Welcome!

Top Stories

SYS-CON announced today that "Cloud Expo, Inc." has spun out of SYS-CON Events, Inc. as a startup events management company which produces and presents Cloud Expo (TM) events worldwide. Cloud Expo, Inc. launched Cloud Expo (TM) events in 2007, and currently producing Cloud Expo East, Cloud Expo West, Cloud Expo Europe, Cloud Expo Tokyo, Cloud Expo Prague, Cloud Expo Hong Kong, and Cloud Expo Sao Paolo. All Cloud Expo marks and trademarks are registered trademarks of Cloud Expo, Inc. worldwide. Carmen Gonzalez was named CEO of Cloud Expo, Inc. Carmen served as the co-founder, president, and chief operating officer of SYS-CON Media since 1994. In this capacity, Carmen was in charge of SYS-CON's sales and marketing functions. Under her leadership, the company was named by Inc 500 among the fastest-growing 500 privately held companies in North America three years in a... (more)

Cloud Expo New York Speaker Profile: Jill T. Singer – Federal CIO Emeritus

With Cloud Expo New York | 12th Cloud Expo [June 10-13, 2013] starting next Monday, here's a look at one the distinguished individuals in our incredible Speaker Faculty for the technical and strategy sessions at the conference coming up June 10-13 at the Jacob Javits Center in New York City. We have technical and strategy sessions for you all four days dealing with every nook and cranny of Cloud Computing and Big Data, but what of those who are presenting? Who are they, where do they work, what else have they written and/or said about the Cloud that is transforming the world of Enterprise IT, side by side with the exploding use of enterprise Big Data – processed in the Cloud – to drive value for businesses...? 12TH CLOUD EXPO SPEAKER NAME: Jill Tummler Singer TWITTER: @jilltsinger ORGANIZATION: Tummler Singer Associates 12TH CLOUD EXPO SESSION TITLE: Time to Mission @ the... (more)

Safeguarding Management and Security in the Cloud

"One of the greatest challenges to security in the cloud is management," noted David Meizlik, Vice President of Marketing at Dome9 Security, in this exclusive Q&A; with Cloud Expo Conference Chair Jeremy Geelan. "With cloud computing," Meizlik explained, "the infrastructure is owned and maintained by a third party, so you can't just walk down the hall to get to your infrastructure." Cloud Computing Journal: Cloud computing represents the advent of a global computing utility that transcends national boundaries. Is that what makes clouds a challenge from a security point of view? David Meizlik: Globalization is more a challenge from a governance and compliance perspective. The greatest challenge to security in the cloud is that traditional security models don't apply. Take, for example, the firewall. Firewalls were designed to protect the perimeter. The cloud, howeve... (more)

Seven Hot Security Companies to Watch

There’s a rush in security startups looking to tackle everything from identity management to encrypting cloud data. Here are some of the latest companies worth keeping an eye on. OneID Headquarters: San Jose, Calif. Founded: March 2011 Funding: Not disclosed Leader: Steve Kirsch, co-founder and CEO Fun fact: Kirsch is a wealthy serial entrepreneur whose lineup of startups have included Mouse Systems, Frame Technology, Infoseek and other firms. Why we’re following it: This week Kirsch is launching OneID for what he calls the “next-generation PayPal” for digital identities. Kirsch says the basic technology, developed with engineers Jim Fenton, Adam Back and Bobby Beckman, is integrated into websites to let users create their own digital identities and hold payment information securely and use it as a form-filling capability. Kirsch also says the firm in the future int... (more)

Removing the Barriers to Cloud Adoption | @CloudExpo [#Cloud]

Cloud Adoption Trend is Driven by Strategic Imperatives As this year comes to a close, let's take one last look at the most pervasive cloud computing trends -- including increased usage across the different cloud service models, the key business drivers and the impact of agile innovation strategies. Cloud computing adoption has matured, with 69 percent of survey respondents stating that at least a portion of their computing infrastructure is in the cloud. However, 56 percent of companies are still identifying IT operations that could potentially move to the cloud, according to the latest market study by IDG Enterprise. Survey respondents believe that business technology is a game changer, and cloud solutions are providing advantages from increasing IT agility (63 percent), IT innovation (61 percent) and improving the ability to access critical business data and digit... (more)

Insider Security Threats By @Vormetric | @CloudExpo [#Cloud]

What We Talk About When We Talk About Insider Threats What does the term “insider threat” mean to you? It would be fair to assume Edward Snowden might be one of the first names or faces to pop into your head. Snowden was an insider, and he proved to be a threat. He also had malicious intentions. But, you would be shortsighted in thinking that malicious insiders are the biggest risk to your data. While Edward Snowden may be considered the “insider threat” poster child, not all employees have malicious intentions. In fact, it’s likely the vast majority of your employees have completely innocuous intentions (after all, most of us like our paychecks and want to keep them coming!) Counted among those employees, however, are your “privileged users.” Here at Vormetric, we define privileged users as high-level computer operators who often have powerful, privileged access r... (more)

Report: Large companies worried about MS security

(IDG News Service) — A majority of leading information technology (IT) security experts said that the security of Microsoft's products is a top concern, but the company still deserves credit for its efforts to tackle the security problem, according to a report released by Forrester Research. The report, "Can Microsoft Be Secure," surveyed 35 IT security professionals at companies with at least US$1 billion in annual revenue. Respondents were asked their impressions of Microsoft's products. Seventy seven percent of those surveyed experienced Windows security problems in the last year and said that security was their "top concern" when deploying Windows applications, according to Forrester. But that concern didn't stop them from deploying critical applications on Microsoft's platforms. Eighty nine percent of the IT administrators surveyed said that they run sensi... (more)

Wireless Java Security

The need for wireless security is often motivated by the image of a teenage hacker driving by and stealing your data with a mobile scanner. While such sensationalist ideas make good copy, the simple fact is that, wireless or not, serious business applications do not get deployed on the Internet today without security. So if you are thinking of using your cell phone for something other than playing Tetris or downloading the latest Britney Spears ring-tone, you'll need to give some thought to how you might secure access to your business applications. What Is Security? When we speak of "secure communications," what do we actually mean? Essentially, we are trying to ensure that data sent across these connections has the following properties: Confidentiality: Only the legitimate sender and receivers can obtain the content of a message sent across the connection. Integrity... (more)

Build Security into Your Apps from Birth

Security must be established from the moment application coding begins ­ for the simple reason that the cost of fixing a security flaw grows astronomically as the application evolves. A study by IBM's Systems Sciences Institute found that the relative cost of fixing software defects after deployment is nearly 15 times greater than the cost of detecting and eliminating them during development. In order to secure applications while minimizing costs, vendors are calling on developers to take more responsibility for delivering secure applications that are resistant to attack. However, few developers have the training or tools needed to implement security at the inception of development. While learning to write secure code is a complex process that should be taught in universities, internal training seminars, and industry conferences, understanding the following five co... (more)

Layer 7 Launches First Security and Policy Coordination Solution for Web Services

(October 13, 2003) - Layer 7 Technologies has introduced the SecureSpan Solution, the first security and policy coordination technology for Web services. SecureSpan delivers enterprises an end-to-end solution for controlling security and connection policies across Web services enabled software. Traditionally, business integration with Web services required programmers to hard-code security and connection policies. According to industry analysts, hard-coding security and connection policies for Web services this way could represent up to 50 per cent of the total cost of integration. With SecureSpan, organizations can now manage and coordinate security and connection policies without inflexible programming. The SecureSpan Solution is delivered as a series of integrated components for configuring, deploying and auditing security and policy preferences between Web serv... (more)

Steve Ballmer at TechEd: Microsoft Is Putting Security First

What a difference a year makes. Last June, at TechEd 2003 in Dallas, TX, Microsoft announced more new products, versions and updates in any one year in its 29-year history. However at TechEd 2004, the 11,000 people who converged on the huge San Diego Convention Center saw the Redmond giant unveil only a few new software packs and upgrades. That is not to say TechEd is losing popularity with Microsoft developers, IT professionals and information workers. There was a 22% attendee increase from 2003 and Microsoft's flagship event was sold out months ago. Microsoft CEO Steve Ballmer kicked off the week-long geekfest in a keynote speech with the now familiar "Do more with less" theme. The days of corporate IT departments having an open chequebook are long gone and now. High-tech spending is highly scrutinized by senior management everywhere. "In some senses I think this is... (more)

CloudEXPO Stories
CloudEXPO | DevOpsSUMMIT | DXWorldEXPO Silicon Valley 2019 will cover all of these tools, with the most comprehensive program and with 222 rockstar speakers throughout our industry presenting 22 Keynotes and General Sessions, 250 Breakout Sessions along 10 Tracks, as well as our signature Power Panels. Our Expo Floor will bring together the leading global 200 companies throughout the world of Cloud Computing, DevOps, IoT, Smart Cities, FinTech, Digital Transformation, and all they entail. As your enterprise creates a vision and strategy that enables you to create your own unique, long-term success, learning about all the technologies involved is essential. Companies today not only form multi-cloud and hybrid cloud architectures, but create them with built-in cognitive capabilities.
92% of enterprises are using the public cloud today. As a result, simply being in the cloud is no longer enough to remain competitive. The benefit of reduced costs has normalized while the market forces are demanding more innovation at faster release cycles. Enter Cloud Native! Cloud Native enables a microservices driven architecture. The shift from monolithic to microservices yields a lot of benefits - but if not done right - can quickly outweigh the benefits. The effort required in monitoring, tracing, circuit breakers, routing, load balancing, etc. for thousands of microservices can become overwhelming. This talk will address strategies to run & manage microservices from 0 to 60 using Istio and other tools in a cloud native world.
It's clear: serverless is here to stay. The adoption does come with some needed changes, within both application development and operations. That means serverless is also changing the way we leverage public clouds. Truth-be-told, many enterprise IT shops were so happy to get out of the management of physical servers within a data center that many limitations of the existing public IaaS clouds were forgiven. However, now that we've lived a few years with public IaaS clouds, developers and CloudOps pros are giving a huge thumbs down to the constant monitoring of servers, provisioned or not, that's required to support the workloads.
In very short order, the term "Blockchain" has lost an incredible amount of meaning. With too many jumping on the bandwagon, the market is inundated with projects and use cases that miss the real potential of the technology. We have to begin removing Blockchain from the conversation and ground ourselves in the motivating principles of the technology itself; whether it is consumer privacy, data ownership, trust or even participation in the global economy, the world is faced with serious problems that this technology could ultimately help us in at least partially solving. But if we do not unpack what is real and what is not, we can lose sight of the potential.
Serveless Architectures brings the ability to independently scale, deploy and heal based on workloads and move away from monolithic designs. From the front-end, middle-ware and back-end layers, serverless workloads potentially have a larger security risk surface due to the many moving pieces. This talk will focus on key areas to consider for securing end to end, from dev to prod. We will discuss patterns for end to end TLS, session management, scaling to absorb attacks and mitigation techniques.