recentpopularlog in

jonerp : security   154

« earlier  
IBM’s 2018 Data Breach Study Shows Why We’re In A Zero Trust World Now
"The report is a quick read and the data provided is fascinating. One can’t help but reflect on how legacy security technologies designed to protect digital businesses decades ago isn’t keeping up with the scale, speed and sophistication of today’s breach attempts. The most common threat surface attacked is compromised privileged credential access. 81% of all breaches exploit identity according to an excellent study from Centrify and Dow Jones Customer Intelligence, CEO Disconnect is Weakening Cybersecurity (31 pp, PDF, opt-in)."
business  featured  posts  technology  software  trends  &  concepts  centrify  cybersecurity  enterprise  security  ibm  2018  cost  of  a  data  breach  study  louis  columbus  next-gen  access 
3 days ago by jonerp
Report analysis – AI and automation raises the stakes on IT security skills
"AI and automation will transform security, right? Not so fast. A new report indicates the problem comes back to a human skills gap. And, in my view, a culture problem. Here's my review of the data - and potential solutions."
digital  skills  and  training  governing  identity  privacy  security  machine  intelligence  ai 
6 days ago by jonerp
Federacy wants to put bug bounty programs in reach of every startup
"“We think that we can make the biggest impact by making the platform free to set up and incredibly simple for even the most resource-strapped startup to extract value. In doing so, we want to expand bug bounties from probably a few hundred companies currently — across Bugcrowd, HackerOne, etc. — to a million or more in the long run,” William Sulinski told TechCrunch."
developer  security  startups  bug  bounty  programs  federacy  ycombinator 
7 days ago by jonerp
Human Resources Firm ComplyRight Breached
"Cloud-based human resources company ComplyRight said this week that a security breach of its Web site may have jeopardized sensitive consumer information -- including names, addresses, phone numbers, email addresses and Social Security numbers -- from tax forms submitted by the company's thousands of clients on behalf of employees."
a  little  sunshine  data  breaches  tax  refund  fraud  complyright  breach  efile4biz.com  equifax  experian  ip  pin  security  freeze 
27 days ago by jonerp
Zero Trust Security Update From The SecurIT Zero Trust Summit
"Identities, not systems, are the new security perimeter for any digital business, with 81% of breaches involving weak, default or stolen passwords. Tom Kemp, Co-Founder, and CEO, Centrify, provided key insights into the current state of enterprise IT security and how existing methods aren’t scaling completely enough to protect every application, endpoint, and infrastructure of any digital business. He illustrated how $86B was spent on cybersecurity, yet a stunning 66% of companies were still breached. Companies targeted for breaches averaged five or more separate breaches already. The following graphic underscores how identities are the new enterprise perimeter, making NGA and ZTS a must-have for any digital business."
business  featured  posts  technology  software  byline=louis  columbus  centrify  cio  cso  cybersecurity  machine-learning  based  security  next-gen  access  nga 
5 weeks ago by jonerp
Over 20,000 Container Management Dashboards Are Exposed on the Internet
"A recent study by cloud security firm Lacework found over 22,000 publicly exposed container orchestration and API management systems, about 300 of which could be accessed without any credentials and gave attackers full control or remote code execution capability on containers."
news  technology  top  stories  containers  kubernetes  security 
6 weeks ago by jonerp
Analytics Are Empowering Next-Gen Access And Zero Trust Security
"Machine learning-based NGA platforms including Centrify calculate a risk score that quantifies the relative level of trust based on every access attempt across an IT infrastructure. NGA platforms rely on machine learning algorithms to continuously learn and generate contextual intelligence that is used to streamline verified user’s access while thwarting many potential threats ― the most common of which is compromised credentials. IT security teams can combine the insights gained from machine learning, user profiles, and contextual intelligence to fine-tune the variables and attributes that calculate risk scores using cloud-enabled analytics services.
business  featured  posts  technology  software  byline=louis  columbus  centrify  analytics  service  next-gen  access  nga  verizon  mobile  security  index  2018  report  zero  trust 
6 weeks ago by jonerp
Beyond Sapphire Now – DSAG on how SAP licensing must evolve
"SAP licensing and indirect access took a back seat at Sapphire Now. But as Andreas Oczko of DSAG explains, this is far from over. In this diginomica exclusive from Orlando, Oczko gave his view on SAP's document pricing announcements - and what needs to happen next."
digital  enterprise  in  the  real  world  transformation  -  frictionless  governing  identity  privacy  and  security 
8 weeks ago by jonerp
Three Ways Machine Learning Is Revolutionizing Zero Trust Security
"Zero Trust Security provides digital businesses with the security strategy they need to keep growing by scaling across each new perimeter and endpoint created as a result of growth. ZTS in the context of Next-Gen Access is built on four main pillars: (1) verify the user, (2) validate their device, (3) limit access and privilege, and (4) learn and adapt. The fourth pillar heavily relies on machine learning to discover risky user behavior and apply for conditional access without impacting user experience by looking for contextual and behavior patterns in access data."
business  featured  posts  technology  software  centrify  enterprise  security  louis  columbus  machine  learning  next-gen  access  zero  trust  zts 
11 weeks ago by jonerp
The I in AI is dumb leading to incrementalism not transformation
"A plethora of conflated terms - AI, ML, DL along with transformation are not helping decision-makers to chart a path to build more efficient and effective business models. Time to step back."
analytics  planning  and  data  analysis  digital  transformation  -  frictionless  enterprise  future  of  work  governing  identity  privacy  security  machine  intelligence  ai  deep  learning  dl  ml 
12 weeks ago by jonerp
Salesforce, Hive and Aston Martin downplay GDPR angst – ‘it’s the bare minimum, not the gold standard’
"Speaking this week at the opening of Salesforce’s new Innovation Centre in London, the companies discuss the upcoming GDPR deadline."
digital  enterprise  in  the  real  world  governing  identity  privacy  and  security  regulation  use  cases 
may 2018 by jonerp
Xage introduces fingerprinting to protect industrial IoT devices
"You may be wondering where the blockchain comes into this, but imagine a honey pot of these fingerprints were stored in a conventional database. If that database were compromised, it would mean hackers could have access to a company’s entire store of fingerprints, completely neutering that idea. That’s where the blockchain comes in."
blockchain  distributed  ledger  enterprise  security  startups  digital  fingerprinting  duncan  greatwood  industrial  iot  xage 
may 2018 by jonerp
How Zero Trust Security Fuels New Business Growth
"Zero Trust Security (ZTS) strategies enabled by Next-Gen Access (NGA) are indispensable for assuring uninterrupted digital business growth, and are proving to be a scalable security framework for streamlining onboarding and systems access for sales channels, partners, patients, and customers of fast-growing businesses."
business  featured  posts  technology  software  byline=louis  columbus  enteprise  security  gdpr  next-gen  access  zero  trust 
may 2018 by jonerp
Here’s how we plan to be GDPR compliant
"We're making ready for GDPR compliance. Here's abroad outline for what we're doing - starting today. "
data  privacy  governing  identity  and  security  regulation 
may 2018 by jonerp
83% Of Enterprises Are Complacent About Mobile Security
"The study found that the accelerating pace of cloud, Internet of Things (IoT), and mobile adoption is outpacing enterprises’ ability to scale security management, leaving companies vulnerable. When there’s a trade-off between the expediency needed to accomplish business performance goals and security, the business goals win the majority of the time. 32% of enterprises are sacrificing security for expediency and business performance, leaving many areas of their core infrastructure unsecured. Enterprises who made this trade-off of expediency over security were 2.4x as likely to suffer data loss or downtime."
featured  posts  technology  software  louis  columbus  mobile  security  verizon  wi-fi  zero  trust 
april 2018 by jonerp
Zuckerberg v Congress – how to waste four minutes of your life and miss the point
"Facebook CEO Mark Zuckerberg got a couple of tougher questions on day two of his appearance before Congress, but the demands of political grandstanding let him off the hook in the main."
data  privacy  governing  identity  and  security  regulation 
april 2018 by jonerp
Enterprise hits and misses – GDPR looms, Facebook squirms, and SAP gets direct about indirect
"This week: with GDPR looming, Facebook sits on the regulatory hot plate. Plus: a rebuttal of Microsoft's Windows divisional dissolve. SAP finally announces its licensing updates, which we dissect. And: I'm in the whiffs section again."
cloud  platforms  -  infrastructure  and  architecture  data  privacy  governing  identity  security  hits  misses  regulation 
april 2018 by jonerp
Mr Zuckerberg goes to Washington (and lives to tell the tale)
"Facebook's CEO Mark Zuckerberg faced a roasting from Congress that turned out to be a fairly light grilling."
data  privacy  governing  identity  and  security  regulation  social 
april 2018 by jonerp
FIDO Alliance and W3C have a plan to kill the password
"The major browser makers including Google, Mozilla and Microsoft have all agreed to incorporate the final version of the protocol, which allow websites to bypass the pesky password in favor of an external authenticator such as a security key or you mobile phone. These devices will communicate directly with the website via Bluetooth, USB or NFC. The standards body has referred to this as ‘phishing-proof’."
security  tc  multi-factor  authentication  standards  w3c 
april 2018 by jonerp
“It was my mistake” – Facebook’s Zuckerberg pleads ‘mea culpa’, but insists he’s still the man for the job
"Facebook CEO Mark Zuckerberg was sent out to field questions yesterday. Cue a lot of mea culpa and self-reproach, as well as a warning that this is going to take a long time to fix."
data  privacy  governing  identity  and  security  social 
april 2018 by jonerp
Five Ways Machine Learning Can Save Your Company From A Security Breach Meltdown
"However, 62% of CEOs have the impression that multi-factor authentication is difficult to manage. Thus, their primary security concern is primarily driven by how to avoid delivering poor user experiences. In this context, machine learning can assist in strengthening the foundation of a multi-factor authentication platform to increase effectiveness while streamlining user experiences."
business  featured  posts  technology  software  byline=louis  columbus  cybersecurity  machine  learning  security  breach  zero  trust 
april 2018 by jonerp
Enterprise hits and misses – data breaches, Facebook overreaches, and Microsoft Windows fades
"This week: data privacy in the crosshairs due to breaches, myopic legislation, and, of course, Facebook. Plus: Microsoft Windows does a sharp turn to slow fade. Customer service FAQ blowout, and whiffs-a-plenty."
crm  and  customer  experience  service  management  data  privacy  governing  identity  security  hits  misses 
april 2018 by jonerp
Zuckerberg to U.S. Facebook users – GDPR privacy benefits not fully on offer to you
"GDPR is coming, but for U.S. Facebook users the data privacy benefits aren't likely to be on offer, according to CEO Zuckerberg."
data  privacy  governing  identity  and  security  regulation  social 
april 2018 by jonerp
For Hudson’s Bay’s new CEO, another headache – a data breach with a claimed 5 million cards at risk - by @whostu
"Hudson's Bay Company has a hell of a lot to do in terms of tech upgrades. That's going to include payment systems after 5 million cards were involved in a massive data breach."
data  privacy  retail  e-commerce  and  the  omni-channel  security 
april 2018 by jonerp
Zuckerberg faces pressure from EU over data sharing furore and resists calls from UK government to give evidence
"Facebook CEO Mark Zuckerberg is in the midst of a data scandal following revelations that Cambridge Analytica allegedly used data to influence elections."
data  privacy  governing  identity  and  security  regulation 
march 2018 by jonerp
Machine Learning and Beyond: Algorithmic Detection in Security
"This article discusses the ways we can use algorithmic detection in all aspects of security. We define algorithmic detection as the ability to perceive threats, analyze them and contextualize them using algorithms that are either automata-theoretic or statistical."
contributed  top  stories  artificial  intelligence  security  sponsored 
march 2018 by jonerp
Enterprise hits and misses – cyberwarfare gets a wake up call and automation forces a skills review - by @jonerp
"This week: why cyberwarfare needs a truce, and an automation career session from someone who gets it. Plus: AI-driven "coaching networks" and five emerging trends. The whiffs are plentiful - are you ready to get cognified?"
governing  identity  privacy  and  security  hits  misses  iot  robotics  ai  the  new  professional  it  as  a  service 
march 2018 by jonerp
Microsoft announces new updates to protect against Spectre and Meltdown attacks
"Additional versions of Windows 10 are now protected from these attacks, and Microsoft has begun releasing Intel microcode updates directly, but only for a small number of devices. Incompatible antivirus software remains a problem, however."
security 
march 2018 by jonerp
The world badly needs a cyber-warfare truce – what are the chances? - by @denispombriant
"Cyber warfare is combat on the cheap, writes Denis Pombriant, as he sets out the case for an international truce to limit the scope for cyber attacks."
iot  robotics  and  ai  regulation  security 
february 2018 by jonerp
Why we need a single point of trust to calm nerves over social media data misuse - by @derek_dupreez
"A single place to turn to when the internet giants get above themselves with your data - a strong recommendation from doteveryone."
data  privacy  governing  identity  and  security  regulation  social 
february 2018 by jonerp
Security: What Enterprise Architects Need to Know Today
"With enterprise applications, the data is more valuable than the apps that consume the data. This is because the datasets are large, and often go back decades. They’re mostly stored in SQL databases, but in recent times, in NoSQL alternatives as well. The data is multifaceted and can be presented in many different ways within a single application or across multiple applications."
analysis  contributed  technology  top  stories  cloud-native  equifax  security  sponsored  twistlock 
february 2018 by jonerp
FedEx leaks highly sensitive customer data
"The data came from the acquisition of Bongo International that FedEx made back in 2014. It later renamed and then shutdown the business unit in April 2017. What is not clear is how long the data has been exposed. Was it originally exposed by Bongo before the acquisition? Did it become orphaned data after the company was shutdown? Either way, there is evidence that the data has been exposed for some time."
homepage  slider  latest  news  security  amazon  bongo  international  data  breach  privacy  egress  software  fedex  gdpr  kromtech  national  id 
february 2018 by jonerp
The Impact of Spectre and Meltdown on the Cloud
"Spectre is worse. Not because we actually know how to use it to do something bad. Yet. It is worse because we don’t know how to mitigate it in a generic way, and because it proves that Meltdown wasn’t a flash in the pan. The threat remains, and erodes trust. When and if someone devises a practical exploit, we may indeed see a mitigation for it show up quickly. The exploit may be responsibly disclosed by security researchers at a company like Google. But it is entirely possible that hostile state actors will get there first, and the damages done between now and then may be considerable and difficult to quantify."
analysis  contributed  technology  top  stories  heptio  meltdown  security  side-channel  attack  spectre 
february 2018 by jonerp
Is blockchain the answer to security risk in supply chains? - by @madbennett
"Digital connections add new security risks to the supply chain. Companies including IBM and Maersk believe blockchain may provide the answer"
fintech  infrastructure  security  spend  management 
february 2018 by jonerp
Intel does its best to tamp down impact of Spectre and Meltdown in earnings call - by @ron_miller
"Intel CEO Brian Krzanich was delighted to report that Intel had a record year in the company’s quarterly earnings call with analysts yesterday. Of course, he also had to acknowledge the Spectre and Meltdown chip vulnerabilities revealed earlier this month in perhaps the ultimate good news-bad news moment"
earnings  security  tc  intel  meltdown-spectre  chips 
january 2018 by jonerp
Enterprise hits and misses – Davos vs the enterprise, PaaS vs security threats - by @jonerp
"This week: Why PaaS and infrastructure automation matter against threats like Spectre and Meltdown. Also: SEO for 2018, connected car dilemmas, and Davos versus the enterprise. Your whiffs include a slew of whiffy awards, and Facebook's navel-gazing Newsfeed overhaul."
cloud  platforms  -  infrastructure  and  architecture  hits  misses  security 
january 2018 by jonerp
Enterprise hits and misses – digital skills gaps, contingent workforces, and the chippy Meltdown - by @jonerp
"This week: cue the digital skills and contingent workforce debates. Plus: the Spectre and Meltdown chip vulnerabilities buzzkill the shiny new toys at CES. Your whiffs include robots posing as women, Facebook bailing on "M" - and Intel."
future  of  work  governing  identity  privacy  and  security  hits  misses 
january 2018 by jonerp
That Intel chip flaw means a large – and long – headache for CIOs and IT teams
"The Intel flaw is in the design of the processors it is engineered in, so it can't easily be engineered out. A problem for CIOs that will not go away soon."
governing  identity  privacy  and  security 
january 2018 by jonerp
Warrantless phone, laptop searches at the US border hit record levels
"One leading Democratic senator says the newly-enacted directives explicitly allow border officials to try to bypass the password or encryption on a device without reasonable suspicion."
security 
january 2018 by jonerp
FedEx aims to deliver on Blockchain, autonomous vehicles and tougher security - by @whostu
"FedEx's 2017 will be remembered for the TNT cyber-attack, but it's heading into 2018 on growing e-commerce and a lively innovation agenda."
cloud  platforms  -  infrastructure  and  architecture  customer  service  management  digital  enterprise  in  the  real  world  e-commerce  governing  identity  privacy  security 
december 2017 by jonerp
diginomica 2017 – the year according to Dennis - by @dahowlett
"2017 is almost at an end; 2018 is around the corner. In the second of our annual reviews of the highlights of the year, Dennis Howlett offers his personal picks of the best of diginomica 2017. Customer stories feature heavily."
cloud  erp  financials  and  supply  chain  platforms  -  infrastructure  architecture  crm  customer  experience  digital  enterprise  in  the  real  world  transformation  frictionless  governing  identity  privacy  security  hcm  future  of  work  iot  robotics  ai  retail  e-commerce  omni-channel  new  professional  it  as  a  service  ux  application  design  blockchain 
december 2017 by jonerp
AdGuard calls out sites for cryptojacking failures
"The company reports that there are around 2,500 downloads of this code per day. This is likely to be for more than just cryptojacking. Downloads are also likely to be used by other cybercriminals for malvertising. It is also entirely possible that some websites are using the code to boost the number of ads that they serve. With many advertisers paying per impression of an ad, there is a lot of interest in improving ad serving."
homepage  slider  latest  news  security  ad  blocking  adguard  browsers  cryptocurrency  media  players  monero  onlinevideoconverter.com  openload  rapidvideo.com 
december 2017 by jonerp
Machine learning, the dark web and cybercrime – an unholy trinity
"What should we expect in the on-going arm-wrestle with cybercriminals as malware gets smart, devious and hard to find?"
digital  government  and  public  services  governing  identity  privacy  security  iot  robotics  ai  machine  intelligence 
december 2017 by jonerp
Trust and relevance – the twin challenges SAP faces as it meets with SAP UK & Ireland User Group - by @dahowlett
"SAP UK & Ireland User Group meet this week. SAP will face some testing questions. Here is my pre-event assessment around the top of mind topics."
cloud  erp  financials  and  supply  chain  future  of  work  regulation  security  event  reports 
november 2017 by jonerp
Australia's war on encryption potentially 'reckless': Former US cyber advisor
"Demands for more access to private data and control over personal communications devices 'sounds a lot like China', says Obama's director for Cybersecurity Policy."
security 
november 2017 by jonerp
Facebook's plan to throw humans at security, manipulation issue won't work, equates to indictment on AI progress
"Throwing humans at Facebook's fake news and security issues isn't likely to fix the company's issues. Facebook needs more AI and automation to correct ills before engagement falls."
security 
november 2017 by jonerp
Social media giants need to up their game as US Senate grills them - by @whostu
"Twitter, Google and Facebook go in 'lawyered-up' to answer US Senate questions on Russia and the Presidential Election. The result - holding positions and obfuscation."
digital  government  and  public  services  machine  intelligence  ai  security 
november 2017 by jonerp
Your data is more secure with SaaS companies than it is with you
"Conventional wisdom says you should protect your data by keeping it close. In reality, it's more secure with SaaS companies, says New Relic's Lee Atchison"
cloud  platforms  -  infrastructure  and  architecture  data  privacy  new  relic  partner  zone  security 
october 2017 by jonerp
Enterprise hits and misses – accountants overcome big data denial, CIOs fight for digital trust - by @jonerp
"This week: accountants move past big data and AI denial, while Walmart and Disney make aggressive moves against rivals. CIOs fight for digital trust after data breaches - and your weekly whiffs."
hits  and  misses  iot  robotics  ai  security 
october 2017 by jonerp
72 hours to doomsday – GDPR armageddon peddling from Splunk
"Splunk’s security evangelist Matthias Maier posits some thoughts on what is important when it comes to managing GDPR in action."
data  privacy  digital  government  and  public  services  governing  identity  security  regulation 
october 2017 by jonerp
Why the era of political pride in tech ignorance has to end - by @whostu
"The British Home Secretary wears her tech ignorance with pride. Sadly she's not alone, on both sides of the Atlantic. It's time for a digitally-savvy generation of policymakers."
governing  identity  privacy  and  security 
october 2017 by jonerp
Enterprise hits & misses – Avoiding security worst practices while Microsoft Ignites and Oracle opens - by @jonerp
"In this edition: Security best practices revealed - but worst practices are all too common. Plus: wrapping a big event week with Microsoft Ignite and kicking off Oracle OpenWorld. And: your weekly whiffs."
data  privacy  hits  and  misses  security 
october 2017 by jonerp
OOW17 – eliminate human labor, eliminate human error - by @whostu #OOW17
"Larry Ellison wants to eliminate human labor and in the process eliminate human error and he's going to do it at half the price that Amazon would. Oracle OpenWorld is underway!"
cloud  platforms  -  infrastructure  and  architecture  digital  government  public  services  iot  robotics  ai  security 
october 2017 by jonerp
Is the US ready for election hacking 2018?  No way.
"With 2018 U.S. elections looming, the government has done little to reinforce the security of the American electoral process in the aftermath of what intelligence agencies agree was a major Russian cyber operation designed to sway the 2016 Presidential contest."
digital  government  and  public  services  identity  regulation  security 
september 2017 by jonerp
Study reveals IT security and risk management need work at all companies - by @dahowlett
"Now in its 13th year, Computer Economics IT Management and Best Practices 2017/18 reveals significant deficiencies in many areas of security and risk management. As you might expect, large companies are best equipped to deal with threats but as always, the devil is in the detail."
security 
september 2017 by jonerp
Deloitte hacked, a brown trousers moment? - by @dahowlett
"Deloitte has managed the extraordinary feat of holding the world's leading cyber security consulting firm position as assessed by Gartner while confessing to being hacked."
data  privacy  governing  identity  and  security 
september 2017 by jonerp
Building security by design – a discussion of VMware App Defense - by @krmarko
"Recent hacking scandals point up the need for security by design. Here is one approach that looks promising."
infrastructure  security 
september 2017 by jonerp
Equifax and beyond – where does enterprise data security go from here? - by @jonerp
"The alarming Equifax breach has inflamed the news cycle. In my back and forth with a frustrated cybersecurity expert, we hashed out what individuals - and companies - can do to change enterprise data security."
data  privacy  governing  identity  and  security  regulation 
september 2017 by jonerp
Okta API strategy aims to bridge gap between customer experience and security - by @derek_dupreez
"The cloud identity management vendor kicked off its annual customer event in Las Vegas today with a number of announcements that expand the Okta platform."
cloud  platforms  -  infrastructure  and  architecture  crm  customer  experience  governing  identity  privacy  security 
august 2017 by jonerp
Microsoft warns of new tech support scam approach
"The new email campaigns use reputable brands to trick users. Microsoft has published some of the emails it has captured. These appear to come from big brands such as Alibaba, Amazon and LinkedIn. They all contain links that if examined are not to the sites they claim to be from. The reason these emails succeed is that people often take the email at face value, trust the brand and just click on the link without thinking about it."
homepage  slider  latest  news  security  cyber  email  linkedin  malware  microsoft  exchange  office  365  outlook  scammers 
august 2017 by jonerp
Former CIA operative Valerie Plame says privacy is precious — and she should know
"“There are two sides [to privacy]: the corporate side, which is doing this to sell you more [stuff]. Then there is the government area and a whole other area with the NSA and their efforts to keep us safe — and it has spilled over into privacy. There is an ongoing tension between security and privacy,” she says."
privacy  security  tc  valerie  plame  identity  management  cloud  summit 
august 2017 by jonerp
Wake up America – GDPR is not that far away - by @denispombriant
"Good morning America. New rules keep on coming and May 2018 sees the ushering in of GDPR. As with the topics like revenue recognition rules, researchers say we’re not ready. Time to get educated."
data  privacy  governing  identity  and  security  regulation  gdpr 
august 2017 by jonerp
Enterprise hits and misses – AI woos cybersecurity, McDonalds goes digital - by @jonerp
"This week: Can AI give companies the edge over cybercriminals? Will McDonalds become as digital savvy as Starbucks? Your whiffs include a blockchain post on a no-elbow-grease diet."
hits  and  misses  iot  robotics  ai  security 
august 2017 by jonerp
Can Facebook and Harvard save U.S. elections with Defending Digital Democracy?
"Harvard has launched a major new project called “Defending Digital Democracy” designed to overcome election hacking and protect the U.S. democratic process. Is it enough to make up for Executive Office skepticism and inaction?"
digital  government  and  public  services  governing  identity  privacy  security 
july 2017 by jonerp
Cisco warns of DeOS attacks
"The use of the Internet of Things (IoT) by hackers has been well documented. A significant part of the problem is the lack of security in too many Internet connected devices. Enterprise IT departments often have no say in the purchase of many of these devices. Security cameras, fridges, televisions and other goods are often purchased by different departments. Few of them have any security training."
homepage  slider  latest  news  security  cisco  cyber  ddos  deos  iot  not  petya  nyetya  ransomware 
july 2017 by jonerp
SAP South Africa – the company speaks about alleged corruption = by @dahowlett
"What happened at SAP South Africa such that the company got clobbered with allegations of corruption? We talked with Adaire Fox-Martin, head of EMEA to get an update."
central  regulation  security 
july 2017 by jonerp
The Risks of DNS Hijacking Are Serious and You Should Take Countermeasures
"Enabling HTTPS for all web apps and services hosted on a domain name should be a top priority. This will protect users from man-in-the-middle attacks in general and has many other benefits, like the ability to turn on HTTP/2 and gain a significant performance boost. However, to mitigate the effects of DNS hijacking, HTTPS needs to be combined with a security mechanism called HSTS."
analysis  technology  top  stories  dns  hijacking  dnssec  domain  name  system  security  extensions  gandi  http  strict  transport  https  registrar 
july 2017 by jonerp
Stay Out of Security Breach Headlines: 3 Things That Must be Addressed in your Cloud Agreement
"It is important to mention that many cloud vendors will resist such requests, stating that in order to keep costs competitive they need to standardize on security policies in a one-size-fits-all approach that applies to all customers. Therefore, the cloud vendor will claim they simply cannot customize the cloud solution and associated services to match unique customer security requirements."
application  management  services  cloud  erp  program  security  data  breach  protection  risk 
june 2017 by jonerp
The IoT-enabled police officer – building a digital law enforcement future
"The IoT should be about more than intelligent toothbrushes and self-ordering fridges. Police forces worldwide could benefit from IoT tech potential."
digital  government  and  public  services  iot  robotics  ai  regulation  security 
june 2017 by jonerp
How AWS And Azure Competing Is Improving Public Cloud Adoption - by @louiscolumbus
"Only 37% of current Azure users expect to add or replace their Public Cloud provider, compared to 53% of current AWS users and 50% of GCP users. The study found that approximately 40% of respondents expect to add or replace their cloud provider in the next two years, compared to 43% who predicted that last year. Companies who have adopted Microsoft Azure are least likely to replace/add other vendors, as only 37% of current Azure users expect to add or replace, compared to 53% of current AWS users and 50% of GCP users."
business  featured  posts  amazon  aws  web  services  security  cloud  computing  landscape  louis  columbus'  blog  saas  early  adopter  research  economics 
june 2017 by jonerp
The Junior Dev Who Deleted the Production Database
"The top response on Hacker News also had no sympathy for the company. “Sorry, but if a junior dev can blow away your prod database by running a script on his _local_ dev environment while following your documentation, you have no one to blame but yourself. Why is your prod database even reachable from his local env? What does the rest of your security look like? Swiss cheese I bet.”
culture  technology  top  stories  amazon  web  services  data  databases  reddit  forums  security  tech 
june 2017 by jonerp
Theresa May criticised for blaming London’s terror attack on the Internet - by @derek_dupreez
"Prime Minister Theresa May has said that the Internet allows those with extreme views a “safe space” to feed and breed their ideology."
data  privacy  digital  government  and  public  services  governing  identity  security 
june 2017 by jonerp
The FCC plan to kill net neutrality
"Abolishing the Obama-era net neutrality rules is a priority for the Federal Communications Commission and this time public opinion may not be enough to turn the tide."
digital  government  and  public  services  governing  identity  privacy  security  infrastructure  regulation 
may 2017 by jonerp
Enterprise hits and misses – diginomica on cybersecurity, SAP and Salesforce on tour - by @jonerp
"In this edition: diginomica does cybersecurity, while AI alarmists meet an optimist. Salesforce has a world tour and SAP had a big show - we've got your breezy roundup. Grappling with workplace diversity is one theme this week; pizza is another. Food-related whiffs abound, with Pizza Hut asking for - and receiving - viral shaming. Finally, can AI ever make better music than the Biebs?"
diversity  hits  and  misses  security 
may 2017 by jonerp
Using deep learning to thwart malware – even WannaCry - by @krmarko
"How startup Deep Instinct uses deep learning AI technology to detect undocumented malware and might have thwarted last week's WannaCry ransomware outbreak."
infrastructure  machine  intelligence  and  ai  security 
may 2017 by jonerp
Security Debt is an Engineer’s Problem
"She shared four basic security principles for engineers. First, security debt is expensive. There’s a lot of talk about technical debt and she thinks security debt should be included in those conversations.

“This historical attitude is ‘We’ll think about security later,’” Plattner said. As companies grab the low-hanging fruit of software efficiency and growth, they ignore security, but an initial insecure design can cause problems for years to come."
analysis  events  top  stories  bcrypt  oracle  passwords  security  technical  debt  women  who  code  zxcvbn 
may 2017 by jonerp
Who Let the Bug Out? Is the NSA Responsible for “WannaCry?”
"Do American spy agencies have a responsibility to tell software manufacturers about dangerous potential exploits they may find in their products?"
digital  government  and  public  services  security 
may 2017 by jonerp
Enterprise hits and misses – quick hit Sapphire Now special, plus cyber insecurities via WannaCry
"As for the financials, the GP Investments Acquisition Corp. will issue 63.8 million shares of its stock at $10 a share to Rimini Street Shareholders. Cash to GP Investments Acquisition Corp. will close the deal, cut debt and bolster the balance sheet. GP Investments Acquisition Corp. will hold 25 percent of Rimini Street shares.

Rimini Street said the enterprise value for the combined company will be about $837 million, or 2.8x estimated 2018 revenue of $295 million."
hits  and  misses  security 
may 2017 by jonerp
Will Trump’s cyber-security Executive Order work?
"It's been a busy week for President Trump, what with sacking the FBI Director, hosting a Russian government photo opp in the Oval Office, as as personally inventing a business phrase that dates back to the Great Depression. But there's still time for another Executive Order, this time around cyber-security."
digital  government  and  public  services  security 
may 2017 by jonerp
« earlier      
per page:    204080120160

Copy this bookmark:





to read