The Resurgence of Ops and their Role in DevOps | @DevOpsSUMMIT @AndiMann #DevOps #CloudNative #Serverless #DigitalTransformation

DevOps has long focused on reinventing the SDLC (e.g. with CI/CD, ARA, pipeline automation etc.), while reinvention of IT Ops has lagged. However, new approaches like Site Reliability Engineering, Observability, Containerization, Operations Analytics, and ML/AI are driving a resurgence of IT Ops. In this session our expert panel will focus on how these new ideas are [putting the Ops back in DevOps orbringing modern IT Ops to DevOps].

read more

IBM and Seagate use Blockchain to tackle counterfeit hard drives


Clare Hopping

9 Nov, 2018

IBM and Seagate have teamed up to build a blockchain security service that can identify counterfeit hard drives to prevent manufacturers, integrators and business partners being duped by fake equipment.

The technology is based upon IBM’s Blockchain Platform, combined with Seagate’s Secure Electronic ID (eID) when they’re built, verifying the authenticity of components. The jointly-developed initiative will use a unique identifier built into the hard drives that can be used to make sure it’s genuine throughout its lifecycle.

“Blockchain technology can be extremely effective in confirming provenance and authenticity of assets,” said Bruce Anderson, global managing director, electronics industry, IBM. 

“The ability to work with Seagate to combine blockchain with advanced cryptographic product identification technology is what sets this work apart, and signals blockchain’s potential to reimagine the electronics product life cycle management processes. Counterfeit electronic components are a global issue that requires an ecosystem-wide effort to address.”

The verification will also employ Seagate’s Certified Erase that integrates Seagate’s cryptographic erasure technology to create a digital certificate that is digitally signed by the device using the company’s public key infrastructure (PKI). This is stored on the blockchain so it cannot be changed, without affecting data privacy.

Together, these technologies will ensure any Seagate hard drives have been verified as genuine and this data will remain secure on the blockchain. When the time comes for the hard drive to be taken out of service, the data can be securely erased, adhering to data privacy laws.

“IBM has a proven history of technology innovation as evidenced by its market leadership in blockchain technology for product provenance in various industries,” said Mark Re, senior vice president and chief technology officer at Seagate. “By combining Seagate’s innovations in product security with IBM’s blockchain expertise, we want to prove that we can help reduce the incidence of product counterfeiting in the future.”

Cisco and Amazon Web Services team up for hybrid Kubernetes tool

Hybrid cloud continues to be a strong trend. For many enterprises, their legacy data centre assets are going nowhere. Despite cajoling from cloud providers, the mix of cloud and on-prem remains a prudent one.

It is this theory which has seen the likes of VMware Cloud on AWS come to fruition. The two companies have successfully come together to provide customers with portability between private and public clouds.

Now, AWS is working with another such firm in the shape of Cisco. The latter has announced a new solution built for AWS to run production-grade Kubernetes applications on-premises, with the product being a combination of Amazon EKS (Elastic Container Service for Kubernetes) and Cisco’s Container Platform (CCP), all tied up with Cisco’s networking, security, management and monitoring and AWS’ cloud.

A blog post from Cisco outlined some of the more technical aspects of the partnership. “Through the single CCP management UI, the customer can provision clusters both on-premises and on EKS in the cloud,” wrote Reinhardt Quelle, principal architect. “CCP uses AWS [identity and access management] authentication to create the VPC, instructs EKS to create a new cluster, and then configures the worker nodes in that cluster.”

Kubernetes continues to be a key pawn in organisations’ maturing cloud strategies – and indeed, the strategies of cloud vendors. VMware acquired Heptio, a company set up by two original Kubernetes engineers to give the technology more enterprise reach, while IBM’s planned acquisition of Red Hat was described by this publication as a ‘match made in container heaven.’

“Today, most customers are forced to choose between developing applications on-premises or in the cloud. This can create a complex mix of environments, technologies, teams and vendors – but they shouldn’t have to make a choice,” said Kip Compton, SVP cloud platform and solutions at Cisco. “Now, developers can use existing investments to build new cloud-scale applications that fuel business innovation.

“This makes it easier to deploy and manage hybrid applications, no matter where they run,” Compton added. “This allows customers to get the best out of both cloud and their on-premises environments with a single solution.”

https://www.cybersecuritycloudexpo.com/wp-content/uploads/2018/09/cyber-security-world-series-1.pngInterested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

Steadfast to Exhibit June 25-26 at @CloudEXPO Silicon Valley | @SteadfastNet #Cloud #CIO #Hosting #Storage #DataCenter

While a hybrid cloud can ease that transition, designing and deploy that hybrid cloud still offers challenges for organizations concerned about lack of available cloud skillsets within their organization. Managed service providers offer a unique opportunity to fill those gaps and get organizations of all sizes on a hybrid cloud that meets their comfort level, while delivering enhanced benefits for cost, efficiency, agility, mobility, and elasticity.

read more

How to protect healthcare IoT devices in a Zero Trust world

  • Over 100 million healthcare IoT devices are installed worldwide today, growing to 161m by 2020, attaining a Compound Annual Growth Rate (CAGR) of 17.2% in just three years according to Statista.
  • Healthcare executives say privacy concerns (59%), legacy system integration (55%) and security concerns (54%) are the top three barriers holding back Internet of Things (IoT) adoption in healthcare organizations today according to the Accenture 2017 Internet of Health Things Survey.
  • The global IoT market is projected to soar from $249B in 2018 to $457B in 2020, attaining a Compound Annual Growth Rate (CAGR) of 22.4% in just three years according to Statista.

Healthcare and medical device manufacturers are in a race to see who can create the smartest and most-connected IoT devices first. Capitalizing on the rich real-time data monitoring streams these devices can provide, many see the opportunity to break free of product sales and move into more lucrative digital service business models. According to Capgemini’s “Digital Engineering, The new growth engine for discrete manufacturers,” the global market for smart, connected products is projected to be worth $519B to $685B by 2020. The study can be downloaded here (PDF, 40 pp., no opt-in). 47% of a typical manufacturer’s product portfolio by 2020 will be comprised of smart, connected products. In the gold rush to new digital services, data security needs to be a primary design goal that protects the patients these machines are designed to serve. The following graphic from the study shows how organizations producing smart, connected products are making use of the data generated today.

Healthcare IoT device data doesn’t belong for sale on the dark web

Every healthcare IoT device from insulin pumps and diagnostic equipment to Remote Patient Monitoring is a potential attack surface for cyber adversaries to exploit. And the healthcare industry is renowned for having the majority of system breaches initiated by insiders. 58% of healthcare systems breach attempts involve inside actors, which makes this the leading industry for insider threats today according to Verizon’s 2018 Protected Health Information Data Breach Report (PHIDBR).

Many employees working for medical providers are paid modest salaries and often have to regularly work hours of overtime to make ends meet. Stealing and selling medical records is one of the ways those facing financial challenges look to make side money quickly and discreetly. And with a market on the Dark Web willing to pay up to $1,000 or more for the most detailed healthcare data, according to Experian, medical employees have an always-on, 24/7 marketplace to sell stolen data. 18% of healthcare employees are willing to sell confidential data to unauthorized parties for as little as $500 to $1,000, and 24% of employees know of someone who has sold privileged credentials to outsiders, according to a recent Accenture survey. Healthcare IoT devices are a potential treasure trove to inside and outside actors who are after financial gains by hacking the IoT connections to smart, connected devices and the networks they are installed on to exfiltrate valuable medical data.

Healthcare and medical device manufacturers need to start taking action now to secure these devices during the research and development, design and engineering phases of their next generation of IoT products. Specifying and validating that every IoT access point is compatible and can scale to support Zero Trust Security (ZTS) is essential if the network of devices being designed and sold will be secure. ZTS is proving to be very effective at thwarting potential breach attempts across every threat surface an organization has. Its four core pillars include verifying the identity of every user, validating every device, limiting access and privilege, and utilizing machine learning to analyze user behavior and gain greater insights from analytics.

The first step is protect development environments with Zero Trust privilege

Product research & development, design, and engineering systems are all attack surfaces that cyber adversaries are looking to exploit as part of the modern threatscape. Their goals include gaining access to valuable Intellectual Property (IP), patents and designs that can be sold to competitors and on the Dark Web, or damaging and destroying development data to slow down the development of new products. Another tactic lies in planting malware in the firmware of IoT devices to exfiltrate data at scale.

Attack surfaces and the identities that comprise the new security perimeter of their companies aren’t just people; they are workloads, services, machines, and development systems and platforms. Protecting every attack surface with cloud-ready Zero Trust Privilege (ZTP) which secures access to infrastructure, DevOps, cloud, containers, Big Data, and the entire development and production environment is needed.

Zero Trust Privilege can harden healthcare and medical device manufacturers’ internal security, only granting least privilege access based on verifying who is requesting access, the context of the request, and the risk of the access environment. By implementing least privilege access, healthcare and medical device manufacturers would be able to minimize attack surfaces, improve audit and compliance visibility, and reduces risk, complexity, and costs across their development and production operations.

The best security test of all: An FDA audit

Regulatory agencies across Asia, Europe, and North America are placing a higher priority than ever before on cybersecurity to the device level. The U.S. Food & Drug Administration’s Cybersecurity Initiative is one of the most comprehensive, providing prescriptive guidance to manufacturers on how to attain higher levels of cybersecurity in their products.

During a recent healthcare device and medical device manufacturer’s conference, a former FDA auditor (and now Vice President of Compliance) gave a fascinating keynote on the FDA’s intent to audit medical device security at the production level. Security had been an afterthought or at best a “trust but verify” approach that relied on trusted versus untrusted machine domains. That will no longer be the case, as the FDA will now complete audits that are comparable to Zero Trust across manufacturing operations and devices.

As Zero Trust Privilege enables greater auditability than has been possible in the past, combined with a “never trust, always verify” approach to system access, healthcare device, and medical products manufacturers should start engineering in Zero Trust into their development cycles now.

https://www.iottechexpo.com/northamerica/wp-content/uploads/2018/09/all-events-dark-text.pngInterested in hearing industry leaders discuss subjects like this and sharing their use-cases? Attend the co-located IoT Tech Expo, Blockchain Expo, AI & Big Data Expo and Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam and explore the future of enterprise technology.

Isomorphic Software to Exhibit June 25-26 at @CloudEXPO Silicon Valley | @IsomorphicHQ #Cloud #AI #CIO #SmartClient

Isomorphic Software is the global leader in high-end, web-based business applications. We develop, market, and support the SmartClient & Smart GWT HTML5/Ajax platform, combining the productivity and performance of traditional desktop software with the simplicity and reach of the open web.

With staff in 10 timezones, Isomorphic provides a global network of services related to our technology, with offerings ranging from turnkey application development to SLA-backed enterprise support.

Leading global enterprises use Isomorphic technology to reduce costs and improve productivity, developing & deploying sophisticated business applications with unprecedented ease and simplicity.

read more

Security Past the Perimeter | @CloudEXPO @Darktrace #Cloud #CIO #AI #ArtificialIntelligence #Cybersecurity #SmartCities

Darktrace is the world’s leading AI company for cyber security. Created by mathematicians from the University of Cambridge, Darktrace’s Enterprise Immune System is the first non-consumer application of machine learning to work at scale, across all network types, from physical, virtualized, and cloud, through to IoT and industrial control systems. Installed as a self-configuring cyber defense platform, Darktrace continuously learns what is ‘normal’ for all devices and users, updating its understanding as the environment changes.

read more

Microsoft rolls out its WhatsApp-style Kaizala app for business use


Clare Hopping

8 Nov, 2018

Microsoft has unveiled its Kaizala collaboration tool is now generally available to customers, allowing teams to use the WhatsApp-style programme to chat with their peers and boost productivity across the organisation.

Although the Android and iOS Kaizala app is free for consumers, the business application will set businesses back $1.50 per user each month, but offers a whole lot more than just free P2P chat. For example, businesses can easily manage communication groups, with advanced reporting for businesses to understand better how their employees collaborate.

“Today’s workplace extends well beyond organisational boundaries, and there is an increasing need to connect your entire business value chain, including your first-line workers, vendors, partners, suppliers, and customers,” Praveen Maloo, senior product marketing manager at Microsoft said. “A disconnected value chain hinders productivity, slows down decision making, prevents the ability for insights to surface from the field, and creates potential for customer dissatisfaction.”

He explained that although messaging apps have gone some way to break these barriers down, they’re often consumer apps designed for business use. For example, they may not be compliant, struggle with security demands or put company data at risk.

Kaizala addresses these issues, Maloo said especially in mobile-first, developing economies.

It integrates with Office 365, including Power BI and Microsoft Flow and allows teams to run polls, plan jobs and projects and share work flows with collaborators.

Kaizala is hosted on Microsoft Azure, ensuring it’s compliant with company data policies as well as ISO 27001, SOC2, HIPAA and GDPR.

“Kaizala Pro is already available as part of Office 365 commercial plans, or as a standalone purchase, in 28 markets around the world,” Maloo added. “We will be adding Kaizala Pro to Office 365 commercial plans worldwide over time.”

AMD launches on AWS and instantly undercuts Intel by 10%


Tim Danton

7 Nov, 2018

AMD announced a double whammy at its Next Horizon event in San Francisco: first by announcing EPYC processor-based instances were now available on AWS, and second by undercutting Intel Xeon-based instances by 10%.

“Our goal with EPYC is to reach the largest number of users possible, and the cloud is the tip of that sphere,” said AMD president and CEO, Dr Lisa Su. “To do that, we must partner with the number one cloud service provider in the world.”

That partner is of course Amazon, with the company’s vice president of computing services, Matt Garman, joining Dr Su on stage at Next Horizon.

“When we think about our compute platforms, there are a couple of things that are important to our customers,” said Garman. “The very first thing is security, reliability and performance, and AMD is great on all of those fronts.

“The second thing that many customers come to AWS for is choice,” he added. “We want to be the compute platform for the world, we want to support every single workload out there, and for that our customers need a broad range of capability.”

But this was all a warm-up to AMD’s big advantage over Intel: value for money. “But the final thing is frankly cost. I talk to a lot of customers, and never have I talked to a customer who wasn’t interested in lower prices.”

“I feel the same way,” quipped Dr Su.

In practice, that means AWS customers in a number of regions, including Europe, can switch to AMD-based R5 sand M5 instances via the AWS Management Console or AWS Command Line Interface.

Amazon says T3 instances will be available “in a couple of weeks”.

“One of the cool things about the cloud is that you can go and get them today,” said Garman. “It’s really easy. It’s a simple API call to launch an instance. You can use the exact same instances you use today, you can use the exact same scripts.

“And one of the great things for our customers is that simply by making that change and switching, they can instantly save 10% on their compute costs.”

AMD reveals 7nm ‘Rome’ EPYC processors aimed at data centres


Tim Danton

7 Nov, 2018

AMD president and CEO, Dr Lisa Su, unveiled the company’s next-generation EPYC server processor in San Francisco.

Dubbed “Rome”, it brings 7nm manufacturing to the server CPU market for the first time, and is the harbinger of future 7nm Ryzen chips.

At the same time, AMD launched the Radeon Instinct MI60 and MI50 graphics accelerators, which also sport 7nm-based chips and use AMD’s latest Vega architecture. 

“We’re taking the power of 7nm tech, we’re taking that advantage of doubling that bandwidth and we’re bringing tremendous performance,” said Dr Su at the launch event. “We’re thinking not just about the CPU but about how the CPU connects to the rest of the components.”

This, emphasised Dr Su, was just as important as the processor itself. “What Rome does is brings total system capability when you put [the CPU, GPU and interconnects] together.”

The new Rome EPYC processors are built on top of AMD’s “Zen 2” architecture, with the processor’s core complex containing eight core dies, and each of those core dies has eight Zen 2 cores. That translates to 64 cores on the top-end version of Rome chips.

For the moment, however, AMD is keeping quiet on processor clock speeds.

What should this mean in practice? AMD claims Rome will deliver an unprecedented 3x speed increase compared to the previous generation processors in certain applications. “I’ve been in the semiconductor industry for a long time,” said Dr Su, “you don’t get 3x.”

The company promises an even bigger boost for floating point performance, with speeds four times that of the current EPYC processors.

While demos at launches should always be treated with scepticism, AMD was happy to pit a top-of-the-range dual socket Xeon against a single-socket Rome processor and a current dual-socket EPYC system.

Putting all three systems through the C-Ray benchmark side-by-side, the Rome-based system completed the test in 27.7 seconds compared to 30.5 seconds for Intel’s machine and 28.4 seconds for the dual-socket EPYC system.

AMD is already shipping the Radeon Instinct MI60 graphics accelerators to data centre customers, but would not be drawn on price.

The company also claims that Rome has started sampling with customers but has not announced a price or availability other than saying “next year”.