All posts in Newsletter

Opening Keynote Presentation by Tom Burns, SVP, Dell EMC Networking and Solutions Continual Innovation Through Continual Reinvention The second day opened with a keynote speech from DellEMC’s head of networking, Tom Burns. He talked about how enterprises are undertaking a digital transformation, prompting continual innovation from the IT industry. For him, the future means machine learning, AI, billions of connected devices, robotics, IoT, it all means heavy disruption. As a proof point, he said Microsoft says 15% of its AzureStack traffic is IoT-related. The IT transformation means infrastructure needs to run both traditional and cloud-ready apps, while workforce transformation sees multiple devices per individual, and in future the office won’t Read more

The first day opened with a keynote from Prof. David Cheriton, of Stanford University. Also an entrepreneur and investor, he started by describing his investment history. He said he’s been lucky. Among his investments is Apstra, where he is chief scientist. Why Apstra? It’s helps customer the cost of running networks. “I couldn’t go to my care home without doing something about the problem of the cost of running enterprise networks,” he said. He said his criteria for investment are to: seek opportunities that add technical value to the world not be ruled by time to market look for a great team put eggs in small number of baskets and Read more

By Alan Zeichick Location-as-a-Service (LaaS) isn’t a new concept. There are times when you simply want to know where a physical object is hiding. Perhaps it’s your car keys. Perhaps it’s a misrouted suitcase, an overnight package, a shipping pallet, a stolen cargo container, or Police Car #54. Where are you? For the first use case, lost car keys, there’s Tile, a battery-powered gadget that works within the 30-meter radius of a Bluetooth signal. For the other cases, there are several providers, but arguably the most interesting is PoLTE, a startup based near Dallas. I spent a lot of time talking to the company’s CEO, Ed Chao, at the recent Read more

By Alan Zeichick and Mark Fox The U.S. Department of Homeland Security (DHS) understands the threat posted by bad apples on the Internet: Long-standing threats are evolving as nation-states, terrorists, individual criminals, transnational criminal organizations, and other malicious actors move their activities into the digital world. Enabling the delivery of essential services—such as electricity, finance, transportation, water, and health care—through cyberspace also introduces new vulnerabilities and opens the door to potentially catastrophic consequences from cyber incidents. The growing number of Internet-connected devices and reliance on global supply chains further complicates the national and international risk picture.” That’s part of the introduction to the long-awaited Cybersecurity Strategy report, released by the Read more

By Alan Zeichick and Mark Fox The healthcare industry is vulnerable to cyberattacks – arguably more vulnerable than most industries. The technology is constantly changing, and so are the regulations regarding certifying that technology. Devices are hard to configure, and hard to secure, and medical equipment often isn’t under the tight control of a facility’s IT department (other than supplying a network connection). And the prize for breaching a hospital or other medical practice? Lots of personal data worth big money on the Dark Web. It doesn’t help that there are security flaws in some devices. Take, for example, computed tomography (CT) scanners. One maker, Philips, disclosed on May 1, Read more

By Alan Zeichick and Mark Fox The deadline for compliance with the General Data Protection Regulation (GDPR) is coming up fast. Says the European Union: “Enforcement date: 25 May 2018 – at which time those organizations in non-compliance may face heavy fines.” Bad news: Companies aren’t ready. Neither are regulators. Remember that the GDPR doesn’t only apply to European entities, says the regulation. “The GDPR not only applies to organisations located within the EU but it will also apply to organisations located outside of the EU if they offer goods or services to, or monitor the behaviour of, EU data subjects. It applies to all companies processing and holding the Read more

By Alan Zeichick and Mark Fox Did you know that majority of businesses (56%) in the United Kingdom hold personal data on customers, beneficiaries or donors electronically? That’s a lot of information – and a lot of potential for data breaches. Not just potential. In study published by the U.K. Department for Digital, Culture, Media, and Sport, 43% of businesses report data breaches or other cyberattacks. The Cyber Security Braches Survey 2018 says that: More than four in ten businesses (43%) experienced a cyber security breach or attack in the last 12 months. Three-quarters of businesses (74%) say that cyber security is a high priority for their organization’s senior management. Read more

By Alan Zeichick and Mark Fox Tier 1, Tier 2, Tier 3. Security analysts. Incident responders. Hunters. The industry tends to toss those terms around when describing the cybersecurity specialists that staff a Security Operations Center (SOC). What exactly do they mean? And how standardized are those descriptions? The short answer is that the job tiers are fairly common across SOCs, but it’s by no means a standard. A job posting I found at an employment site, for example, describes: Security Operations Center Technician, Tier 1: The Tier 1 Security Operations Center Analyst will act as the first responder to account/system attacks to determine threat vectors and then provide initial Read more

By Alan Zeichick & Mark Fox SAN FRANCISCO — There was no shortage of news at the RSA Conference, held here from 16-20 April 2018. With thousands of participants, and seemingly thousands of vendor announcements, two big trends seemed to drive momentum: Artificial Intelligence and Botnets. Certainly, there were many topics of conversation, covering everything from the ransomware attack on Atlanta, to reports of cyberwarfare, to the rise of cryptocoin mining, to hardware flaws as evidenced by Spectre/Meltdown. Still, AI and botnet attacks seemed to hold everyone’s attention. Here are some of the top RSA news stories around artificial intelligence, botnets, and other areas, including the fast-growing field of Endpoint Read more

By Alan Zeichick and Mark Fox The United Kingdom is under attack. Not from a single large adversary, but from dozens or hundreds of cybercriminals, some large and well-organized, others small and opportunistic. Some attackers wants to cripple the U.K.; others want to turn a quick profit. The brand-new report, “The cyber threat to U.K. business,” issued in April 2018 by the National Cybre Security Centre (NCSC), describes many of those threats in painful detail. The report talks about the biggest incidents of 2017 in a number of categories, including ransomware, distributed denial of service (DDoS), data breaches, supply chain compromises, and fake news. It also looks at business email Read more