main

Application DeliverySecurity

Should Business Risk Mitigation Be A Factor When We Choose Our Suppliers And Manufacturers?

July 24, 2018 — by Daniel Lakier48

supplier-manufacturer-960x640.jpg

This is something that I have struggled with for most of my working life. As a technology professional, it is my job to pick the best products and solutions or to dig deeper to marry that technological decision with one that’s best for my organization. Is it incumbent on me to consider my suppliers’ financials, or their country or origin, or perhaps their business practices?

This thought was thrust sharply into focus during the past few months. First, we were reminded that a sound business still needs to have sound financials. The second warning is around the ramifications of a trade war.

Security

Bridging the Cyber Security Skills Gap

November 7, 2017 — by Radware0

bridging-skills-gap-960x640.jpg

The following is a Q&A with Ron Winward. Ron is a Security Evangelist for Radware, where he helps execute the company’s thought leadership on today’s security threat landscape. Ron brings nearly 20 years of experience in the internet service provider space, most recently as Director of Network Engineering for a global infrastructure and colocation provider. With an expertise in network architectures and DDoS mitigation, Ron has helped design solutions for carriers, enterprises, and cyber security service providers around the world.

Behind every new hack or data breach, there’s a company scrambling to put out the fire. That’s good news for cyber security professionals with the right skills. However, between shortages in qualified security professionals, evolving attack vectors, and new DDoS mitigation capabilities and deployment models, organizations looking to safeguard themselves can be left in a difficult position when it comes to finding the best talent, whether it be in-house or outsourced.

Security

How to Prepare for the Biggest Change in IT Security in 10 Years: The Availability Threat

July 12, 2017 — by Carl Herberger0

availability-threat-960x511.jpg

Availability, or the big “A” is often the overlooked corner of the CIA triad. Perhaps a contributing factor is the common belief among security professionals that if data is not available, it is secure.  Corporate executives have a different opinion, as downtime carries with it a hefty price tag. While today’s corporate risk assessment certainly involves the aspect of availability, it is focused on redundancy, not on security.  Penetration tests, a result of the corporate risk assessment, also fail to test on availability security.  In fact, pen testing and vulnerability scanning contracts specifically avoid any tests which might cause degradation of service, often leaving these vulnerabilities unknown until it’s too late.  Availability is commonly handed off to be addressed by network engineering to design and build resilient networks.  Common risk mitigations in this arena include redundant power, internet links, routers, firewalls, web farms, storage, and even geographic diversity with use of hot, warm and cold data centers.  You get the picture; there is a ton of money invested in building network infrastructure to meet corporate availability requirements.

Security

How are IoT Skills different than IT Skills?

April 27, 2017 — by Carl Herberger1

it-vs-iot-skills-960x640.jpg

I believe by now, most people have come to know the perfect harmony, a revolution, taking place whereby automation and interconnectivity is intersecting newly developed or innovated devices which can be controlled and communicated remotely. This revolution is called the Internet of Things (IoT) and is transforming once-stodgy manufacturers into massive technology giants, old electric companies into the world’s largest interconnected network of lights, meters and transformer stations, and have the possibility to permeate nearly every aspect of our lives, including the ability to transform our love lives and the prospect of our health and quality of living.

Application DeliveryHacksSSL

Network Security Does Not Matter When You Invite the Hacker Inside

March 9, 2017 — by Frank Yue0

outbound-ssl-inspection-960x540.jpg

We build security solutions to protect our networks from the rest of the internet, but do we do anything to protect the network from our own employees and users?  The first line of protection for your networks is not the firewall or other perimeter security device, it is the education and protection of the people that use the network.  People are concerned about having their apartments or homes broken into so they put locks on the doors, install alarm systems, or put surveillance equipment like security cameras around the property.  They are vigilant about making sure that an unauthorized intruder cannot enter the home easily without detection and alarms being raised.

Application Delivery

SCADA Part 2: Mission critical, highly vulnerable, almost un-protectable.

February 16, 2017 — by Daniel Lakier0

SCADA-infrastructure-part-2-960x721.jpg

Hey folks, I’m back with my second installment on protecting the un-protectable:

Last week we discussed the SCADA environment and some of the unique business and technology challenges we face when trying to secure it both from availability and cyber security hazards. The questions you are all asking yourself now are “how did we get here?” “Why would anyone build anything this insecure?” The answer is so simple … we never anticipated these networks would communicate with the outside world. PCD and SCADA environments were meant to be “closed loop” and therefore air-gapped (If you’re air gapped, you don’t need security, right? Ask Iran about the Natanz nuclear facility). If you think about it, that was a perfectly good assumption. Why would factory machinery ever need to access the internet, or a power plant, or an oil rig… I could go on and on. However, this paradigm changed for two reasons.

Application Delivery

The Future of Application Delivery: Hyper-Convergence, Micro-Services AND On-Demand?

January 20, 2016 — by Frank Yue0

application-delivery-future-2-960x505.jpg

I am one of those people that like the concept of instant gratification when shopping.  I like that I can purchase something, and immediately hold it in my hands and use the item, whether it is a piece of technology or a cooking accessory.  This is not unlike what customers expect when they want to access an application on the network.

We live in a hyper-converged, micro-service driven, and on-demand world.  You may agree with that statement, but do we really understand what it means?