|By Kevin Nikkhoo||
|March 15, 2013 11:45 AM EDT||
I spend a great deal of my day thinking about security. How it affects the enterprise; how to best position and protect assets. How it shapes risk management and how it delivers potential benefits through smoother operations, enhanced trust and loss prevention.
At its core, security is about risk versus reward. It’s no great secret that many executives look at security as a cost center. Compounded by the requirements of compliance, the expansion of technology, and the nature of the modern enterprise, no one doubts the need to secure the enterprise…but to what degree? Securing your IT environment is not free, but there are best practices and technology options designed to mitigate costs while still providing a strong, manageable and proactive defense. While many companies still would rather spend capital on commodity assets, many CIOs recognize that information security is an important business driver. Many more still are looking to the cloud for security solutions to further reduce resource reliance.
In the end, it is a question each company must answer on its own. I can talk until I am blue in the face about the bogeymen of hacking, slipshod employees opening suspect emails, the exposure of a company’s most precious data, but the needs of the company—how it interacts with customers, the access it provides third parties, employee productivity processes, compliance requirements and all the other moving parts of an active organization--must create and prioritize the roadmap based on understood vulnerabilities and available resources.
However, therein lies the problem…understood vulnerabilities. This decision is based on assumptions, resource limitations and previous experience. But security issues are a moving target...it's more about knowing what you don't know. Obviously a bank or medical management facility is at more risk than a local dog grooming company, but that doesn’t mean it is any less vulnerable. In fact, the modest company might be at greater risk because even a small breach of customer data can devastate a company. A large company may be able to absorb (although painful) the fines, lawsuits and the loss of proprietary assets, but the impact on a small or mid-sized company is magnified. The damage to the trust factor alone could put them out of business.
This is not meant to be some sort of scare tactic, but the reality of doing business in the 21st century means every company must take some level of action to protect itself beyond filtering emails. However understanding investments in CapEx, resource and personnel expenditures, hardware and software management, this might be untenable for every company. This is where the CIO earns his keep. How much time and capital is necessary to invest versus the real threats to the network/assets (is a barking dog enough to chase away robbers, or do you need bolt locks, motion sensors, round-the-clock-sentries, gun turrets, etc…)
This is why cloud security (security managed from the cloud) provides the necessary balance in the risk versus reward quotient. Not only does it support a unified platform (PaaS or REACT), but eliminates many of the costs that throw the equation out of balance. A smaller company no longer has to decide to invest in virus sweepers OR access management, identity credentialing OR intrusion detection. A larger organization can reallocate important resources towards key revenue drivers and core competencies. A unified/centralized approach from the cloud provides all the capabilities with no additional capital expenditures. In the fact that it centralizes all the activity under a centralized pane of glass not only makes an organization response ready, but also automates a great deal of what compliance regulators are demanding.
What about the risk? Are organizations exposing or ceding control of their data in order to save a few bucks? Is a Pandora’s Box opening because functionality and reporting is virtualized? Of course not. Yet, with all business initiatives, there are risks. However, by applying such best practices as 24/7/365 monitoring, event correlation across multiple silos, and fostering interactive communication between functions closes the vulnerability gap significantly. But to harness all those capabilities a company would need to invest in SIEM, Access Management, Log Management, IDM and other security solutions. Before the cloud, this combined initiative was only an option available to Fortune 500 enterprises. Even applying some cloud-based tools, each of the referenced solutions typically works in parallel. What is needed is the ability to centralize and have each of the solutions leverage one another.
Now cloud security solutions and applications are two different animals when it comes to the all important data ownership and information liability. Security manages the data wherever it is stored-cloud or some locked server room in the basement of a fortified campus. It is the fence, not the animals held within. If there is a break in the fence, or the rancher hires irresponsible cowboys, then the herd is at risk. But if the foreman is vigilant about riding the perimeter and managing his employees, then there should be as many cows in the barn as there were the day before.
This is not to say data is unassailable every time the sales guy accesses the product demo site to present to a prospect via online third party collaboration software, but if the tools are in place, properly automated and integrated and the policies (access rules, credentialing, web authorization, monitoring etc…) are sound, risk goes down and reward goes up.
On Wall Street there is a “measurement” called the Sharpe Index. Essentially it characterizes how well the return of an asset compensates the investor for the risk taken. Part of the complex equation analyzes the variables to get to a positive return. Applied to finance the axiom typically means the greater the risk, the greater the return. When applied to security, and more pointedly, cloud-based security, the variables line up so that there doesn’t have to be a high trade off of risk and return Considering the lower investment, the faster deployment, the reduction of personnel and computing resources against an expanded enterprise toolset, improved capabilities, continuous and centralized alerts, security-as-a-service support and enhanced visibility across the organization, the path to realize rewards and ROI point to the cloud.
Bottom line, cloud-based security functionality is as trustworthy, as powerful and as comprehensive as any on-premise deployment. Because it is infinitely more affordable, flexible and manageable, it allows you to increase the layers of security around your enterprise for a fraction of the hard and soft costs. It allows you to concentrate on priorities, policies and core competencies to ensure your perimeters are safe and the cattle can always come in from the fields. Each company is unique in terms of its needs and security comfort level and its concept in determining risk versus reward. Yet biggest risk, in terms of security, is standing still.
"We've discovered that after shows 80% if leads that people get, 80% of the conversations end up on the show floor, meaning people forget about it, people forget who they talk to, people forget that there are actual business opportunities to be had here so we try to help out and keep the conversations going," explained Jeff Mesnik, Founder and President of ContentMX, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Jul. 28, 2016 10:15 PM EDT Reads: 1,436
"There's a growing demand from users for things to be faster. When you think about all the transactions or interactions users will have with your product and everything that is between those transactions and interactions - what drives us at Catchpoint Systems is the idea to measure that and to analyze it," explained Leo Vasiliou, Director of Web Performance Engineering at Catchpoint Systems, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York Ci...
Jul. 28, 2016 10:00 PM EDT Reads: 2,096
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 19th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo Silicon Valley Call for Papers is now open.
Jul. 28, 2016 09:00 PM EDT Reads: 2,706
I wanted to gather all of my Internet of Things (IOT) blogs into a single blog (that I could later use with my University of San Francisco (USF) Big Data “MBA” course). However as I started to pull these blogs together, I realized that my IOT discussion lacked a vision; it lacked an end point towards which an organization could drive their IOT envisioning, proof of value, app dev, data engineering and data science efforts. And I think that the IOT end point is really quite simple…
Jul. 28, 2016 07:15 PM EDT Reads: 1,230
"My role is working with customers, helping them go through this digital transformation. I spend a lot of time talking to banks, big industries, manufacturers working through how they are integrating and transforming their IT platforms and moving them forward," explained William Morrish, General Manager Product Sales at Interoute, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Jul. 28, 2016 05:30 PM EDT Reads: 2,216
You think you know what’s in your data. But do you? Most organizations are now aware of the business intelligence represented by their data. Data science stands to take this to a level you never thought of – literally. The techniques of data science, when used with the capabilities of Big Data technologies, can make connections you had not yet imagined, helping you discover new insights and ask new questions of your data. In his session at @ThingsExpo, Sarbjit Sarkaria, data science team lead ...
Jul. 28, 2016 04:30 PM EDT Reads: 1,196
Extracting business value from Internet of Things (IoT) data doesn’t happen overnight. There are several requirements that must be satisfied, including IoT device enablement, data analysis, real-time detection of complex events and automated orchestration of actions. Unfortunately, too many companies fall short in achieving their business goals by implementing incomplete solutions or not focusing on tangible use cases. In his general session at @ThingsExpo, Dave McCarthy, Director of Products...
Jul. 28, 2016 04:15 PM EDT Reads: 1,781
WebRTC is bringing significant change to the communications landscape that will bridge the worlds of web and telephony, making the Internet the new standard for communications. Cloud9 took the road less traveled and used WebRTC to create a downloadable enterprise-grade communications platform that is changing the communication dynamic in the financial sector. In his session at @ThingsExpo, Leo Papadopoulos, CTO of Cloud9, discussed the importance of WebRTC and how it enables companies to focus...
Jul. 28, 2016 03:45 PM EDT Reads: 1,039
Verizon Communications Inc. (NYSE, Nasdaq: VZ) and Yahoo! Inc. (Nasdaq: YHOO) have entered into a definitive agreement under which Verizon will acquire Yahoo's operating business for approximately $4.83 billion in cash, subject to customary closing adjustments. Yahoo informs, connects and entertains a global audience of more than 1 billion monthly active users** -- including 600 million monthly active mobile users*** through its search, communications and digital content products. Yahoo also co...
Jul. 28, 2016 03:15 PM EDT Reads: 724
A critical component of any IoT project is what to do with all the data being generated. This data needs to be captured, processed, structured, and stored in a way to facilitate different kinds of queries. Traditional data warehouse and analytical systems are mature technologies that can be used to handle certain kinds of queries, but they are not always well suited to many problems, particularly when there is a need for real-time insights.
Jul. 28, 2016 03:15 PM EDT Reads: 1,908
Amazon has gradually rolled out parts of its IoT offerings in the last year, but these are just the tip of the iceberg. In addition to optimizing their back-end AWS offerings, Amazon is laying the ground work to be a major force in IoT – especially in the connected home and office. Amazon is extending its reach by building on its dominant Cloud IoT platform, its Dash Button strategy, recently announced Replenishment Services, the Echo/Alexa voice recognition control platform, the 6-7 strategic...
Jul. 28, 2016 12:30 PM EDT Reads: 623
The best-practices for building IoT applications with Go Code that attendees can use to build their own IoT applications. In his session at @ThingsExpo, Indraneel Mitra, Senior Solutions Architect & Technology Evangelist at Cognizant, provided valuable information and resources for both novice and experienced developers on how to get started with IoT and Golang in a day. He also provided information on how to use Intel Arduino Kit, Go Robotics API and AWS IoT stack to build an application tha...
Jul. 28, 2016 12:00 PM EDT Reads: 1,246
IoT generates lots of temporal data. But how do you unlock its value? You need to discover patterns that are repeatable in vast quantities of data, understand their meaning, and implement scalable monitoring across multiple data streams in order to monetize the discoveries and insights. Motif discovery and deep learning platforms are emerging to visualize sensor data, to search for patterns and to build application that can monitor real time streams efficiently. In his session at @ThingsExpo, ...
Jul. 28, 2016 11:15 AM EDT Reads: 1,167
SYS-CON Events announced today that LeaseWeb USA, a cloud Infrastructure-as-a-Service (IaaS) provider, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. LeaseWeb is one of the world's largest hosting brands. The company helps customers define, develop and deploy IT infrastructure tailored to their exact business needs, by combining various kinds cloud solutions.
Jul. 28, 2016 10:45 AM EDT Reads: 1,297
SYS-CON Events announced today that 910Telecom will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Housed in the classic Denver Gas & Electric Building, 910 15th St., 910Telecom is a carrier-neutral telecom hotel located in the heart of Denver. Adjacent to CenturyLink, AT&T, and Denver Main, 910Telecom offers connectivity to all major carriers, Internet service providers, Internet backbones and ...
Jul. 28, 2016 10:30 AM EDT Reads: 851
Big Data, cloud, analytics, contextual information, wearable tech, sensors, mobility, and WebRTC: together, these advances have created a perfect storm of technologies that are disrupting and transforming classic communications models and ecosystems. In his session at @ThingsExpo, Erik Perotti, Senior Manager of New Ventures on Plantronics’ Innovation team, provided an overview of this technological shift, including associated business and consumer communications impacts, and opportunities it ...
Jul. 28, 2016 10:00 AM EDT Reads: 293
SYS-CON Events announced today that Venafi, the Immune System for the Internet™ and the leading provider of Next Generation Trust Protection, will exhibit at @DevOpsSummit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Venafi is the Immune System for the Internet™ that protects the foundation of all cybersecurity – cryptographic keys and digital certificates – so they can’t be misused by bad guys in attacks...
Jul. 28, 2016 09:30 AM EDT Reads: 1,426
It’s 2016: buildings are smart, connected and the IoT is fundamentally altering how control and operating systems work and speak to each other. Platforms across the enterprise are networked via inexpensive sensors to collect massive amounts of data for analytics, information management, and insights that can be used to continuously improve operations. In his session at @ThingsExpo, Brian Chemel, Co-Founder and CTO of Digital Lumens, will explore: The benefits sensor-networked systems bring to ...
Jul. 28, 2016 09:00 AM EDT Reads: 1,626
Manufacturers are embracing the Industrial Internet the same way consumers are leveraging Fitbits – to improve overall health and wellness. Both can provide consistent measurement, visibility, and suggest performance improvements customized to help reach goals. Fitbit users can view real-time data and make adjustments to increase their activity. In his session at @ThingsExpo, Mark Bernardo Professional Services Leader, Americas, at GE Digital, discussed how leveraging the Industrial Internet a...
Jul. 28, 2016 07:30 AM EDT Reads: 553
There will be new vendors providing applications, middleware, and connected devices to support the thriving IoT ecosystem. This essentially means that electronic device manufacturers will also be in the software business. Many will be new to building embedded software or robust software. This creates an increased importance on software quality, particularly within the Industrial Internet of Things where business-critical applications are becoming dependent on products controlled by software. Qua...
Jul. 28, 2016 06:45 AM EDT Reads: 1,595