What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-02-16 05:26:00 | IT leaders say it\'s hard to keep the cloud safe (lien direct) | IT managers are finding it difficult to keep their applications and data safe in the cloud, and many are slowing cloud adoption because of it.That was one of the findings of an Intel cloud security report that surveyed 2,000 IT professionals in different countries and industries last fall.The issue isn't with the cloud itself, since trust outnumbers distrust for public clouds by more than two to one, according to Intel's survey.IT professionals told Intel that shadow IT and a shortage of cybersecurity skills are causing the most problems.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-02-15 11:53:55 | Sophos CEO sounds the alarm on enterprise ransomware attacks (lien direct) | Ransomware is increasingly becoming a problem for companies, and the CEO of a leading computer security company says he fears 2017 could see entire companies shut down until they pay up, or risk losing all their data.Ransomware works by infiltrating a computer with malware and then encrypting all the files on the disk. The user is presented with a limited time offer: Lose all your data or send money with the promise your data will be unlocked. The fee typically varies from a few tens of dollars to hundreds of dollars and often has to be transmitted in Bitcoin.The problem began on a fairly small scale, targeting individual users, but has been growing. Last year, a hospital in Los Angeles admitted to paying $17,000 to get its system unlocked, and a report in October said ransomware cases were on course to quadruple in 2016 over the previous year.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-02-15 11:46:00 | IDG Contributor Network: 3 new information security jobs for the digital enterprise (lien direct) | The responsibilities of information security are rapidly changing as enterprises digitize. Technology now enables business strategy and is transforming product, channels, and operations. In this new context, information security is expected to take a strategic role by helping business leaders understand the security implications of their digital strategies; support a quicker pace of technology exploitation and experimentation; and govern a larger, more varied project portfolio.Digitization has spurred three company-wide shifts, creating the need for three associated new information security roles.Shift 1: Strategy over governance Information security increasingly plays a larger role in advising business partners on strategy. A key driver is the growing difficulty of executing digital strategies securely. Technology enablement of product, channel, and operations introduces new potential vulnerabilities that can only be spotted by information security's keen eye. More business leaders are recognizing security's centrality; in fact, CEB data shows that 81 percent of boards of director review information security matters in most or every meeting (disclosure: I work for CEB).To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-02-14 20:17:03 | Doubts abound over US action on cybersecurity (lien direct) | How should the U.S. respond to cyber attacks? That's been a major question at this year's RSA security conference, following Russia's suspected attempt to influence last year's election. Clearly, the government should be doing more on cybersecurity, said U.S. lawmakers and officials at the show, but they admit that politics and policy conflicts have hampered the government's approach. “I wish the federal government could do this, but it's very hard, unfortunately, due to partisan politics,†said Virginia State Governor Terry McAuliffe, during a speech at the show. “They haven't been able to take the lead on this issue as they should have.â€To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-02-09 11:18:00 | IT and C-level leaders point fingers at each other over cyber defense (lien direct) | IT managers disagree with chief executives over who is responsible for a cyber security breach, according to a survey released Thursday.The survey -- of a group of 221 chief executive officers and other C-level executives and another group of 984 IT decision makers -- found that each group largely believes the other group is responsible in the event of a breach.In the survey, 35% of C-level respondents said IT teams would be responsible in a breach, while 50% of IT leaders think that responsibility rests with their senior managers.Also, IT managers estimate a single cyber attack will cost their business nearly twice what top-level executives estimate. The IT managers put the cost of a single attack at $19 million, compared to the C-suite estimate of about $11 million.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-02-08 08:38:00 | NASA has a shadow IT problem (lien direct) | It's not often enterprises get direct evidence of a shadow IT operation but a recent audit of NASA's IT realm came up with 28 unsanctioned cloud services operating in its environment. NASA's own CIO office found eight such services while the NASA Office of Inspector General discovered another 20, as part of an overall cloud security audit done by the NASA OIG. +More on Network World: NASA's “Human Computers†and the Hidden Figures movie story+To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-02-03 11:22:00 | US Immigration and Customs Enforcement nabs $20M in fake sports gear ahead of Super Bowl 51 (lien direct) |
Like clockwork, the week leading up to the Super Bowl has seen the federal government tear into the counterfeit sports gear element – this time seizing some $20 million worth of fake jerseys, hats, cell-phone accessories and thousands of other bogus items prepared to be sold to unsuspecting consumers.+More on Network World: 10 of the latest craziest and scariest things the TSA found on your fellow travelers+ ICE/DHS
U.S. Immigration and Customs Enforcement (ICE) and Homeland Security Investigations (HSI) teams nabbed 260,000 counterfeit sports-related items during its annual, year-long Operation Team Player sting. Last year ICE seized nearly 450,000 phony items worth an estimated $39 million. In 2014 it grabbed 326,147 phony items worth more than $19.5 million.To read this article in full or to leave a comment, please click here |
Guideline | ||
|
2017-02-01 08:29:57 | Mobile security firm offers cash to hackers for their old exploits (lien direct) | Mobile security firm Zimperium has launched an exploit acquisition program that aims to bring undisclosed attack code for already patched vulnerabilities out in the open.Paying for old exploits might seem like a waste of money, but there are technical and business arguments to justify such an acquisition system and they ultimately have to do with the difference between exploits and vulnerabilities.A vulnerability is a software defect with potential security implications, while an exploit is the actual code that takes advantage of that bug to achieve a specific malicious goal, often by bypassing other security barriers along the way.In practice, many vulnerabilities that get reported to vendors are not accompanied by working exploits. Showing that a programming error can lead to memory corruption is typically enough for the vendor to understand its potential implications -- for example, arbitrary code execution.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-02-01 05:34:00 | Are Apple-specific threats on the rise? (lien direct) | Macs are really no more secure than a PC, but for many years there just weren't as many out there because of the expense of the hardware and other issues. They've historically been a much less popular choice among both consumers, enterprises, and hackers alike.The PC attack surface is much wider; therefore, criminals develop malware that works on PCs because the payout is much higher. James Plouffe, lead solutions architect at mobile-security company MobileIron, said there are, however, a couple of oft-overlooked things that also protect Macs.First, Plouffe said, "MacOS is actually BSD Unix derivative. Granted, it's heavily customized but this meant that, unlike Windows (which had a long tail of viruses reaching back to the days of MS-DOS), bad actors had a lot more heavy lifting to do to be able to attack macOS."To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-01-31 09:02:31 | Trump to sign cybersecurity order calling for government-wide review (lien direct) | President Donald Trump is due to sign an executive order Tuesday that gives each cabinet official more responsibility for the safety of data within their agency.It will be accompanied by a government-wide review of cybersecurity by the Office of Management and Budget, looking at the technology in place that guards U.S. government systems from cyberattacks, according to a White House official.The results of that review could lead to a government-wide upgrade of federal cybersecurity systems.The U.S. government has been hit by hacks in the last few years. The State Department spent months trying to get rid of intruders in its unclassified network and the Office of Personnel Management lost personal information on millions of government workers through a second hack.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-01-31 07:31:00 | Busted: Federal Reserve employee mined bitcoin using government server (lien direct) | At least one employee of the U.S. Federal Reserve sees the value of bitcoin and mining for it if you get your computing power for free. Nicholas Berthaume, who is now a former employee, was sentenced to 12 months' probation and fined $5,000 for installing unauthorized bitcoin software on a Board of Governors of the Federal Reserve System server.According to a news release by the Office of Inspector General, Berthaume pleaded guilty to one count of unlawful conversion of government property.Working as a Communications Analyst, Berthaume had access to some Board computer servers. He put the computing power of a federal server to work for him. Mining is costly after all, as nowadays it tends to use more electricity than a miner earns. Unless a person has excess power from a solar farm for mining, then stealing electricity for mining is an option some people choose. You may have heard about the three men and one woman recently arrested in Venezuela for electricity theft and internet fraud.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-01-31 05:47:00 | SonicWall CEO talks of life after Dell spinout (lien direct) | SonicWall has been through it all. The San Jose, CA-based security company began as a hot start up, went public, then private, was acquired by Dell and then spun off to a private equity firm as part of the massive Dell/EMC merger in 2016. In the wake of that change, SonicWall also got a new CEO, Bill Conner, a long-time security and tech industry leader, who took the helm in November. In this installment of the IDG CEO Interview Series, Conner spoke with Chief Content Officer John Gallant about what the Dell spin out means for customers and where SonicWall is focusing its development efforts. Hint: Think IoT, mobile and hybrid data centers. He also discussed the company's cloud strategy and how the changing threat landscape opens up new opportunities in the enterprise for SonicWall, which is better known in the SMB space.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-01-30 14:07:00 | F5 Networks taps versatile Ciena higher-up to take over as CEO (lien direct) | F5 Networks CEO and President John McAdam, thrust back into that role in late 2015 under unusual circumstances, has announced that Ciena SVP and COO Francois Locoh-Donou will succeed him on April 3.McAdam joined F5 in 2000 and served as CEO and President until July 2015, when he handed the reins to Manuel Rivelo. But Rivelo stepped down in December of that year for unspecified personal conduct issues, and McAdam jumped back into the fray at the Seattle company, which he has helped to build into an application delivery powerhouse generating about $2B in annual revenue. Â To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-01-27 11:17:45 | Trump, May agree to take on ISIS in cyberspace (lien direct) | The U.K. and U.S. are planning to work more closely to combat the spread of extreme Islamist ideology in cyberspace, British Prime Minister Theresa May said on Friday.May was speaking at a White House news conference, alongside U.S. President Donald Trump, held to outline the results of talks between the two leaders. May is in Washington as the first foreign head of state to meet Trump.She noted the conventional military fight against ISIS is working and the group is losing territory but noted the two countries "need to redouble our efforts.""Today we're discussing how we can do this by deepening intelligence and security cooperation and critically, by stepping up our efforts to counter Daesh in cyberspace," she said, using an alternate name for the terrorist group.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-01-26 13:58:00 | U.S. companies spending millions to satisfy Europe\'s GDPR (lien direct) | Ninety-two percent of U.S. multinational companies cited compliance with the looming General Data Protection Regulation (GDPR) as a top data protection priority, according to new research from PwC. Sixty-eight percent are earmarking between $1 million and $10 million on GDPR readiness and compliance efforts, with 9 percent expecting to spend over $10 million, says Jay Cline, PwC's U.S. privacy leader.Cline says PwC 'slatest survey showed that fear remains the biggest motivator for U.S. CIOs, who are “connecting the dots†after watching data breaches lead to lost revenues, regulatory fines and the erosion of consumer trust. “U.S. companies see the connection between doing privacy well and greater revenues and consumer trust,†says Cline, who surveyed 200 CIOs, CISOs and other C-suite executives.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-01-26 09:00:00 | IDG Contributor Network: Thales Data Threat Report: Security spending up, but so are breaches (lien direct) | It's interesting seeing how much money technology vendors spend on surveys that (at least most often) justify their own existence. It would be easy to be cynical about them, but beyond the self-serving aspects of it all, the data these surveys generate is interesting as a general “state of the nation†assessment.A good case in point is Thales' new Data Threat Report (pdf). Thales is a huge vendor that employs over 60,000 people across 56 countries. With multibillion euro revenue, it makes sense for the company to increase the perception that it is a thought leader in its field. And Thales' field is a big one. It is a systems integrator, equipment supplier and service provider in the aerospace, transport, defense and security markets. A major part of the company's offering lies around cybersecurity. This report is, therefore, very much in its wheelhouse.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-01-25 10:02:00 | What to ask IDaaS vendors before you buy (lien direct) | Identity as a service (IDaaS), also known as identity and access management as a service, uses a cloud infrastructure for securely managing user identities and access enforcement. At its most basic level, IDaaS enables single sign-on (SSO) for systems in the cloud or on-premises, but it goes well beyond that to include access provisioning and deprovisioning, governance and analytics.Leading vendors in the IDaaS field in 2016 (per Gartner) included Okta, Microsoft and Centrify, with OneLogin, Ping Identity, SailPoint, Covisint, Salesforce, Lighthouse Security (IBM) and EMC/RSA figuring prominently as well. Although each company offers IDaaS, differences in feature sets and capabilities can make one solution preferable over the others for a particular organization.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-01-25 07:10:20 | Kaspersky Lab employee reportedly arrested in Russia on treason charges (lien direct) | One of the leading cybercrime investigators at antivirus vendor Kaspersky Lab was reportedly arrested in Russia as part of a probe into activities that could represent high treason. According to Russian newspaper Kommersant, Ruslan Stoyanov, the head of the computer incidents investigation team at Kaspersky, was arrested in December as part of an investigation that also targeted Sergei Mikhailov, the deputy head of the Information Security Center at the FSB, Russia's internal security service. Russian authorities are investigating Mikhailov in connection to the receipt of money from a foreign organization, an unnamed source close to the FSB reportedly told the newspaper.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-01-20 07:51:38 | Google pushed developers to fix security flaws in 275,000 Android apps (lien direct) | Over the past two years, Google has pressured developers to patch security issues in more than 275,000 Android apps hosted on its official app store. In many cases this was done under the threat of blocking future updates to the insecure apps.Since 2014, Google has been scanning apps published on Google Play for known vulnerabilities as part of its App Security Improvement (ASI) program. Whenever a known security issue is found in an application, the developer receives an alert via email and through the Google Play Developer Console.When it started, the program only scanned apps for embedded Amazon Web Services (AWS) credentials, which was a common problem at the time. The exposure of AWS credentials can lead to serious compromises of the cloud servers used by apps to store user data and content.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-01-20 05:14:00 | How to wake the enterprise from IoT security nightmares (lien direct) | The IoT security market will reach a valuation of $36.95 billion by 2021, says data from a Marketsandmarkets.com analyst report. Where the cyber security mayhem grows, so flows the security market money. In 2017, experts predict that gaping IoT security holes will lead to the destruction of critical infrastructure and increases in competitive intelligence gathering and intellectual property theft. 2017 will see more DDoS attacks of the magnitude that brought down the Dyn Domain Name System service and many high-profile web domains with it.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-01-19 12:38:00 | Air Force goes after cyber deception technology (lien direct) | A little cyber-trickery is a good thing when it comes to battling network adversaries.The Air Force Research Lab (AFRL) tapped into that notion today as it awarded a $750,000 grant to security systems developer Galios to develop a cyber deception system that will “dramatically reduce the capabilities of an attacker that has gained a foothold on a network.â€Specifically, Galios will develop its Prattle system for the Air Force. Galios describes Prattle as a system that generates traffic that misleads an attacker that has penetrated a network: making them doubt what they have learned, or to cause them to make mistakes that increase their likelihood of being detected sooner.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-01-18 10:17:00 | How to get fired in 2017: Have a security breach (lien direct) | There are many reasons why IT professionals can be fired, but six out of the top nine are related to security, said a survey released this morning.For example, having a tech investment that leads to a security breach was considered a fireable offense by 39 percent of organizations, according to Osterman Research, which conducted the survey.A data breach that becomes public was a fireable offense for 38 percent of companies.Other fireable offenses included failing to modernize a security program, data breaches with unknown causes, data breaches that do not become public, and the failure of a security product or program investment.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-01-17 07:03:00 | The war for cybersecurity talent hits the Hill (lien direct) | Many analysts and business leaders believe there is a severe need for qualified cybersecurity professionals in the U.S., something that has caught the eye of at least one key congressman.U.S. House Homeland Security Committee Chairman Michael McCaul (R-Texas) on Wednesday said more needs to be done to address the cybersecurity labor shortage.[To comment on this story, visit Computerworld's Facebook page.]"I agree 110% that we need to strengthen the workforce" of cybersecurity professionals, McCaul said during a meeting with reporters at the National Press Club.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-01-12 08:46:00 | Rudy Giuliani to coordinate regular cybersecurity meetings between Trump, tech leaders (lien direct) | Former New York Mayor Rudy Giuliani says Donald Trump has tapped him to gather top cybersecurity leaders to meet with the administration regularly to share “all the information available in the private sector†with the goal of improving national cyber defenses “because we're so far behind.†“The president elect-decided he wanted to bring in on a regular basis the people in the private sector, the corporate leaders in particular and thought leaders in the private sector who are working on security for cyber because we're so far behind,†Giuliani said on Fox and Friends.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-01-12 06:00:00 | IDG Contributor Network: Nyotron launches to \'secure the world.\' Simple, eh? (lien direct) | Nyotron today launched its cybersecurity product in the U.S. Nothing too exciting about that, but the history of the company's founder might pique your interest.Nir Gaist is the sort of over-achiever that one either worries hugely about or admires greatly (or probably both in equal measure). Nyotron's CEO and founder, Gaist started programing at the age of six. (Which leads me to ask, what took him so long?) In 2008, he and his brother Ofer Gaist, now COO, started Nyotron as a penetration testing company. Before founding the company, and as a departure from his buddies who were probably playing Candy Crush or something, Nir hacked an Israeli service provider, which was so impressed with his skills it ended up hiring him. From there, he went on to test telephone systems, online banking protocols, ATMs and more for the largest banks in Israel. To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-01-10 14:22:52 | Adobe patches critical flaws in Flash Player, Reader and Acrobat (lien direct) | Adobe Systems released security updates for its Flash Player, Adobe Reader and Acrobat products fixing critical vulnerabilities that could allow attackers to install malware on computers.The Flash Player update fixes 13 vulnerabilities, 12 that can lead to remote code execution and one that allows attackers to bypass a security restriction and disclose information. Adobe is not aware of any exploit for these flaws existing in the wild.Users are advised to upgrade to Flash Player version 24.0.0.194 on Windows, Mac and Linux. The Flash Player plug-in bundled with Google Chrome, Microsoft Edge and Internet Explorer will be automatically upgraded through those browsers' respective update mechanisms.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-01-10 12:53:10 | Microsoft releases one of its smallest monthly security patch bundles (lien direct) | Microsoft has released its first batch of patches for this year, and it's one of the smallest ever for the company, with only three vulnerabilities fixed across its entire product portfolio.The patches are covered in four security bulletins, but one is dedicated to Flash Player, for which Microsoft distributed patches through Windows update.The only security bulletin rated as critical is the one for Microsoft Office and Office Services and Web Apps. It covers a memory corruption vulnerability that can be exploited by tricking users to open specially crafted files and can lead to remote code execution.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-01-06 12:54:06 | Trump mum on Russia blame after US intelligence briefing (lien direct) | After meeting with U.S. intelligence leaders on Friday, President-elect Donald Trump withheld any direct endorsement of their findings that Russia tried to meddle with the recent election.Rather, he focused on whether the hacking efforts -- from any country -- had an effect on the election's outcome. In his view, there was “absolutely†none."While Russia, China, other countries, outside groups and people are consistently trying to break through the cyber infrastructure of our governmental institutions, businesses and organizations including the Democrat National Committee, there was absolutely no effect on the outcome of the election," Trump said in a statement. To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-01-05 08:34:00 | 2017: The year of cybersecurity scale (lien direct) | It's no surprise that lots of pundits and cybersecurity industry insiders claim that 2017 will be a challenging year full of nation state attacks, ransomware, and a continuing wave of data breaches. I concur with this common wisdom, but I also believe 2017 will be remembered as the year where cybersecurity analytics and operations encountered a wave of unprecedented scale. Now, I know that the need for security scalability is nothing new. Leading SIEM vendors can all talk about how they've had to rearchitect their products over the past few years to scale from thousands to millions of events per second (EPS) and somehow make sense of all this activity. To read this article in full or to leave a comment, please click here | Guideline | ||
|
2017-01-05 04:43:00 | Ransomware took in $1 billion in 2016--improved defenses may not be enough to stem the tide (lien direct) | Increased user awareness of phishing threats, better antivirus technology, more industry-wide information sharing and cross-border efforts by law enforcement authorities will combine to turn the tide against ransomware this year, according to some security experts, but others expect the attacks to continue to increase.According to a security expert who requested anonymity, ransomware cybercriminals took in about $1 billion last year, based on money coming into ransomware-related Bitcoin wallets.That includes more than $50 million each for three wallets associated with the Locky ransomware, and a fourth one that processed close to $70 million. Cryptowall brought in close to $100 million before it was shut down this year. CryptXXX gathered in $73 million during the second half of 2016, and Cerber took in $54 million, the expert said.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-12-30 04:37:00 | Tech outages of 2016 and how to prevent them in 2017 (lien direct) | Downtime Image by Thinkstock2016 has seen major downtime events lead to lost revenue for a number of highly-recognizable brands and caused a severe knock to their reputation and consumer confidence. One of the most common causes of outages is unplanned configuration changes to a system, often when an immediate fix for a bug or potential system vulnerability unintentionally creates a much larger problem.To read this article in full or to leave a comment, please click here |
Guideline | ||
|
2016-12-29 04:36:00 | 5 signs we\'re finally getting our act together on security (lien direct) | The high-water line in information security gets higher each year. Just as we think we've finally figured out how to defend against attacks, then attackers come up with something new and we are right back to trying to figure out what to do next.For example, ransomware has surged in the last year. Although that kind of malware has been around for years, the current model of encrypting user files to hold data hostage came about just recently. Infections quadrupled in 2016, with the FBI estimating an average of 4,000 attacks a day. A recent IBM survey of 600 business leaders in the United States found that one in two had experienced a ransomware attack in the workplace, and that companies paid the ransom 70 percent of the time. As a result, criminals are on track to make nearly $1 billion this year from ransomware, IBM X-Force said.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-12-26 04:51:00 | Corporate boards aren\'t prepared for cyberattacks (lien direct) | Major cyberattacks against organizations of all sizes seem to happen almost weekly. On Dec. 14, Yahoo announced the largest-ever data breach, involving more than 1 billion customer accounts.Despite the scale and potential harm from such attacks, there's wide recognition that corporate leaders, especially boards of directors, aren't taking the necessary actions to defend their companies against such attacks. It's not just a problem of finding the right cyber-defense tools and services, but also one of management awareness and security acumen at the highest level, namely corporate boards.To read this article in full or to leave a comment, please click here | Guideline | Yahoo | |
|
2016-12-19 07:44:00 | Senators call for special committee to investigate Russian election hacking (lien direct) | The election is well over, but the storm is still brewing with no end in sight when it comes to trying to figure out what to do about Russian hacks aimed at influencing the election.On Sunday Dec. 11, US Senators John McCain, Chuck Schumer, Lindsey Graham and Jack Reed urged Majority Leader Mitch McConnell not to allow an investigation into Russian interference of the election to become a partisan issue. It's an issue which “should alarm every American.â€That same day, President-elect Donald Trump blew off the idea that the intelligence community had a clue as to whom was behind the hacks. His transition team later added, “These are the same people that said Saddam Hussein had weapons of mass destruction.â€To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-12-15 06:46:00 | Citrix is building your workspace of the future (lien direct) | Citrix is a bit like the pachyderm in the proverb about the blind men and the elephant. How customers describe the company depends a lot on which of Citrix's diverse products they touch. It's a desktop and app virtualization company. It's a networking company. A secure file sharing company, a mobility management firm. Yes, Citrix is all of those and more, and CEO Kirill Tatarinov – one year after taking over from long-time leader Mark Templeton – is working to show how all those pieces play together in making Citrix the focal point of the 'workspace of the future' for nimble enterprises. To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-12-15 05:40:00 | Trump, tech leaders avoided encryption and surveillance talk at summit (lien direct) | A Wednesday summit between some of the most powerful people in technology and U.S. president-elect Donald Trump covered a wide ground but avoided discussion on two of the biggest issues facing the industry: the use of encryption and government surveillance.Trump's team called the meeting the start of "a conversation and partnership in order to spark innovation and create more jobs in the U.S." and said it could be repeated as often as once a quarter once he assumes the presidency.Many in Silicon Valley had been vocal opponents of Trump prior to the election, but in meeting executives of the region's biggest companies on Wednesday, Trump sought to gain their support. In particular, he asked them for "specific innovative solutions that have been blocked by narrow thinking in Washington," his team said in a statement.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-12-14 12:39:00 | 10 game changing networking acquisitions of 2016 (lien direct) | Game changers? Image by ThinkstockIn the networking industry, it seems that every year there's a flurry of mergers and acquisitions. Turns out that 2016 was no different. Here are 10 that have the most game changing potential, since they have the potential to move the acquiring company into an entirely new market.To read this article in full or to leave a comment, please click here |
Guideline | ||
|
2016-12-14 05:35:00 | Tech Forecast 2017: 5 key technologies to double down on now (lien direct) | With digital transformation dominating the business agenda, IT pros are under pressure to create a modern-day tech foundation sturdy enough to drive that change as they head into 2017. What milestones are they aiming for in the year ahead? Where should they direct their limited resources?According to Computerworld's Forecast 2017 survey, IT professionals will prioritize security, analytics, XaaS or "as a service" technology, virtualization and mobile apps in the coming year. If you're thinking of adding those technologies to your own 2017 to-do list, read on for findings from our survey, along with real-world advice from other IT leaders.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-12-12 14:08:00 | 5 core topics Trump needs to address in Silicon Valley leaders meeting (lien direct) | As some of the tech sector's heaviest hitters prep for a meeting this week with president-elect Donald Trump, they need to make sure they get answers to critical questions about issues that could affect not only their businesses but the U.S. economy in general.While the meeting has been called by Trump, the Silicon Valley executives should be prepared to set some of it themselves so they aren't blindsided by policy shifts that can affect their success. Items of interest range from encryption to China policy.Here are some of the issues important to Trump and that are important to the interests of technology vendors and service providers.Where does Trump stand on encryption?To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-12-12 13:33:51 | Politics bog down US response to election hacks (lien direct) | U.S. efforts to get to the bottom about Russia's role in hacking this year's presidential election may very well end up mired in politics, hampering any response.On Monday, Senate Majority Leader Mitch McConnell, a Kentucky Republican, was the latest U.S. lawmaker to call for an investigation into Russia's possible involvement. “This simply cannot be a partisan issue,†he said during a press conference.A growing number of lawmakers, in addition to U.S. intelligence agencies, also assert that Russia was behind the high-profile hacks that were intended to influence this year's election. Among the targets were Democratic groups and figures whose emails were stolen and later leaked online.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-12-12 10:22:00 | Survey: Despite costly attacks, 85% of business leaders confident in preparedness (lien direct) | Eighty-five percent of organizations believe they have the right controls in place to protect against such attacks. Yet, 40 percent of them have been victims of cyber attacks within the last six months.That's the finding of a recent survey sponsored by BAE Systems.Why the disconnect?[Related: 3 ingredients of a successful attack] It's one thing to believe you have the right protections in place; it's another thing to test those beliefs. The survey of 600 business leaders across five countries found that “only 29% of organizations tested their attack response in the last month. On average, organizations last tested their cyber attack response 5 months ago.â€To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-12-12 05:53:00 | Tech predictions for 2017: What I expect to happen, and what I hope will happen (lien direct) | Yes, it's that time of the year again. Where does the time go? Anyway, it's time for us in the news business to make our annual predictions for the coming year. Unlike some, I own up to my misfires by leading off with the predictions made a year ago and admitting what came true and what didn't. So let's get into that. How good were my 2016 predictions? 1. IBM becomes a major cloud player.Not really. The most recent numbers, which covered Q2 of this year, put IBM at under 10 percent share. It's still an Amazon and Microsoft world. The good news is IBM grew 57 percent year over year, so it is making up for lost ground. To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-12-09 11:05:00 | Why CISOs succeed and why they leave (lien direct) | Earlier this year, ESG and the Information Systems Security Association (ISSA) published a research report titled, The State of Cyber Security Careers. The report was based on a survey of 437 cybersecurity professionals, the clear majority of which were ISSA members.Two-thirds of these cybersecurity professionals worked at an organization that employed a CSO or CISO. These individuals were then asked to identify the most important qualities that make a successful CISO. Here is a sample of the results: 50% of respondents said strong leadership skills were most important 47% of respondents said strong communication skills were most important 30% of respondents said a strong relationship with business executives was most important 29% of respondents said a strong relationship with the CIO and other members of the IT leadership team was most important 23% of respondents said strong management skills were most important Based upon this list, it's clear that successful CISOs need to be strong business people who can work with business and IT executives. This is an important consideration since many security professionals are deeply rooted in the technology rather than the business aspects of infosec.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-12-07 05:37:00 | Playing cyber defense is not enough to win (lien direct) | While the San Francisco 49ers are leading the NFL in defense, the New Orleans Saints currently hold the number one slot for total offense. In the overall league rankings, though, neither of those two teams rank in the top 10. What's the takeaway? Winning isn't strictly about strong offense or impenetrable defense. NFL league leaders advance to the top because they know how to balance the two; they know how to play the game.To address the growing number of attacks on the US government and private sector systems, President-elect Donald Trump's cybersecurity plan aims to, "Develop the offensive cyber capabilities we need to deter attacks by both state and non-state actors and, if necessary, to respond appropriately."To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-12-06 10:27:00 | Getting started with blockchain smart contracts (lien direct) | Few managers look forward to negotiating contracts. In large companies, there are many stakeholders to consult and it's easy to make a misstep. And then there's the expense involved in working with lawyers.Smart contract technology promises to simplify the contract process and provide greater transparency.[ Also on CIO.com: Blockchain: You've got questions; we've got answers ]What are smart contracts? Early approaches to smart contracts included some that were merely “augmented by technology,†says Houman B. Shadab, professor of law at New York Law School. “In a sense, you could view contract signing and management services like DocuSign as an example of [smart contracts].†Other approaches automated the production of traditional contracts using templates.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-12-06 06:56:00 | Trump Cybersecurity Do\'s and Don\'ts (Part 2) (lien direct) | Given recent cybersecurity incidents like the Google Android data breach, the DDoS attack on Dyn and the data breach of the DNC, President-elect Donald Trump will find cybersecurity policy a top priority when he takes office in January.What should Mr. Trump do and what should he avoid? In my last blog, I presented some recommendations for the “do†column. Alternatively, here is a list of things President Trump should eschew in his administration's cybersecurity agenda. The “don't†column includes the following: Don't obsess over cybersecurity intelligence sharing path. Public/private partnerships for cybersecurity cooperation have roots that go back to the Clinton administration's original PDD-63 for critical infrastructure protection. In more recent times, congress struggled with CISPA then CISA as stand-alone bills before sneaking CISA into a federal spending bill in late 2015. Intelligence sharing is a good step but it's been beaten to death and most large organizations have figured this out on their own. What's needed is a concerted effort on best practices and sharing threat intelligence with small businesses. Yes, these things should happen but the feds should do so as part of CISA and not spin up another distracting effort. Remember that threat intelligence sharing is a means to an end (i.e. better cybersecurity visibility and analysis) and not an end in itself. Don't propose yet another blue-ribbon cybersecurity panel. If Mr. Trump's goal is to shake up Washington, the last thing he should do is appoint another blue-ribbon panel to study cybersecurity issues and provide recommendations – this action is on page one of every Beltway politician's playbook. As an alternative, Mr. Trump should appoint high-level cybersecurity experts to go through President Obama's cybersecurity commission's findings and suggestions (as well as other historical similar reports), tailor them to his political agenda, and push forward the appropriate actions with congress as soon as possible.   Don't even think about giving national cybersecurity oversight to the military. The few cybersecurity plans Mr. Trump camp talks about tend to include a military and intelligence component to them. This is fine when it comes to offensive operations and U.S. Cyber Command but it gets a little scary with regard to civilian agencies and the private sector. There are those at the Pentagon that will push for this by equating cybersecurity with national security but with all due respect to the military, Mr. Trump must absolutely follow the lead of past President's and draw a clear line between military and civilian cybersecurity involvement. In truth, ANY military, law enforcement, or intelligence involvement in private sector and consumer cybersecurity programs will turn into an all-consuming political and technology civil war with Republicans and Democrats alike will pushing back.  This unnecessary fight must be avoided as it could halt federal cybersecurity progress for months or years. Don't push for a new federal cybersecurity agency. Since the military can't be involved in private sector cybersecurity, many responsibilities fall to DHS, a massive bureaucracy that hasn't had a strong record of success with its cybersecurity programs. Some in Washington see this as a reason to create yet another civilian agency, a department of national cybersecurity. While it may be tempting to consolidate cybersecurity responsibilities, it would be extremely difficult to unwind cybersecurity from DHS and every other nook and cranny in the greater DC area. This shouldn't mean however that the | Guideline | ||
|
2016-12-06 05:59:00 | Expedia IT tech made $330K by secretly accessing execs\' files for insider trading (lien direct) | Lots of IT techs have access to network credentials to access company files and emails, but it wouldn't cross the minds of most to abuse that knowledge for a “get-rich-scheme†in the flavor of insider trading. Yet that doesn't apply to everyone, since a 28-year-old admitted to exploiting his position in order to gain insider knowledge and illegally trade and profit from those secrets.Jonathan Ly, a former IT tech for Expedia, pleaded guilty to securities fraud – something FBI Special Agent in Charge Jay S. Tabb, Jr. called, “Particularly egregious because Mr. Ly abused his special access privileges as an IT administrator. On top of violating the trust of the public and his company, he violated the privacy of fellow employees by surreptitiously accessing their files.â€To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-12-05 07:01:00 | Security pros most worried about clouds, mobile (lien direct) | Companies were least prepared to assess the security risks of cloud and mobile technologies, according to a survey of cybersecurity professionals released this morning.Around 60 percent of companies were able to assess security risks in cloud environments, down 7 points compared to last year. Mobile devices scored at 57 percent, down by 8 percentage points compared to last year.Overall, the confidence levels of security professionals that their cyber defenses were meeting expectations dropped from 76 percent last year to 70 percent in this year's survey, according to the report, which was produced by Annapolis, M.D.-based CyberEdge Group, and sponsored by Tenable.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-12-01 10:43:00 | Who\'s responsible for data compliance? 25% of executives don\'t know (lien direct) | According to the 2016 State of Compliance survey conducted by data management and integration provider Liaison Technologies, one-quarter of top executives are unclear who in their organization is responsible for compliance. And nearly half (47 percent) of respondents to the survey of 479 senior and C-level executives said they don't know which compliance standards apply to their organizations.“As leaders in the compliance domain we thought it was important to share our findings on how U.S. companies perceive their regulatory obligations-and examine ways to help improve their compliance postures,†Hmong Vang, chief trust officer with Liaison, said in a statement. “What we found was rather concerning."To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-12-01 05:14:00 | Scholars, infosec experts call for action on Russian hacking (lien direct) | In the wake of reports about Russian involvement in fake news and hacks against political targets leading up to the recent presidential election, scholars and security experts are calling for federal action.As of Sunday, 158 scholars have signed an open letter calling for a congressional investigation."Our country needs a thorough, public Congressional investigation into the role that foreign powers played in the months leading up to November," the letter said.Democrats in Congress have also called for an investigation, and were recently joined by Republican Sen. Lindsey Graham.To read this article in full or to leave a comment, please click here | Guideline |
To see everything:
Our RSS (filtrered)
