrastructures, as they follow their business needs. Will this approach be successful? How large is the ... Oct. 2, 2017 09:00 AM EDT Reads: 1,516 | By Elizabeth White  SYS-CON Events announced today that Yuasa System will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Yuasa System is introducing a multi-purpose endurance testing system for flexible displays, OLED devices, flexible substrates, flat cables, and films in smartphones, wearables, automobiles, and healthcare. Oct. 2, 2017 08:30 AM EDT Reads: 1,004 | By Elizabeth White  SYS-CON Events announced today that Taica will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
TAZMO technology and development capabilities in the semiconductor and LCD-related manufacturing fields are among the best worldwide. For more information, visit https://www.tazmo.co.jp/en/. Oct. 2, 2017 08:00 AM EDT Reads: 835 | By Liz McMillan  Many companies start their journey to the cloud in the DevOps environment, where software engineers want self-service access to the custom tools and frameworks they need. Machine learning technology can help IT departments keep up with these demands.
In his session at 21st Cloud Expo, Ajay Gulati, Co-Founder, CTO and Board Member at ZeroStack, will discuss the use of machine learning for automating provisioning of DevOps resources, taking the burden off IT teams. Oct. 2, 2017 05:30 AM EDT Reads: 1,200 | By Elizabeth White  Today most companies are adopting or evaluating container technology - Docker in particular - to speed up application deployment, drive down cost, ease management and make application delivery more flexible overall.
As with most new architectures, this dream takes significant work to become a reality. Even when you do get your application componentized enough and packaged properly, there are still challenges for DevOps teams to making the shift to continuous delivery and achieving that reducti... Oct. 2, 2017 12:30 AM EDT Reads: 1,390 | By Elizabeth White  Digital innovation is the next big wave of business transformation based on digital technologies of which IoT and Big Data are key components, For example:
Business boundary innovation is a challenge to excavate third-party business value using IoT and BigData, like Nest
Business structure innovation may propose re-building business structure from scratch, as Uber does in the taxicab industry
The social model innovation is also a big challenge to the new social architecture with the design fr... Oct. 2, 2017 12:00 AM EDT Reads: 4,587 | By Liz McMillan  SYS-CON Events announced today that Cedexis will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Cedexis is the leader in data-driven enterprise global traffic management. Whether optimizing traffic through datacenters, clouds, CDNs, or any combination, Cedexis solutions drive quality and cost-effectiveness. Oct. 1, 2017 10:45 PM EDT Reads: 1,132 |
|
|
|
|