SYS-CON MEDIA Authors: Yeshim Deniz, Elizabeth White, Roger Strukhoff, Jason Bloomberg, Pat Romanski

Blog Feed Post

Evolve IP’s Scott Kinka Responds to the Latest USA Today Article


USA Today recently published research showing that 43% of companies have had a data breach.

My response?

It’s an interesting article. Unfortunately, the only actual “reason” mentioned in here is human capital. Front door attacks are designed to fool end users into giving away the keys to the kingdom. And even more unfortunate, is that there is little that we can do on the network security side to ensure that people aren’t fooled.

Many people try to migrate to the cloud rather than start fresh there, which perpetuates many of the hidden dangers of their previous architecture. That’s certainly one thing to leverage. But if you look at this article, it accounts for at most 20% of the breaches. The remainder are employee negligence… Could they have put IT department negligence in here? Possibly, but it doesn’t gel with the point of the rest of the article.

I think the second thing to think about is that resources used in the cloud are easily provisioned, easily torn down and don’t reside on local equipment, so, at the very least, it eliminates or reduces the human element of leaving a laptop behind, physical security of a data center, not locking a local desktop, etc. This is all also happening in an era where BYOD is becoming the norm. If someone doesn’t have a password on their iPad, they receive an email with customer information, and someone picks it up at Starbucks, is the company to blame? Or the employee? Or both? Which leads to Mobile Device Management…

MDM is going to start to drive the discussion in the next few years. Again, you can’t stop people from being purposefully negligent, but you can prevent them from being careless. No password on your iPad, no access to corporate data. Remove your password, wipe all corporate content or the whole device. You also have to consider what applications the business allows for use on these devices for IM, social media, etc., which are now increasingly becoming targets for phishing attacks.

Another topic that has been around forever is DLP (Data Leak Protection). People really haven’t understood what it is and how to use it, but with these numbers swinging so dramatically towards people as the cause of breaches, companies with compliance concerns will be forced to consider a stance on DLP. There are simple solutions that can be added to email servers and other data “exit” points that are not difficult, and can live in the cloud.

Most importantly, it’s education. Companies are just not taking the people element seriously enough. Companies with compliance risk will need to have cyber education programs for employees to identify and understand how hackers are trying to leverage them as a security breach. I fully expect that governance around corporate education may find its way into HIPAA and PCI regulations in the next few years.

How can we leverage all of this? We have to deal with these kinds of issues every day. And while we all may not have easy to buy services yet for all of these items (although several will be released this quarter), we’re watching and are ahead of where our customers can be.

Read the original blog entry...

More Stories By Scott Kinka

Scott Kinka is Chief Technology Officer for Evolve IP. He has spent almost his entire career devising new and simpler ways for companies to acquire and integrate technology. While all of the tech talk these days is about the cloud, he was doing this when it was called ASP (application service provider) or on-demand. Before Scott joined Evolve IP as Chief Technology Officer, he served as Vice President of Network Services for Broadview Networks and ATX Communications. He has been involved in application development, hosting, messaging, networking, unified communications, contact centers, and security. His mission (and specialty) is acting as a translator between technology and business needs.

Latest Stories
Codete accelerates their clients growth through technological expertise and experience. Codite team works with organizations to meet the challenges that digitalization presents. Their clients include digital start-ups as well as established enterprises in the IT industry. To stay competitive in a highly innovative IT industry, strong R&D departments and bold spin-off initiatives is a must. Codete Data Science and Software Architects teams help corporate clients to stay up to date with the mod...
The Japan External Trade Organization (JETRO) is a non-profit organization that provides business support services to companies expanding to Japan. With the support of JETRO's dedicated staff, clients can incorporate their business; receive visa, immigration, and HR support; find dedicated office space; identify local government subsidies; get tailored market studies; and more.
Tapping into blockchain revolution early enough translates into a substantial business competitiveness advantage. Codete comprehensively develops custom, blockchain-based business solutions, founded on the most advanced cryptographic innovations, and striking a balance point between complexity of the technologies used in quickly-changing stack building, business impact, and cost-effectiveness. Codete researches and provides business consultancy in the field of single most thrilling innovative te...
CloudEXPO has been the M&A capital for Cloud companies for more than a decade with memorable acquisition news stories which came out of CloudEXPO expo floor. DevOpsSUMMIT New York faculty member Greg Bledsoe shared his views on IBM's Red Hat acquisition live from NASDAQ floor. Acquisition news was announced during CloudEXPO New York which took place November 12-13, 2019 in New York City.
Atmosera delivers modern cloud services that maximize the advantages of cloud-based infrastructures. Offering private, hybrid, and public cloud solutions, Atmosera works closely with customers to engineer, deploy, and operate cloud architectures with advanced services that deliver strategic business outcomes. Atmosera's expertise simplifies the process of cloud transformation and our 20+ years of experience managing complex IT environments provides our customers with the confidence and trust tha...
With the introduction of IoT and Smart Living in every aspect of our lives, one question has become relevant: What are the security implications? To answer this, first we have to look and explore the security models of the technologies that IoT is founded upon. In his session at @ThingsExpo, Nevi Kaja, a Research Engineer at Ford Motor Company, discussed some of the security challenges of the IoT infrastructure and related how these aspects impact Smart Living. The material was delivered interac...
CloudEXPO has been the M&A capital for Cloud companies for more than a decade with memorable acquisition news stories which came out of CloudEXPO expo floor. DevOpsSUMMIT New York faculty member Greg Bledsoe shared his views on IBM's Red Hat acquisition live from NASDAQ floor. Acquisition news was announced during CloudEXPO New York which took place November 12-13, 2019 in New York City. Our Silicon Valley 2019 schedule will showcase 200 keynotes, sessions, general sessions, power panels, and...
ShieldX's CEO and Founder, Ratinder Ahuja, believes that traditional security solutions are not designed to be effective in the cloud. The role of Data Loss Prevention must evolve in order to combat the challenges of changing infrastructure associated with modernized cloud environments. Ratinder will call out the notion that security processes and controls must be equally dynamic and able to adapt for the cloud. Utilizing four key factors of automation, enterprises can remediate issues and impro...
Intel is an American multinational corporation and technology company headquartered in Santa Clara, California, in the Silicon Valley. It is the world's second largest and second highest valued semiconductor chip maker based on revenue after being overtaken by Samsung, and is the inventor of the x86 series of microprocessors, the processors found in most personal computers (PCs). Intel supplies processors for computer system manufacturers such as Apple, Lenovo, HP, and Dell. Intel also manufactu...
The standardization of container runtimes and images has sparked the creation of an almost overwhelming number of new open source projects that build on and otherwise work with these specifications. Of course, there's Kubernetes, which orchestrates and manages collections of containers. It was one of the first and best-known examples of projects that make containers truly useful for production use. However, more recently, the container ecosystem has truly exploded. A service mesh like Istio a...
When you're operating multiple services in production, building out forensics tools such as monitoring and observability becomes essential. Unfortunately, it is a real challenge balancing priorities between building new features and tools to help pinpoint root causes. Linkerd provides many of the tools you need to tame the chaos of operating microservices in a cloud native world. Because Linkerd is a transparent proxy that runs alongside your application, there are no code changes required. I...
BMC has unmatched experience in IT management, supporting 92 of the Forbes Global 100, and earning recognition as an ITSM Gartner Magic Quadrant Leader for five years running. Our solutions offer speed, agility, and efficiency to tackle business challenges in the areas of service management, automation, operations, and the mainframe.
The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete at launch. DevOps may be disruptive, but it is essential. DevOpsSUMMIT at CloudEXPO expands the DevOps community, enable a wide sharing of knowledge, and educate delegates and technology providers alike.
Darktrace is the world's leading AI company for cyber security. Created by mathematicians from the University of Cambridge, Darktrace's Enterprise Immune System is the first non-consumer application of machine learning to work at scale, across all network types, from physical, virtualized, and cloud, through to IoT and industrial control systems. Installed as a self-configuring cyber defense platform, Darktrace continuously learns what is ‘normal' for all devices and users, updating its understa...
Cloud-Native thinking and Serverless Computing are now the norm in financial services, manufacturing, telco, healthcare, transportation, energy, media, entertainment, retail and other consumer industries, as well as the public sector. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that pro...