Archivo de la etiqueta: security

Cisco, Collaboration, data centre, Financial Results, IoT, News & Analysis, software

Cisco reports 3% growth for Q3 and sets targets on IoT market

Cisco corporateCisco has reported 3% year-on-year growth for Q3, topping $12 billion for the quarter, with its security business leading the charge, though the team have reconfirmed IOT, software cloud and collaboration markets are priorities for the future.

The security portfolio demonstrated revenue growth of 17% while deferred revenue grew 31% driven by the ongoing shift from hardware to more software and subscription services. The Collaboration portfolio grew 16%, while the team were also confident in the performance of its next generation data centre portfolio. The ACI platform grew revenues approximately 100%, exceeding a $2 billion annualized run-rate.

“We delivered strong Q3 results against the backdrop of the Macro environment that continues to be uncertain,” said CEO Charles Robbins. “Despite this uncertainty we executed very well, with revenue growth of 3%. The operational changes we continued to make will further enable our customers to leverage strategic role to network as they transform their businesses to become digital.”

Regionally, the America’s accounted for a 4% lift, whereas EMEA and APJ were slightly less at 2% and 1% respectively. The emerging markets demonstrated healthy results for the business, as BRICs increased by 4%, Mexico by 4%, China up 22% and India up 18%. The team highlighted while there was good growth in the public and service provider segments, the enterprise was not as positive as the team pointed towards pressure driven by macro uncertainty as the reasoning.

The quarter also saw Cisco as one of the more active players in the M&A market, completing five acquisitions over the course of the quarter. The $1.4 billion acquisition of Jasper Technologies now makes Cisco the largest cloud based IOT service platform in the industry, the team claims. Cisco also completed the acquisitions of Acano, Synata, Leaba and CliQr during the period, the latter a $260 million orchestration platform to help customers simplify and accelerate their private, public and hybrid cloud deployment. Cisco had already integrated CliQr with its Cisco Application Centric Infrastructure (ACI) and Unified Computing systems (UCS) prior to acquisition.

“These acquisitions are clearly focused on our key growth areas including IOT, software cloud and collaboration as well as continuing to strengthen our core,” said Robbins.

The IoT market has been a long time target of Cisco, with the Jasper deal adding to the ParStream acquisition last year. The acquisition offered the opportunity for instant analysis of masses of data at the network edge with minimal infrastructural or OPEX repercussions, the company claimed.

Big Data, BusinessObjects, Enterprise IT, News & Analysis, SAP

SAP updates BusinessObjects offering at SAPPHIRE NOW conference

SAP sailingSAP has announced a number of new updates for its analytics solutions portfolio at the 28th annual SAPPHIRE NOW conference.

The company’s business intelligence portfolio, BusinessObjects, will continue to offer solutions on premise and in the cloud, as well as incorporating a number of new features for visualizations and storytelling, data wrangling and blending, geospatial, trend analysis, custom filters, linked stories, notifications and chat.

“SAP is enabling companies to lead in the digital economy by significantly simplifying the platform, providing best-in-class analytics and a superior user experience,” said Stefan Sigg, SVP for SAP Analytics. “SAP BusinessObjects remains the most relevant analytics in the industry — and we offer the best end-to-end capabilities both on premise and in the cloud in the market today.”

One enhancement has focused more on the integration and collaboration efforts of the business, as the offering can now connect and blend existing data sources such as the SAP ERP, SAP SuccessFactors solutions, Salesforce, and Google Drive (amongst others), on a single platform without having to move data into the cloud environment. The offering now also includes predictive analytics capabilities leveraging powerful built-in algorithmic models, to enhance data-driven decision making capabilities.

SAP also updated its BusinessObjects Enterprise offering, which has been mainly designed for on premise analytics. Enterprise organizations have a choice of premium, professional and standard editions, which offer a variety of services including enhancements which make the platform Internet of Things–ready.

The company also launched one of its newest cloud offerings, the Digital Boardroom (see below), which has been built on the BusinessObjects platform. The Digital Boardroom is real-time business intelligence and ad hoc analysis portal, which provides executives with information sourced from all SAP S/4HANA Lines of Business data to provide a “single source of truth for the company”.

Digital Boardroom

Artificial intelligence, Dell, News & Analysis, Security Intelligence, Threat Detection

Dell Security targets small organizations with AI product launch

Dell office logoDell has launched a new AI-based security solution, Threat Defence, which has been designed specifically for smaller organizations with limited or no IT resource.

The new offering utilizes machine learning and AI technologies to prevent threats from entering an organizations perimeter, as opposed to simply detecting them once inside. Dell claims the new offering stops 99% of malware execution, as the machine learning components of the software will adapt and learn from the malware for future threat detection.

“Today’s malware attacks are non-discriminant and can impact organisations of all sizes,” said Brett Hansen, Executive Director for Data Security Solutions at Dell. “Smaller businesses are often at risk as traditional anti-virus and threat protection solutions can be resource intensive or beyond the means of growing businesses. With Dell Data Protection Threat Defence, Dell is addressing the needs of this under-served segment with an effective advanced threat prevention solution that is easy to manage and reflects the multi-platform reality of modern businesses.”

The launch builds on growing security concerns within world of smaller organizations, as a recent survey from Dell claimed 69% of SMB’s state data security is a burden on their company’s time and budget, with 65% holding back mobility plans due to ongoing security concerns. The Threat Defence aims to provide a more secure platform for businesses who want to become more mobile. Although Dell has a healthy reputation for security within the enterprise market, this is seemingly one of the first moves by the company to diversify the customer base, and reach into new market segments.

Additional features include a low-footprint, the company claims only 1-3% of CPU resources will be used, the ability to safe-list certain files and applications which have a tendency to throw out false-positives, as well the ability to upload suspicious files to the cloud for analysis. Through the analysis, Dell can update the software remotely to improve detection capabilities of malware crossing an organizations perimeter.

The offering will be available on a subscription basis in the United States and select countries around the world starting in mid-June 2016.

cloud security, cybersecurity, DNS Firewall, Infoblox, Malware, News & Analysis, Threat Intelligence

Infoblox bolsters off-premise security capabilities

Security CCTV camera in office buildingInfoblox has released its DNS Firewall as a service, extending its services to roaming devices off-premise, which will be available towards the end of 2016.

The new service will offer protection to customers roaming outside the corporate perimeter, as well as within, by offering a single pane of glass for protection from malware and cyberattacks. The cloud-service works through providing actionable network intelligence to customers to strengthen their operational and security postures. It also delivers unified reporting and single-policy configuration, which Infoblox claims are capabilities not available through purely cloud-based DNS services.

“Enterprise networks do not have the luxury of being walled gardens any more, not with employees bringing their own devices and accessing data from everywhere,” said Scott Fulton, EVP of Products at Infoblox. “Infoblox DNS Firewall as a service helps our customers by providing the same industry leading protection for on- and off-premise devices, helping organisations to build enterprise networks that are more available, secure, and smart.”

The offerings capitalize on the threat intelligence technology which Infoblox acquired through buying IID in February 2016. IID was acquired for approximately $45 million as a means for Infoblox to increase its threat detection capabilities, as a means to differentiate Infoblox from other DDI vendors.

IID’s cloud-based platform for threat intelligence federation allows customers to share threat intelligence, which has been highlighted as another potential growth area for Infoblox, though this is a competitive marketplace already. Companies such as iSight already have a healthy presence in the threat intelligence market segment, though Infoblox does have a number of partnerships with these vendors, inherited through recent acquisitions, which the team does not expect to change moving forward.

data centre, Datacentre, hybrid cloud, London, News & Analysis, Virtus

London’s Virtus Data Centres doubles annual revenues

VirtusLondon based Virtus Data Centres has announced it has doubled its revenues over the last twelve months, though the team haven’t released any specific numbers to substantiate the claim.

The company has recorded a healthy number of new customers throughout the period, including T-Systems which runs its private and public cloud operations from the London2 location in Hayes, as part of a five year transition project to close its private data centre in Feltham. Virtus has 40MW of capacity across its three locations, having acquired the London4 site in Slough during the latter stages of 2015 from Infinity SDC.

“Our aim is to combine cutting edge design and technology with transparent and agile commercials to offer the very best tailored solutions and service for our customers,” said Neil Cresswell, CEO at Virtus Data Centres. “This unique approach to data centre service delivery is the reason we see continued growth across all business lines with the likes of T-Systems and Symantec collocating in our leading facilities. It’s been a fantastic start to the year, and one which we seek to improve upon.”

The company, which has been in operation since 2008, offers traditional retail and wholesale colocation models, through three locations in the London area (Enfield, Hays and Slough) will a fourth set to open early next year. Virtus also boasts to have the highest total colocation MW sales of any operator in the London market throughout 2015, according to findings from CBRE, and is only one of four data centre operators in London to have been awarded Tier III design certification from the Uptime Institute. Virtus has also been expanding its credentials and capabilities in recent months, achieving supplier status with the Crown Commercial Service as part of the G-Cloud 7 initiative.

Recent expansion initiatives have been driven through investment from ST Telemedia, which was announced last year in June. As part of the agreement, ST Telemedia will make what it claims is a ‘significant investment’ into Virtus committing to a 49% via a Joint Venture with Virtus’ existing owner Brockton Capital. ST Telemedia has a healthy track record when it comes to data centre companies having launched i-STT in 2000 which was later merged into Equinix (it has now divested), as well as investments in Level 3 Communications and GDS Services.

data protection, News & Analysis, Trustmarque

The top three cloud security myths: BUSTED

a safe place to workThe rise in global cyber-attacks and the subsequent high-profile press coverage, understandably makes businesses question the security of cloud. After all, the dangers of hosting anything in an environment where data loss or system failure events are attributed to an outside source are magnified. As a result, many CIOs are also still struggling to identify and implement the cloud services most suitable for their business. In fact, research finds over three quarters (79%) of CIOs find it a challenge to balance the productivity needs of employees against potential security threats. Moreover, 84% of CIOs worry cloud causes them to lose control over IT.

But is cloud really more vulnerable than any other infrastructure? And how can organisations mitigate any risk they encounter? The reality is that all systems have vulnerabilities that can be exploited, whether on-premise, in the cloud or a hybrid of the two. It’s safe to say that people fear what they don’t understand – and with cloud becoming increasingly complex, it’s not surprising that there are so many myths attached to it. It’s time to clear up some of these myths.

Myth 1: Cloud technology is still in its infancy and therefore inherently insecure

Cloud has been around for much longer than we often think and can be traced as far back as the 1970’s. The rapid pace of cloud development, coupled with an awakening realisation of what cloud can do for businesses, has thrust it into the limelight in recent years.

The biggest issue CIOs have with cloud is their increasing distance from the physical technology involved. Indeed, many CIO’s feel that if they cannot walk into a data centre and see comforting lights flashing on the hardware, then it is beyond their reach. As a result, many organisations overlook instrumentation in the cloud, so don’t look at the data or systems they put there in the same way they would if it were on a physical machine. Organisations then forget to apply their own security standards, as they would in their own environment, and it is this complacency that gives rise to risk and exposure.

Lady Justice On The Old Bailey, LondonMyth 2: Physical security keeps data safe

It is a common misconception that having data stored on premise and on your own servers is the best form of protection. However, the location of data is not the only factor to consider. The greatest form of defence you can deploy with cloud is a combination of strict access rights, diligent data stewardship and strong governance.

Common security mistakes include not performing full due diligence on the cloud provider and assuming that the provider will be taking care of all security issues. In addition, it is still common for organisations to not take into account the physical location of a cloud environment and the legal ramifications of storing data in a different country. Indeed, a recent European Court of Justice ruling found the Safe Harbour accord was invalid as it failed to adequately protect EU data from US government surveillance. Cloud providers rushed to assure customers they were dealing with the situation, but the main takeaway from this is to not believe that a cloud provider will write security policy for you – organisations need to take ownership.

Myth 3: Cloud security is the provider’s responsibility

All of the major public clouds have multiple certifications (ISO27001, ISO27018, ENISA IAF, FIPS140-2, HIPAA, PCI-DSS) attained by proving they have controls to ensure data integrity.

Security CCTV camera in office buildingThe real risk comes when organisations blindly park data, thinking that security is just implicit. Unless the data is protected with encryption, firewalls, access lists etc., organisations remain vulnerable. The majority of cloud exposures can in fact be traced back to a failure in policy or controls not being applied correctly – look at the TalkTalk hack for example, and consider the alternate outcome had the database been encrypted.

Education and ownership is the future

The speed at which cloud is evolving can understandably cause a few teething problems. But it is the responsibility of providers and clients alike to take ownership of their own elements and apply security policies which are right for their business, their risk profile and the data which they hold. As with any technological change, many interested parties quickly jumped on the cloud bandwagon. But the allure of a technology can inhibit a lack of critical thinking, and the broader view of choosing the right application at the right cost, with appropriate security to mitigate risk, is lost. Remember, the cloud is not inherently secure and given the fact it stands to underpin enterprise operations for years to come, it’s worth approaching it not as a bandwagon but as an important part of enterprise infrastructure.

Written by Mark Ebden, Strategic Consultant, Trustmarque

data protection, News & Analysis, Shadow IT, VMware

24% of businesses expect a cyberattack within the next 90 days

Hacker performing cyber attack on laptopResearch from VMWare has highlighted 24% of office workers and IT decision makers believe their organization will be the victim of a cyberattack with the next 90 days, mainly due to the belief that the threats are advancing at a faster pace than a company’s defences.

Although the statistics imply the event of a cyberattack is becoming normalized within the industry, the findings do also suggest investments from enterprise organizations are not meeting the demanding trends of security, as 39% of the respondents believe one of the greatest vulnerabilities to their organisation to a cyberattack is threats moving faster than their defences.

“The issue around accountability is symptomatic of the underlying challenge faced as organisations seek to push boundaries, transform and differentiate, as well as secure the business against ever-changing threats”, commented Joe Baguley, CTO of VMware in EMEA. “Today’s most successful organisations can move and respond at speed as well as safeguard their brand and customer trust. With applications and user data on more devices in more locations than ever before, these companies have moved beyond the traditional IT security approach which may not protect the digital businesses of today.”

While security could be seen as something of a sound-bite for board-level execs in recent months, the importance of spreading cybersecurity awareness and responsibility throughout the organization have been made clear by the IT department. Of the IT decision makers who were surveyed as part of the research, 22% said the board should be most aware of the necessary actions to take following a significant data breach, and 40% said the CEO should be this person.

Industry insiders have commented to BCN in recent weeks that the use of security comments by execs highlighted the importance of cybersecurity has been an effort to appease customers and stakeholders, and there is little follow through in terms of investment in new technologies. Research from the Economist Intelligence Unit also backs up these comments as its own survey said only 5% of UK corporate leaders consider cyber security a priority for their business, contradicting comments made by execs in the press.

Shadow IT was another area which featured in the report, as unauthorized devices and software are seemingly still plaguing IT decision makers throughout the industry. 55% of the IT decision makers surveyed believe their own employees are the greatest security threat a company faces, which is also backed up by the statistics that 26% would use their personal device to access corporate data and almost a fifth, 16%, would risk being in breach of the organisation’s security to carry out their job effectively.

“Security is not just about technology. As the research shows, the decisions and behaviours of people will impact the integrity of a business,” said Baguley. “However, this can’t be about lock-down or creating a culture of fear. Smart organisations are enabling, not restricting, their employees – allowing them to thrive, adapt processes and transform operations to succeed.”

Actifio, data backup, Enterprise IT, News & Analysis, Resilience, Verizon Enterprise

Verizon Enterprise launch cloud backup product with Actifio

cloud puzzleVerizon Enterprise Solutions has launched a new cloud backup service alongside Actifio, aimed at accelerating application development, and improving business resiliency.

The new offering, which will be available to customers using a virtualized environment, to create unified hybrid cloud environment with the aim of making data easier to manage, access and protect. The product will be available for customers in North America in June, and other regions towards the end of the year.

“The complexity of legacy infrastructure limits the ability of many enterprises to innovate around their data,” said Dan Jablonski, Director of Cloud and IT solutions, Verizon Enterprise Solutions. “We chose Actifio’s class-leading copy data virtualisation technology to power this new offering because it means we can now offer customers a simple, single solution to protect, move and store data in our cloud. Together with Actifio, we’re helping clients to be more agile so they can deliver better experiences to their own customers.”

The new offering is built on Actifio’s technology, which it claims will allow customers to move data back and forth between the customer premise and Verizon’s cloud-based infrastructure, allows self-serve instant access to data to improve speed of deployment and improve resiliency and availability by protecting data across the full range of conventional protection use cases.

“Data is the lifeblood of business, and it’s essential to have access to the data and applications you need when and where you need them,” said Ash Ashutosh, CEO of Actifio. “This next step in our relationship with Verizon will enable us to provide exactly that to more customers around the world, more easily and efficiently than ever before. We are thrilled to take this step forward with what is becoming one of our most important and valued cloud service provider partnerships.”

cognitive computing, IBM, IBM Watson, News & Analysis

IBM’s Watson takes aim at cybersecurity

Anonymous unrecognizable man with digital tablet computerIBM has launched a new cloud-based version of the company’s cognitive technology to tackle the rising challenge of cyber security.

The company’s R&D team have recently completed a year-long research program to teach Watson to understand the nuances of security research findings, which can be used to realize patterns and uncover evidence of hidden cyber-attacks which could have been missed. IBM plan to move the security-version into beta test later this year.

Watson’s new capabilities builds on the skills gap within the security job market, but also the idea that big data in a security perspective is too vast for human capabilities. Like other areas of the cloud industry, simple tasks are being automated, allowing employees to concentrate on the more critical areas of the business. IBM claim the average organization deals with 200,000 pieces of security event data per day, with enterprises spending $1.3 million a year dealing with false positives alone.

“Even if the industry was able to fill the estimated 1.5 million open cyber security jobs by 2020, we’d still have a skills crisis in security,” said Marc van Zadelhoff, GM at IBM Security. “The volume and velocity of data in security is one of our greatest challenges in dealing with cybercrime. By leveraging Watson’s ability to bring context to staggering amounts of unstructured data, impossible for people alone to process, we will bring new insights, recommendations, and knowledge to security professionals, bringing greater speed and precision to the most advanced cybersecurity analysts, and providing novice analysts with on-the-job training.”

The new offering is built on Watson’s ability to learn and reason from unstructured data, 80% of which cannot be processed by non-cognitive tools, and IBM claim the offering will learn from a number of different sources including blogs, articles, videos, reports and alerts. The company believe only 8% of this unstructured data is being utilized currently, making the concept of secure almost impossible. Once Watson for Security is released it will provide customers insights into emerging threats, as well as recommendations on how to stop them.

To further enhance the offering, the team have also announced eight partnerships with various universities to train Watson on the language of cybersecurity. The universities include California State Polytechnic University, Pomona; Pennsylvania State University; Massachusetts Institute of Technology; New York University; the University of Maryland, Baltimore County (UMBC); the University of New Brunswick; the University of Ottawa and the University of Waterloo.

containers, Docker, News & Analysis

Docker bolsters security capabilities with Security Scanning launch

DockerDocker has announced the general availability of its Security Scanning product, an offering formerly known as Project Nautilus.

The service, which is available as add-on service to Docker Cloud private repositories and for Official Repositories located on Docker Hub, streamlines software compliance procedures by providing customers with a security profile of all their Docker images. The offering sits alongside Docker Cloud to automatically trigger a series of events as soon as an image is pushed to a repository, providing a complete security profile of the image itself.

“Docker Security Scanning conducts binary level scanning of your images before they are deployed, provides a detailed bill of materials (BOM) that lists out all the layers and components, continuously monitors for new vulnerabilities, and provides notifications when new vulnerabilities are found,” said Docker’s Toli Kuznets on the company’s blog.

“The primary concerns of app dev teams are to build the best software and get it to their customer as fast as possible. However, the software supply chain does not stop with developers, it is a continuous loop of iterations, sharing code with teams and moving across environments. Docker Security Scanning delivers secure content by providing deep insights into Docker images along with a security profile of its components. This information is then available at every stage of the app lifecycle.”

The offering itself splits each Docker image its respective layers and components, and evaluates the risk associated with each one. Risks are reported back to the CVE databases, linked to the specific layer and/or component, but are also monitored on an on-going basis.

New vulnerabilities found during the on-going monitoring process are reported to the CVE database, which will then assess all other software associated with that component/package to improve software compliance across the board. Docker believes software compliance and general risk management can be enhanced through the offering, but also throughout the lifecycle of the software itself.

“With this information, IT teams can proactively manage software compliance requirements by knowing what vulnerabilities impact what pieces of software, reviewing the severity of the vulnerability and making informed decisions on a course of action,” said Kuznets.

The offering is now available to all customers, with Docker currently offering a three month free trial.

Docker Security