(c)iStock.com/tonefotografia

Today’s threat landscape is constantly evolving. In 2016 in particular, we’ve seen a huge shift with adversaries penetrating organisations from the DNC to WADA and gaining access to sensitive documents that were later leaked to embarrass individuals. Yet, while many believe that this trend starts and ends with a contentious election, it’s not something that’s going away in 2017. In fact, we’re starting to see continued and varied threats, most recently with DDoS attacks taking down the likes of the EU commission.  

Overall, the pace and variation of exploits driven by technically astute adversaries, will only gain momentum in the coming year if not managed effectively.

No impenetrable defence

Whether a Fortune 500 company, a family run business or a utility company, all businesses are vulnerable and proactively sought after as attack targets. Whether by a nation-state group, a criminal network or an independent hacker, they’re all in the firing line. Yet, we’re moving beyond fines, damage to corporate reputation and a number of scary headlines. In 2017, the manipulation of data to remove its integrity will be significant enough to send companies under. Organisations need to be continually and proactively assessing their networks to understand how they are compromised. Too many are focusing on the “known” bads, rather than trying to understand the threat of the “unknown.”

In intelligence, we trust

Organisations today are also exhausted by “alert fatigue”, where security professionals are cast in the role of passively reviewing tones of alert data, much of which ends up being confirmed by those humans as false positives. This often means security teams are stuck in a reactive mode and not preventing breaches from happening. Businesses need actionable intelligence to overcome this hurdle and get ahead of the threats that could compromise their business.

Ultimately, we can’t properly interpret today’s threat landscape without understanding the impact of global economic developments and geopolitical events. Just because something happens miles away, it doesn’t mean it won’t wash up on your doorstep in the form of an attack. Intelligence needs to be added to the equation so that we can anticipate and detect potential threats and defend against new tactics, techniques and procedures.

Security takes on new meaning for the C-suite

Regulatory fines and disclosure of embarrassing leaks still haven’t eliminated the problem. Yet, awareness across the business around spotting and responding to threats is critical. If even the most senior leader in a business can be duped by a phishing attempt, what does that mean for an organisations wider security posture?

We’re already seeing Fortune 500 companies starting to take a totally different approach to how they manage security as they think about an attack, as when not if. An important lesson in this journey is understanding that more spending doesn’t  equal more security – it’s a cybersecurity paradox. Businesses need to think in terms of risk prevention and mitigation and understanding what the risks to their business are and taking proactive steps to detect and prevent them.

‘New age’ attacks on the rise

The exponential rise in connectivity and data loads is having significant impacts on expanding business networks and opening more doors for hackers. In fact, it’s increasing the surface layer of attack, particularly with regard to ransomware that has grown in prevalence throughout the year.

In fact, businesses should get used to criminals’ sharp business acumen and psychological button-pushing. It’s likely what’s fuelled the attacks we’ve already seen on hospitals and healthcare organisations and will only continue as adversaries acknowledge the opportunity to make much more per ransom transaction than targeting the average user.

So long, legacy

The inherent limitations in conventional security defences has been illustrated in the well-documented proliferation of cyber-attacks across all industries. As such, we’re beginning to see indicators of a tectonic shift away from legacy solutions as people start thinking differently about security. This has been a slow ball that’s been rolling down the hill, and it’s really picking up momentum heading into 2017, where it will likely reach a critical mass.

Businesses are starting to work out how they can get more visibility across their entire network, augment and then entirely replace their legacy systems with next-gen solutions. The industry has been talking about replacing these for 15 years and now we are finally starting to see the trend accelerating.

Whether part of criminal groups or nation-state operations, adversaries can move faster than ever before, mutate malware and actively change exploit tactics or IP addresses. Reactive cybersecurity methods are now obsolete.

2016 brought about more cyberattacks than we thought possible, especially involving ransomware, and we definitely won’t see that trend breaking stride in 2017. By next year, we expect every single adult in the US will know a blood relative that has had their identity stolen – the Internal Revenue Service reported that 2.7 million people had their identities stolen in 2014 and according to TransUnion, 19 people fall victim to identity theft every minute.

read more

The Internet of Things (IoT) promises to simplify and streamline our lives by automating routine tasks that distract us from our goals. This promise is based on the ubiquitous deployment of smart, connected devices that link everything from industrial control systems to automobiles to refrigerators. Unfortunately, comparatively few of the devices currently deployed have been developed with an eye toward security, and as the DDoS attacks of late October 2016 have demonstrated, this oversight can have devastating, if not catastrophic results.
In his session at 19th @ThingsExpo, Richard Blech, Chief Executive Officer at Secure Channels, explored the promise and the pitfalls inherent to IoT and offered a novel way of incorporating an effective security paradigm in which IoT “watchmen” monitor and maintain order within the IoT.

read more

Internet of @ThingsExpo has announced today that Chris Matthieu has been named tech chair of Internet of @ThingsExpo 2017 New York

The 7th Internet of @ThingsExpo will take place on June 6-8, 2017, at the Javits Center in New York City, New York.

Chris Matthieu is the co-founder and CTO of Octoblu, a revolutionary real-time IoT platform recently acquired by Citrix. Octoblu connects things, systems, people and clouds to a global mesh network allowing users to automate and control design flows, processes and sensor data, and analyze/react to real-time events and messages as well as big data trends and anomalies.

read more

Cloud Expo, Inc. has announced today that Andi Mann returns to ‘DevOps at Cloud Expo 2017’ as Conference Chair
The @DevOpsSummit at Cloud Expo will take place on June 6-8, 2017, at the Javits Center in New York City, NY.
“DevOps is set to be one of the most profound disruptions to hit IT in decades,” said Andi Mann. “It is a natural extension of cloud computing, and I have seen both firsthand and in independent research the fantastic results DevOps delivers. So I am excited to help the great team at @DevOpsSummit and Cloud Expo tell the world how they can leverage this emerging disruptive trend.”
Andi Mann, Chief Technology Advocate at Splunk, is an accomplished digital business executive with extensive global expertise as a strategist, technologist, innovator, and communicator. For over 30 years across five continents, Andi has built success with Fortune 500 corporations, vendors, governments, and as a leading research analyst and consultant.
Andi is a sought-after commentator on business technology – published in USA Today, New York Times, Forbes, CIO, and Wall Street Journal; presented at Gartner ITxpo, VMworld, CA World, Interop, Cloud Expo, and DevOps Summit; participated and hosted interviews for radio, television, webcasts, podcasts, and live events; and more.

read more

“We analyze the video streaming experience. We are gathering the user behavior in real time from the user devices and we analyze how users experience the video streaming,” explained Eric Kim, Founder and CEO at Streamlyzer, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.

read more

SYS-CON Events has announced today that Roger Strukhoff has been named conference chair of Cloud Expo and @ThingsExpo 2017 New York.
The 20th Cloud Expo and 7th @ThingsExpo will take place on June 6-8, 2017, at the Javits Center in New York City, NY.
“The Internet of Things brings trillions of dollars of opportunity to developers and enterprise IT, no matter how you measure it,” stated Roger Strukhoff. “More importantly, it leverages the power of devices and the Internet to enable us all to improve the state of the world and lives of people.”

read more

DevOps is being widely accepted (if not fully adopted) as essential in enterprise IT. But as Enterprise DevOps gains maturity, expands scope, and increases velocity, the need for data-driven decisions across teams becomes more acute. DevOps teams in any modern business must wrangle the ‘digital exhaust’ from the delivery toolchain, “pervasive” and “cognitive” computing, APIs and services, mobile devices and applications, the Internet of Things, and now even blockchain.
In this power panel at @DevOpsSummit 19th Cloud Expo, moderated by DevOps Conference Chair Andi Mann, panelists will explore this emerging use of Big Data generated by the digital business to complete the DevOps feedback loop, and inform operational and application decisions.

read more

As cloud computing becomes the information technology mainstream, data center technology is accelerating at a breakneck speed. Concepts like software define infrastructure, data center analytics and Nonvolatile Memory Express (NVMe) over Fabrics are changing the very nature of data center management. According to industry research firm IDC, organizations will spend an additional $142.8 billion oninfrastructure for both public and private cloud environments in the next three years (2016-2018) to boost efficiency and business agility.

read more