ADS BY GOOGLE
From the Blogosphere

‘FDA tells hospitals to stop using a pump that is vulnerable to hackers.’.This headline was all over the internet and news this weekend, with the pump in question being a medical infusion pump that automatically administers dosages of medication to patients in a hospital. A vulnerabili...
The concept of cloud backup has been around awhile and seems well-understood: For a monthly fee, a third-party vendor will back up your business data and store it “in the cloud” (network of servers) so it can be retrieved on demand at a later date. What is less well-understood is th...
Today’s business ecosystems span across multiple organizations, security perimeters and trust zones, increasing the number of attack vectors. With the migration of enterprise applications to the cloud, attack surfaces have expanded significantly. Compounding the problem, today’s wave o...
The world of software is completely crazy about automation. Thanks perhaps to DevOps, if anything, the mania is increasing. Some companies are eliminating the tester role in favor of tools smiths with programming experience who can build frameworks; sometimes this is called "developer ...
The mobility and flexibility of modern business practice has created a demand to extend any application to virtually anyone. While this can bring many benefits to organisations, such as enabling employees to work remotely, cutting costs by using the cloud to simplify IT deployment and ...
At the outset, Hyper convergence looks to be an attractive option seemingly providing lot of flexibility. In reality, it comes with so many limitation and curtail the flexibility to grow the hardware resources such as server, storage, etc independent of each other. In addition, perform...
Public perception of privacy and security in the post-Snowden era has changed, leading to end users caring vastly more about the topic. Last year, there were more breaches than ever before; ad-tracking technology has grown and will keep growing, collecting more and more data; and aware...
The lines between the corporate network and Internet are getting increasingly blurry. As companies rely on the cloud, employees become more mobile and there is a rise in third-party users who need access to certain applications or resources. Traditional network perimeters, VPNs and the...
Cloud security is at the top of every CIO’s list. It is also the first subject that comes up when you engage in a discussion about the cloud. For those of us who followed the recent Ashley Madison story (from a tech perspective), you would agree that while the breach happened for so ma...
In 2011, then United States CIO Vivek Kundra released the US Federal Cloud Computing Strategy [1]. In the executive summary he pointed to cloud computing as a key component of the US Federal Government’s information technology modernization efforts: “Cloud computing has the potential ...
Disaster Recovery isn’t a new concept for IT folks. We’ve been backing up data for years to offsite locations, and used in-house data duplication in order to prevent the risks of losing data stores. But now that cloud adoption has increased, there have been some shifts in how tradition...
There’s really an unlimited number of ways in which programmability in the network (data path scripting) can solve problems, address risk, and simplify architectures. In the area of DevOps it can be used to facilitate continuous delivery (CD) initiatives by supporting the implementatio...
One of the great challenges of cloud computing is the seemingly endless possibilities it provides. Yes, you read that right. The perceived infiniteness of the cloud is both an asset and a challenge, especially when it comes to the healthcare industry. With its strict regulations rega...
In 2011 the US Federal Government issued a Cloud First policy mandating that agencies take full advantage of cloud computing benefits to maximize capacity utilization, improve IT flexibility and responsiveness, and minimize cost. Cloud computing is a design style that allows for effici...
As a class of business, IT providers may be hip to risk as a matter of course, but they aren’t exempt from the rules of the game and, given their special position in the information security ecosystem, attacks directed their way can be enormously consequential. Hacking doesn't happe...
After the deluge of data breaches in 2014 and more emerging every day, security is without a doubt a top strategic initiative for just about every enterprise in 2015. Along with top-notch security, it is imperative for organizations – particularly cloud-driven ones – to also have leadi...
Ski helmets, seat belts, and encryption. What comes to your mind when you read these words? You may immediately think “safety,” and you’d be right, but how about “speed enablers”? At first blush, that may not be the first concept that comes to mind, but there’s a pretty compelling c...
Many organizations’ virtualization strategies begin and end with deploying VMware vSphere or Microsoft Hyper-V to virtualize as many servers as possible. But there’s so much more that an enterprise can do to extend the benefits of virtualization. In addition to virtualizing, a workflow...
One of the first considerations that IT managers struggle with is how to handle security and compliance. Both security and compliance are aspects of a larger, more strategic concern: governance. Governance essentially represents a set of processes for creating, communicating, and enfor...
It seems like every time I write a blog, a new breach has occurred (for an up-to-date look at local, state and federal breaches I suggest you periodically review the Identity Theft Resource Center’s running list). Since I last penned a post, we’ve seen breaches of the Mayo Clinic, Citi...
Most home security systems have a panic button - if you hear something go bump in the night you can push a panic button to starts the sirens wailing, call the cops and hopefully sends the bad guys scurrying. As useful as this is for home owners, enterprises need a security panic button...
The majority of an organization’s revenues are dependent on suppliers, distributors and other third parties. But as Benjamin M. Lawsky, New York State’s Superintendent of Financial Services, points out: “Unfortunately, those third-party firms can provide a back-door entrance to hackers...
Picking up a newspaper and turning on the TV, one is instantly confronted with news of yet another cyber hack. With cyber attacks headlining the news, millions of people are concerned with whether their personal information has been breached. These attacks are becoming more and more so...
Recent unauthorized access to a U.S. government database led to thecompromise of information on at least 21.5 million individuals. This massive background investigation data breach also compromised usernames, passwords, mental health records and financial information. Although a securi...
Do the ‘darker’ channels and means that exist for searching the web in anonymity ultimately spell doom for the wider march towards open data? So-called ‘open data’ is supposed to be an instrument for breaking down information gaps across industries and letting companies share benchmar...
SYS-CON Events announced today that Logz.io has been named a “Bronze Sponsor” of SYS-CON's @DevOpsSummit Silicon Valley, which will take place November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Logz.io provides open-source software ELK turned into a log analy...
It's been three years since I compared medieval security to web security, and a few things have happened. Mobile and wireless have evolved as the dominant platforms, while the life between personal computing and business computing has continued to fray. And, of course, thanks to web se...
The cyber security, resiliency and accountability of IT systems at financial services organizations is rarely out of national headlines. Firms that operate in the financial space hold extremely sensitive data, so therefore attackers usually consider the effort and risk of attacking th...
The Federal Government’s “Cloud First” policy mandates that agencies take full advantage of cloud computing benefits to maximize capacity utilization, improve IT flexibility and responsiveness, and minimize cost. The Federal Risk and Authorization Management Program (FedRAMP) is a mand...
I spent a few days in New York City last week attending a couple of meetups, including speaking at a New York City Web Performance Meetup on Thursday night. I had several great conversations around real user monitoring, data science and analytics, and, of course, testing in production ...
A recent purchase of mine was a 2015 Jeep. Until now, I thought it was a safe and reliable car, but that is not the case anymore. As technology advances and cars become smarter and more technologically savvy, they become another target for hackers. Imagine speeding down the highway,...
Access is everything. It is the fundamental pillar that determines whether critical enterprise assets are safe or exposed. Knowing the answers to the questions of who is accessing what, where they are accessing that information from, why they are accessing that information and, finally...
Here at the XebiaLabs we care a lot about quality. That means we have to do a lot of testing for our products. Since we have a relatively small development team, and a code base that grows rapidly, that means we have to automate our tests. To get an impression, for XL Deploy, we have a...
How do you securely enable access to your applications in AWS without exposing any attack surfaces? The answer is usually very complicated because application environments morph over time in response to growing requirements from your employee base, your partners and your customers. ...
Today’s case of Ashley Madison getting hacked and literally being kept at ransom is a classic case of something not very new, but something we need to take a look at with a fresh set of eyes. It’s not all the trouble all their customers will get into that I’m talking about, but the mer...
It’s easy to invent additional C-suite job title designations. We might conjure up Chief Data Analytics-Insight Officer (CDAIO - pronounced “see-day-oh”) for example. Equally, we can see that the role of the CIO quickly gained additional layers some time ago – and we now see the CSO (...
Software-Defined Networking (SDN) is one of the most interesting developments in networking to emerge in the last decade. The potential to establish a simplified infrastructure and leverage software to dynamically modify existing flow characteristics has the potential to address many c...
Cyber warfare is not a futuristic theory being discussed on one of the military channels by some obscure software architect anymore. It is a common occurrence in today’s global economy and it appears some are trying to test the electronic defenses we have set up on the Internet. The q...
The concept of "shifting left" for appropriate IT concerns is growing. The notion is basically to shift more into the app dev delivery pipeline functions that, when applied earlier, can result in greater stability and security of the resulting code. Security is one of those functions t...
The cloud isn’t a fad. Businesses that don’t make the move are falling behind the competition. According to a recent ComputerWorld study, more than 40% of IT executives said that their organizations will spend more on Software as a Service (SaaS) and a mix of public, private hybrid and...


ADS BY GOOGLE