The Security for Business Innovation Council (SBIC) just released a new special trend report titled, “Information Security Shake-Up” containing predictions for continued cyber security turmoil in 2013. The report assesses how innovations such as big data analytics, cloud computing, enterprise mobility, and social media are rapidly transforming the way enterprises conduct business, will change the face of IT, and will greatly impact the foundation of information security strategies. With the accelerated adoption of cloud, social media and mobile capabilities in the enterprise, it is clear that every organization’s attack surface will continue to become broader and more complex, and the enterprise security perimeter will completely dissolve.This SBIC trend report offers high-level, actionable strategies to help inform key decision makers and assist enterprises to address the challenges of these megatrends affecting information security programs. From my perspective, there are five key issues on which security professionals should focus in the report.BIG DATA AS A WAY OF LIFEIf you do nothing else in 2013, stop thinking that “big data” is a buzzword, and start realizing that it will be a way of life for you as a security professional. First and foremost information security programs must get into the information business in a very big way. Security programs must evolve in 2013 from traditional reactive perimeter and signature-based approaches for managing malware, network threat detection, and security controls management, to an agile approach that relies on the power of big data and intelligence-driven analytics. The goal is to always understand the risks to the most important business assets in whatever context they may exist – cloud, mobile, or traditional data center – and to protect them accordingly. To succeed, security leaders must invest in intelligence-driven strategies that harness the power of big data analytics and agile decision support.CONSULTANT TO THE BUSINESSWe security professionals have worked for years to have our voices heard regarding the threats facing IT and business from many different directions. Now that the enterprise is listening, we must be seen by the business and by IT as BOTH protectors of the realm and as enablers of innovation rather than inhibitors. As information security evolves from an IT-focused to a business-focused problem, security teams must develop the required consultative skillset to “speak the language of business.” I know you may groan when you hear this phrase, but it’s not about an ROI model necessarily, it’s about the ability of infosec pros to discuss the importance of a business initiative in clear, exemplary, and decisive terms with a business leader, and achieve a shared view of the value of information security investments. More and more, the performance of security teams should be measured on their ability to tie security programs to business outcomes.TOP DOWN SUPPORT? HOW ABOUT FROM THE MIDDLE OUT?As we begin 2013, an improving number of C-suites and Boards understand the importance of information security. Many CISOs have the ears of their executive leadership, and information security gets support in many cases from the top. The members of the SBIC report that current resistance to information-security efforts is two levels down from top. Middle managers who are not immediately convinced that they wish to allocate scarce resources to security. They are incentivized by timeline and budget, and integrating security can run counter to their objectives. To be successful in 2013, building upon the Consultant to the Business theme, security teams need to build relationships with middle managers, helping them understand the value of information security, and building a coalition of support within that layer of management. The SBIC Council thinks this may be a harder nut to crack than the C-suite.SUPPLY CHAIN SECURITY CHALLENGESMost organizations are both a supplier and are supplied by someone – in most cases by many. Where are the weak security links in that chain? In our interconnected world, organizations must be able to demonstrate that they are a trustworthy supplier, whether it’s commercial IT services such as banking, or electronic systems as part of a manufactured good. We’re seeing heightened interest in organizations developing multi-tiered programs to evaluate and demonstrate the integrity of the entire IT supply chain, downstream and upstream of your organization.CLOUD, MOBILE AND SOCIAL MEDIA… OH MY!Enterprise use of cloud, social media and mobile technologies will only increase, and it’s up to security leaders to either find a way to innovate and transform security programs or fall behind their organizations, thus opening up dangerous security gaps. This train left the station a long time ago. If you are waiting for a silver bullet to resolve BYOD, cloud security, or social media nightmares, you might also be waiting for AV to start working again too. The point is: start breaking these problems into bite-size pieces. None of these areas are monolithic. Each has sub-problems that can be tackled while working to find innovations in other areas. Work on the GRC problem, or the network visibility angle, or find a way to get intelligence about your social media attack surface.Have a great 2013!
For many CIOs and IT leaders, waking up each day must feel like being in A Tale of Two Cities that begins, “It was the best of times. It was the worst of times.”Never before have there been so many ways to leverage the power of technology to solve business challenges, but these are balanced against the demands that everything happen faster than before. For the modern CIO, the new mandate is to build and leverage platforms that enable quickly turning great business ideas into great business execution.For many companies, the journey to enable and empower these platforms has been ongoing for several years. What may have started as a plan to build a private cloud to reduce costs for traditional applications has now evolved to include the need to enable new web and mobile applications to satisfy internal and external needs. These expansive needs are not only transforming IT from an enabler to a provider (ITaaS), but also setting the foundation to change the competitive business landscape for many companies.For example, automobile companies must focus as much on in-car technology experiences as they do fuel efficiency. Insurance companies must be both mobile application developers (online claims) and big data scientists (real-time analytics). There are examples like this across every major industry, and technology is the catalyst for redefining differentiation and success. Being able to keep up with these new demands, while still maintaining existing environments is pushing many IT organizations to seek a hybrid model, one that creates the best balance of speed, agility, risk management and cost competitiveness.The new hybrid model is often called Hybrid Cloud. It brings together the best of private cloud (security, performance, reliability) with the best of external service provider resources (OPEX, on-demand resources). But it’s not just about creating visibility and leverage across internal and external resources. For the new hybrid model to succeed, it must also provide the framework to empower IT and business across multiple types of applications. It cannot create new silos.At EMC, we are redefining the new hybrid model. Our Cloud solutions not only establish a new level of automation and control for well-run private cloud environments, but they have been designed to seamlessly integrate with the new applications that are transforming the business. This hybrid model also provides the flexibility to run those applications across many clouds all without IT losing any visibility.Welcome to the new IT wake up call, “It was the best of times. It was the best of times.”
Today’s digital enterprises are expected to drive new levels of consumer and workforce engagement, business efficiency and operational excellence. Yet, most organizations are challenged with rapidly expanding and complex business environments, including the exponential growth of regulatory and legal requirements across a much wider range of unstructured data. How can organizations build a foundation of compliance and security while undergoing digital transformation? Enter EMC…On the heels of EMC’s position as a Leader in the recent Gartner Magic Quadrant for Enterprise Content Management (ECM), I’m pleased to share that Gartner has once again recognized EMC’s offerings in its first-ever Critical Capabilities for Enterprise Content Management: Compliance and Records Management report, published on December 8, 2015.With the expanding compliance and legal challenges faced by both regulated and unregulated industries, this Gartner report signifies the ever-increasing importance of comprehensive content management. We believe we continue to demonstrate a leadership position in this industry, as evidenced by the fact that EMC received among the highest scores for retention policies and schedules, regulations/certifications and imaging. In addition, EMC products or services scored 4.10 out of a possible 5.0 for regulatory compliance and 4.06 out of 5.0 for long-term digital records preservation.With our rich heritage, we understand records and compliance management is a discipline that provides great business value. This includes everything from preservation of vital records, legal discovery and accessibility, through the creation and dissemination of policies and retention schedules, and extending to other essential functions that reach beyond safeguarding information assets. By offering this comprehensive set of next-generation ECM technologies, our focus is on shaping solutions that meet all of the content management needs of the digital economy. It’s also on creating agile digital governance structures that customers can trust as they adapt and adopt new digital strategies.EMC consistently leads the way in the content management industry and that’s why we continue to be on the short list of leading ECM vendors. And the numbers don’t lie. Our Documentum ECM product portfolio, including the Documentum Records Suite, provides a comprehensive solution that has the strength and capabilities required to manage critical enterprise content in this era of digital transformation.As your organization undergoes these changes, be sure to ask yourself: is your content in good hands? Have you built a foundation of trust?
*For an update on Dell EMC VxRack with Neutrino, please visit this blog.Cloud Native adoption is driven by a quest for continuous business innovation leveraging cloud-based services. Hallmarks of continuous innovation include application developers who are fully focused on business objectives rather than IT infrastructure, and IT operations staff who spend the bulk of their time on business priorities rather than keeping the lights on.VxRack System with Neutrino, available stand alone or as part of EMC Native Hybrid Cloud (NHC), is a purpose built system specifically engineered to support the development and operation of cloud native apps running on platforms like OpenStack (available today) and VMware Photon (in the near future). VxRack Neutrino addresses “Do It Yourself” challenges with OpenStack initiatives such as delayed deployments, complexity of operation, and difficulty of achieving stability as highlighted in a recent OpenStack User Survey. With VxRack Neutrino, an OpenStack environment can be provisioned in a matter of minutes, with significantly simplified ongoing operations and upgrades.NHC and VxRack Neutrino empower developers to rapidly build and iterate code in a fully turnkey Pivotal Cloud Foundry developer platform with a full complement of application services, while IT Operations retains full visibility and control of the environment.VxRack Neutrino’s early-adopters include the following examples:An IT service giant in India deployed a NHC engineered solution built on VxRack Neutrino to provide its developers with a way to rapidly provision infrastructure on demand so as to respond to customer requests more quickly, avoiding the complexity associated with do-it-yourself OpenStack efforts.A major North American airline opted for NHC built on VxRack Neutrino to create an advanced DevOps environment that proved faster and vastly superior to alternative vendor implementations.An American retail giant plans to use VxRack Neutrino to move parts of its primary website back on-premises OpenStack based IaaS to reduce their costs for public-cloud and co-location.With NHC and VxRack Neutrino, dedicated cloud native platforms from EMC are enterprise ready, easy to install, and future proofed. As stated by IDC analyst Ashish Nadkarni, “EMC has done all the work to make OpenStack operate very much like any other enterprise-ready infrastructure solution”.
In his Dell EMC World Global Partner Summit keynote yesterday, John Byrne praised the “powerful and amazing” partner community of Dell EMC.“You are everything to us. You are the reason why the channel business exists. My team and I will continue to work our hardest to earn your continued trust and business. That is job number one.”Byrne reinforced the message of one team, of Dell EMC actively seeking input from our channel partners to help build a world-class partner program. A program based on the collective voice of this one extraordinary team.Separately, both Dell and EMC have made “huge progress in the channel,” with the channel representing more than 60 percent of EMC’s business and 40 percent of Dell’s. And today, we stand on the brink of an extraordinary opportunity … An opportunity for both Dell EMC and our channel partners to attack the market, and to win.“Your strengths are our strengths, and our strengths are your strengths.”ShareIn support of the great strength of the Dell EMC channel, the Global Partner Summit keynote session concluded with a celebration of the extraordinary achievements of our global partners: the Dell EMC 2016 Partner Awards.Congratulations to all of the extraordinary Dell EMC 2016 Partner Award winners!NA Regional Partners of the Year:Southwest Partner of the Year – Groupware TechnologyDesert Mountain Partner of the Year – Sanity SolutionsMid-Atlantic Partner of the Year – CandorisSouth Central Partner of the Year – EST GroupGreat Lakes Partner of the Year – Business IT SourceNortheast Partner of the Year – Future Tech Enterprise, Inc.Southeast Partner of the Year – Tiber Creek ConsultingCanadian Partner of the Year – Softchoice CanadaNA Business Partners of the Year:Federal Partner of the Year – Government Acquisitions, Inc.Healthcare Partner of the Year – MoreDirect Enterprise SolutionsMid-Market Partner of the Year – Mojo SystemsSIM Partner of the Year – Paragon MicroSecurity Partner of the Year – Lanair Group LLCEnterprise Solution Provider of the Year – FusionStormNA Program Partners of the Year:US Distributor Partner of the Year – Ingram MicroCanadian Distributor Partner of the Year – Tech Data CanadaNational Solution Providers Partner of the Year – CDWLarge VAR Partner of the Year – WWTPremier Plus Partner of the Year – InsightGlobal Systems Integrator Partner of the Year – HCL TechnologiesOEM Partner of the Year – Arrow OCSGlobal Partners of the Year:LatAm Partner of the Year – Centro Especializado de Computacion S.A – CECOMSALatAm Distributor of the Year – Ingram MicroLatAM Solution partner of the year – LTA-RH COMERCIO E REPRESENTAÇÕES LTDAAPJ Partner of the Year – Beijing Kang’s Communication Equipment Co., LTD.APJ Distributors of the Year – Daiwabo Information Systems; SoftBank Commerce & Service Copp.APJ Solution Partner of the Year – LogicalisPartner Nominated Awards:Philanthropic Partner of the Year – InsightSocial Media Partner of the Year – Winslow Technology GroupAgain, congratulations to the winners of the Dell EMC 2016 Partner Awards.As John Byrne said, we are on the verge of something truly spectacular; and together, Dell EMC and our channel partners, “will become the benchmark in the industry … The channel to watch … The channel to beat.”
NEW DELHI (AP) — Popular short-video Chinese app TikTok is cutting its workforce in India after hundreds of millions of its users dropped it to comply with a government ban on dozens of Chinese apps amid a military standoff between the two countries. A TikTok statement expressed the hope the company will get a chance to relaunch the app in India to support hundreds of millions of users, artists, storytellers, educators and performers. The statement didn’t give details, but media reports say it has more than 2,000 employees in India. China says New Delhi is using national security as an excuse to prohibit Chinese mobile apps.
BERLIN (AP) — A draft recommendation from Germany’s vaccination advisory committee calls for offering the AstraZeneca vaccine only to people ages 18 to 64 for now. The committee cites what it says is insufficient data to judge its effectiveness for older people. The European Medicines Agency is expected to approve the AstraZeneca vaccine for use in the 27-nation European Union on Friday. It will be the third cleared for use in the EU after the BioNTech-Pfizer and Moderna vaccines. AstraZeneca said after Thursday’s release of the German advisory committee’s draft that “the latest analyses of clinical trial data for the AstraZeneca/Oxford COVID-19 vaccine support efficacy in the over 65 years age group.”
CANBERRA, Australia (AP) — Australian police say they have found no evidence of criminal misconduct in money transfers from the Vatican that a financial agency mistakenly inflated by almost $1.8 billion and fueled corruption speculation. Australian Federal Police investigated the transfers to Australia that the country’s financial intelligence agency, Austrac, reported to the Senate in December amounted to $1.8 billion over six years. Austrac last month revealed it had vastly overstated the sums, blaming the miscalculation on a computer coding error. The Vatican said transfers to Australia since 2014 amounted to $7.35 million and were for legitimate expenses including running its embassy and contractual debts.