Archivo de la categoría: cyber security

cyber security, Enterprise IT, IoT, News & Analysis

What did we learn at Cloud & DevOps World?

Cloud & DevOps WorldThe newly branded Cloud & DevOps World kicked off yesterday with one theme prominent throughout the various theatres; cloud is no longer a disruption, but what can be achieved through the cloud is still puzzling decision makers, reports Telecoms.com.

One word which was heard more than any other was maturity, as there would appear to be a general consensus that cloud computing had matured as a concept, process and business model. Although finding the greatest value from the cloud is still a challenge, there is a general feeling those in the IT world are becoming more adventurous and more willing to experiment.

Speaking in the Business Transformation theatre, Hotels.com CIO Thierry Bedos opened up the conference with a look into future trends in cloud computing. Maturity was the main driver of the talk here, as Bedos pointed out AWS’ dominant position as market leader and innovator is starting to loosen. While it would generally be considered strange to call tech giants such as Google and Microsoft challenger brands, it would be fair in the context of public cloud. But not for much longer, as the gap is slimming. For Bedos, this competition is a clear indication of a maturing market.

Along Bedos, Oracle’s Neil Sholay gave us insight into the world of data analytics, machine learning and AI in the Oracle Labs. Bill Gates famously said “Content is King”, and while this remains true, Sholay believes we can now go further and live by the rule “Corpus is King”. Content is still of value, though the technologies and business practise to deliver content have dated the phrase. The value of content is now in mastering its delivery through effective analytics to ensure automation, context and insight. A content campaign is only as good as the information you feed it to provide value to the consumer.

The Cyber & Cloud Security theatre held a slightly different story, but maturity was still a strong theme. ETSI & GSMA Security Working Group Chairperson Charles Brookson commented to us while there is still a lot of work to do to ensure security, the decision makers are maturing in the sense they have accepted 100% secure is unachievable and remaining as secure as possible for as long as possible is the new objective.

For a number of the delegates and speakers this is a new mind-set which has been embraced, however there are still some technical drawbacks. Futuristic advances such as biometric security is set to become a possibility in the near future, but Birmingham University’s David Deighton showed the team had made solid progress in the area. Failure rates are still at 2%, which was generally received as too high, but this has been reduced from 15% in a matter of months. The team would appear to be heading in the right direction, at a healthy pace.

Once again the concept of failure was addressed in the IoT & Data Analytics theatre as conference Chairperson Emil Berthelsen (Machine Research) told us the important lesson from the day was to set the right expectations. Some project will succeed and some will not, but there is no such thing as failure. The concept of IoT is now beginning to gain traction in the enterprise world, starting to show (once again) maturity, but for Berthelsen, the importance of scalability, security and data in IoT solutions was most evident throughout the day.

Day 1 showed us one thing above all else; we’re making progress, but we’re not quite there yet.

cyber security, News & Analysis, SME, UK

SMEs not prepared for the threat of cyber criminals – Barclaycard

Hacker performing cyber attack on laptopResearch from Barclaycard claims cyber security is not being prioritized by small businesses, putting numerous organizations at risk of attack.

The findings state only 20% of the organizations surveyed believe cyber security is a top business priority, with 10% claiming their team has not invested in cyber security at all. The average attack costs UK businesses between £75,000 and £311,000 according to HM Government’s 2015 Information Security Breaches report, as more than 50% of the respondents believe their organization is at risk of a breach within the next 12 months.

“Businesses of all sizes face a constant and growing threat from cybercrime,” said Paul Clarke, Product Director at Barclaycard. “As our research shows, many small businesses are failing take the necessary precautions, either because they don’t know how to protect themselves or, more worryingly, because they don’t think they need to. At Barclaycard we work with our customers to ensure they are aware of the growing threats they face and understand how they can protect themselves from cyber threats.”

Worryingly for business owners throughout the UK, only 13% of those who completed the survey believe they have the relevant skills to adequately protect themselves online. This statistic, combined with the lack of prioritization around security, may indicate decision makers believe their organization is safer, as cyber criminals would target the larger and more data heavy businesses in the UK.

While this may be considered a perception held by small businesses, the findings claim just under half have been hit by at least one cyber-attack in the past year, with a tenth experiencing more than four attacks.

“Cybersecurity is not a one-off investment that can then be forgotten about, especially as criminals are becoming increasingly sophisticated in the way they target businesses,” said Clarke. “For fifty years we’ve been working in partnership with customers to ensure they are not only putting the right measures in place from the outset, but are also continuously reviewing their policies to keep up with the latest industry developments.”

Artificial intelligence, cyber security, Enterprise IT, Machine learning, Microsoft, Microsoft Azure, News & Analysis

Microsoft launches VC to drive inorganic growth

Microsoft To Layoff 18,000Microsoft has announced the launch of Microsoft Ventures, a new capitalist venture arm to engage start-ups and entrepreneurs in areas which the business does not currently operate.

Speaking on the official Microsoft blog, Nagraj Kashyap Corporate VP for the ventures business, highlighted the launch was in line with objectives to identify start-ups which can inspire the next technology evolution, as opposed to supporting the current portfolio and business objectives.

“In Microsoft’s history of engaging with and supporting start-ups, we’ve done a lot of investing, but not a lot of early stage,” said Kashyap. “Because we would often invest alongside commercial deals, we were not a part of the early industry conversations on disruptive technology trends. With a formalized venture fund, Microsoft now has a seat at the table.”

Technology acquisition has become an intense game in recent months, as a host of tech giants have built new business units to identify potential acquisitions. While this might not be considered an unusual business activity, the trends of innovation through acquisition as opposed to organic growth have seemingly becoming more prominent. Earlier this month, HP announced the launch of its own VC business unit, which could be perceived as a means for the business to diversify its portfolio, entering new markets. These new markets could lead to direct competition with HPE.

Microsoft has a history of creating initiatives to aide and invest in start-ups, having launched the Microsoft Accelerator program, which provides tools, technology and consulting, though this unit will aim to sit between the Accelerator and the function which oversees major acquisitions. Initially the team will have a presence in San Francisco New York City and Tel Aviv, and will also look to expand to additional countries in the future.

“Given that the move to the cloud remains the single largest priority for the industry, identifying the bleeding-edge companies who complement and leverage the transition to the cloud is key to our investment thesis,” said Kashyap.

“Companies developing product and services that complement Azure infrastructure, building new business SaaS applications, promoting more personal computing by enriching the Windows and HoloLens ecosystems, new disruptive enterprise, consumer productivity, and communication products around Office 365 are interesting areas from an investment perspective.”

Aside from technologies which can aide the company’s core capabilities, the team will also be responsible for investigating disruptions in more horizontal axis. Security and machine learning were two areas which were identified by Kashyap on the blog. “Our view is outward into the market — we focus on the inorganic growth of Microsoft, looking at where we can provide a step function, versus incremental progress.”

Big Data, cyber security, data analytics, Digital Transformation, Opinion, Public Sector, PwC

What did we learn from PwC’s local government survey?

City HallPwC has recently released findings from its annual survey, The Local State We’re In, which assesses the challenges facing local government and their responses to them, as well as looking at public opinion on the organizations capabilities.

Here, we’ve pulled out four of the lessons we learnt from the report:

Data Analytics is top of the agenda for CEOs and Local Government Leaders

A healthy 91% of the Chief Execs surveyed confirmed Data Analytics was an area which they were well equipped. This in fact was the most popular answer for this specific question, as other areas such as business intelligence (59%), supply chain management (55%) and information governance & records management (40%) fared less so.

While it is encouraging the leaders are confident in their team’s ability to perform in the data analytics world, the research also stated local government’s use of structured and unstructured data varies quite considerably. 71% of the Chief Execs agreed they were using structured data (e.g. information in government controlled databases), whereas this number drops to 33% when unstructured data (e.g. social media and data generated through search engines) is the focal point of the question.

As the consumer continues its drive towards digital and the connected world, the level of insight which can be derived through unstructured data, social media in particular, will continue to increase. Back in 1998 Merrill Lynch said 80-90% of all potentially usable business information may originate in unstructured form. This rule of thumb is not based on primary or any quantitative research, but is still accepted by some in the industry. Even if this number has dropped, there is a vast amount of information and insight which is being missed by the local government.

But data driven decision making isn’t

Throughout the industry, data driven decision making has been seen as one of the hottest growing trends, and also as the prelude to the introduction of artificial intelligence.

Despite the media attention such ideas are receiving, it would appear these trends are not translating through to local government. Only 41% of the respondents said their organization is using data analytics to inform decision making and strategy. It would appear local government is quite effective (or at least confident) at managing data, but not so much at using it for insight.

Digital Device Tablet Laptop Connection Networking Technology ConceptPublic is not confident in local government’s ability to embrace digital

Although leadership within the local authorities themselves are happy with the manner in which their organization has embraced digital, this confidence is not reflected by the general public.

76% of Chief Execs who participated in the research are confident in their own digital strategies, however only 23% of the general public are confident in the council’s ability to manage the transition through to digital. This is down from 28% in the same survey during 2015 and 29% in 2014. The findings could demonstrate the rigidity of government bodies, especially at a local level, as it would appear the evolution of emerging technologies is outstripping local government’s ability to incorporate these new ideas and tools.

There is also quite a significant difference in how the public and the Chief Execs view cyber security. While only 17% of the Chief Execs believe their organization is at risk from cyber threats, 70% of the general public are not confident local government will be able to manage and share their personal information appropriately. 2016 has already seen a number of high profile data breaches which could have an impact on the opinions of the general public. If tech savvy enterprise organizations such as TalkTalk cannot defend themselves, it may be perceived that public sector organizations are less likely to do so.

However, local government does have the backing from the public to invest in digital

The general public would not appear to currently have great confidence in the local government’s current ability to embrace the digital age however they have seemingly given their blessing for the local government to continue investments.

39% of the general public who completed the survey highlighted their preference for engagement with local government would be through a digital platform, as opposed to the 24% who would prefer the telephone and 28% who would rather engage in person. Unfortunately, while digital is the most popular option for engaging, only 37% were satisfied with the current digital access to local government, down from 38% in last year’s research.

cyber security, Intel, News & Analysis, Threat Detection

CIOs prioritize collaboration to increase security – Intel

a safe place to workIntel Security has released new findings which claims CIOs are targeting collaboration as a means to shore up defences against cyber threats.

Respondents to the survey believe their own organizations could be between 38-100% more secure if threat management and incident response personnel and systems could simply collaborate better. The team believe collaboration is one area which is often overlooked, with decision maker’s often favouring new threat detection or prevention tools, though security operations’ effectiveness can be increased through better collaboration between silos within the organization.

“Threat management contributions are almost evenly spread among different roles, but there are some notable areas of specialization,” the company stated in its “How Collaboration Can Optimize Security Operations” report. “Every handoff or transition can add significant operational overhead—along with the potential for confusion and chaos and delays in responding. But, on the upside, there is also huge potential for collaboration and increased efficiencies.”

The report states CIOs are still prioritizing new tools as a means to shore up their own perimeters, though collaborations technologies were not far behind in the rankings. 40% of the respondents highlighted their spend would be prioritized on better detection tools, 33% pointed towards preventative tools and 32% said improved collaboration between SOC analysts, incident responders and endpoint administrators.

One of the main challenges for these organizations is the process, accuracy and trust in communication. For a number of organizations data is shared manually and potentially reprocessed several times, increasing the possibility of inaccuracy. Automated collaboration tools ensure data is shared quickly and accurately through an array of different functions and responsibilities. “Trust arises from good communication, transparency, and accountability, all of which engender confidence in the outcome,” the report states.

The number of tools being used within these organizations is also a challenge, as data is often transferred between or collected centrally manually. The average number tools companies use to investigate and close an incident is four, though 20% of the respondents said they can use up to 20 different products to achieve the same aims, further increasing the challenge. Though larger and more geographically diverse organizations will by definition use more tools, the same principles of collaboration and automation apply, and in theory could increase the security of an organizations perimeter.

“Tougher new EU data privacy regulations, which are currently in the process of being modernized, will be implemented in 2017,” said Raj Samani, EMEA CTO for Intel Security, in the report. “Organizations will be legally required to implement a security architecture that ensures a secure and trustworthy digital exchange of data throughout the EU. Data privacy needs to be assured at every level and across the entire infrastructure. In light of that, improved incident investigation and response processes that bring together collaborative tools and teams are imperative.”

While most organizations are answering the threat of more advanced cyber threats with the implementation of more advanced defence solutions, collaboration is an area which could be seen as a complementary means. Collaboration can contribute to real-time visibility for various teams, improve execution capabilities, as well as speed of response.

CIO Focus Interview, cyber security, Featured, IT Transformation

CIO Focus Interview, Peter Weis, Matson Navigation

CIO Focus InterviewFor this CIO Focus Interview, I got to speak with Peter Weis. Peter has over 15 years of global CIO experience, and is currently VP and CIO of Matson Navigation, a $1.7B, publicly traded, global transportation and logistics company. At Matson, Peter leads a global IT organization that is responsible for strategy, software development, infrastructure, high-availability operations and all levels of IT governance. Peter is an experienced speaker on leadership, technology, and supply chain topics, and has lectured at both the Haas School of Business at UC Berkeley and at San Francisco State University. He holds an M.B.A. with Honors from the Wharton School and a Bachelor’s degree from UC Berkeley’s Haas School of Business. Furthermore, Peter was a 2014 inductee into the CIO Hall of Fame. You can find Peter on Twitter and also hear more from him on cio.com!

Ben: Could you give me some background on your career?

Peter: I did my undergraduate studies at UC Berkeley and followed that up by getting an MBA at the Wharton School. I entered my first management role at age 26 and became a CIO for the first time at 36 at a global 3rd party logistics company. I’ve spent my career at a mix of both start-up and Fortune 500 companies. In late 2003, I was lured out of the start-up world to Matson Navigation. It took me a while to accept the position because I was still happy in the startup world and wasn’t initially convinced that a traditional and successful 125 year-old company was committed to innovation. Ultimately though, I saw it as a unique opportunity to lead a game-changing IT transformation and have now been here for 12 years. I also write and speak at conferences and give guest lectures at UC Berkeley.

Ben: What about a little background on your company?

Peter: Matson is a $2+ billion publicly traded global transportation and logistics company. We were founded in 1882, believe it or not, providing products to Hawaii. Although we’re now far broader in scope and cover much of the Pacific region, Hawaii remains our most important market. Our culture, processes and technology are all built around world-class operations and customer service in what has become an increasingly commoditized industry. As a result, we’ve been ranked as the number one ocean carrier in the world for the past two years, both overall and in information technology.

Ben: What sorts of projects have you been working on?

Peter: We recently finished a complete IT transformation that replaced 100% of our enterprise applications, our underlying architecture and our governance processes. Our legacy mainframe and AS400 systems are gone. We’re now fully virtualized and cloud-enabled and can now run our business in the cloud. By making this shift, we are in a position to reduce our IT managed services costs by over 80%. Most companies of any scale are wrestling with these legacy and obsolescence issues, so it’s gratifying to have completed this transformation. We also recently made a major acquisition that enables Matson to enter the Alaskan market. As a result of completing this IT transformation prior to the acquisition, the integration of this $450M acquisition is now expected to be completed in 5 months.   In a legacy environment, this integration would likely have taken 18 months and cost millions more than it did. This is a big win for Matson.

Ben: What goals do you have for 2015?

Peter: Now that we’ve finished transforming what had been a traditional IT environment, it’s now time to go on offense by leveraging what we already consider to be the best technology stack in our industry.   So, we’re now focusing on further enabling growth, reducing operating costs and responding more quickly to innovation opportunities. In fact, we’ve formed a dedicated innovation team which is led by several of our top performers. Their sole focus is innovation and widening the gap between Matson and our competitors. In order to do that, we need to be faster and more agile. We now think in terms of weeks and months in delivering innovation instead of years.

Ben: Which areas of IT do you think are having the biggest impact on the industry?

Peter: I would say cloud migration and cyber security. With the cloud, there’s a gap between vision and reality, and most companies are constrained by legacy environments that aren’t conducive to cloud technologies. CIO’s are struggling with how to fulfill the promise of better responsiveness at lower costs that cloud solutions offer, but they don’t know how to close this legacy gap. There is no easy solution, but those companies that find their way to the cloud will have real structural advantages over their competitors.

Regarding cyber security, the industry just doesn’t know what to make of the hype versus the reality. Every CIO feels the risks, but most are unsure of the right strategy to pursue, given that solutions today are so young and fragmented. As a result, CIO’s are feeling behind the curve. The problem is real, but the correct vision and necessary skill sets have not yet matured. If you look at the enterprise technology stack, the winners are clear. In cyber security though, the winning solutions are not yet clear. My company isn’t in finance or healthcare, so our risk profile is lower than it is for some. At the same time, in the age of the mobile, digital business, we are all at risk. After a difficult search, we’ve actually just hired a leader to drive our enterprise information security strategy.

Ben: Could you talk about the importance of a strong relationship between the CIO and the business? Has your experience getting degrees in business helped you in this regard?

Peter: Speaking the language of the executive team is very important. Their language isn’t LAN, WAN, or SaaS; it’s largely corporate finance. The traditional IT career path doesn’t teach managers the language of business, which creates a gap that all great IT leaders must close. Yes, my business training has certainly proven to be valuable, as I’ve learned the language of the boardroom. It’s also helped my personal brand as I’ve become more involved in assuming a commercial role at Matson, where I can more directly affect the company’s bottom line.

Ben: On a more personal level, which areas of technology interest you the most?

Peter: I’d say it’s the challenge of transforming the enterprise experience to be more like a consumer experience. I’m talking about customer facing enterprise applications that look and act like consumer apps. The consumer marketplace is teaching us what enterprise users and customers desire, and we need to watch, listen and incorporate these lessons more fully into our business solutions. Nobody gets trained on using an iPhone app, right?   Now, imagine rolling out enterprise software with no training! That’s our goal. The market has told us where to go, and that’s where we’re headed over the next 3 to 5 years.

 

 

By Ben Stephenson, Emerging Media Specialist