June 05, 2015

Co-operation driving progress in fighting cyber crime, say law enforcers
FBI assistant legal attaché Michael Driscoll said information security professionals in the private sector often see the evidence of cyber-enabled crime far quicker than law enforcement. He said it is important to engage with information security professionals as law enforcement becomes increasingly reliant on what they do on a daily basis for gathering the evidence they need. Driscoll said private organisations can help broaden law enforcement’s view and understanding of cyber-enabled crime. “Around 22,000 reports are made to the FBI’s internet crime complaint centre each month, but we think that is about 10% of what actually goes on. The volume is unbelievable,” he said.


FBI official: Companies should help us ‘prevent encryption above all else’
"Privacy, above all other things, including safety and freedom from terrorism, is not where we want to go," Steinbach said. He also disputed the "back door" term used by experts to describe such built-in access points. "We're not looking at going through a back door or being nefarious," he argued, saying that the agency wants to be able to access content after going through a judicial process. But many technical experts believe that building intentional vulnerabilities into the systems that people around the world rely on reduces the overall security of the entire digital system, even if done to comply with legal requirements.


The Innerworkings of a Security Operations Center
The SOC does not just consume data from its constituency; it also folds in information from a variety of external sources that provides insight into threats, vulnerabilities, and adversary TTPs. This information is called cyber intelligence (intel), and it includes cyber news feeds, signature updates, incident reports, threat briefs, and vulnerability alerts. As the defender, the SOC is in a constant arms race to maintain parity with the changing environment and threat landscape. Continually feeding cyber intel into SOC monitoring tools is key to keeping up with the threat. In a given week, the SOC likely will process dozens of pieces of cyber intel that can drive anything from IDS signature updates to emergency patch pushes.


Project Seeks to Combine Sustainable Fish Farm and Data Center
This is a rare example of a project that attempts to combine a data center with a completely unrelated facility in way that is mutually beneficial. Because a data center is a massive power and water consumer and a huge source of excess heat, people are often compelled to look for creative ways to utilize those aspects of mission critical facilities. Another example is a project in California’s drought-stricken Monterey County, where a group of entrepreneurs wants to combine a data center with a water desalination plant. The first initiative is the aquaculture facility, a fish farm that will produce 500,000 pounds a year of Mediterranean sea bass. A tech incubator is also planned for the site.


Uber CEO admits company is not perfect
Uber, Kalanick said, provides not just a cheaper, more efficient form of transportation that bests owning a car, regular taxis, or even public transit. The companys technology can also improve cities by getting more cars off the road and reducing pollution, he said. Uber’s service, which lets people hail a ride from their smartphones, is now active in more than 310 cities and nearly 60 countries around the world. In some countries, like Germany and India, Uber has wrestled with regulators over its legality. Kalanick also used the event to make a plea to mayors across the U.S., asking them not to deprive people the right to drive for Uber because of “some outdated regulation.” In the years ahead, Uber will continue to make changes to its service, particularly around the company’s low-cost UberX option, so that using Uber is cheaper than owning a car, Kalanick said.


Put microservices, cloud at heart of your IoT strategy
Users still have to collect IoT data, but also index and store it for easy access. Additionally, this model requires organizations to address IoT security at the cloud level, rather than the network level. Cloud assets growing underneath applications without direct application involvement -- as IoT assets do, since sensors are not part of user applications -- also requir e special planning to address data currency and to support synchronized analysis of multiple IoT sources. While current practices can likely address this, IoT application scale may prove challenging. A database and microservice IoT approach also offers better support for privacy and public policy limits. Because query patterns are directly visible, IoT systems based on microservices and queries make it easier to detect attempts to track a person's location.


"Arrogant" datacentre operators blasted by users for poor customer service approach
“If we’d asked that same question three years ago, the answer would have been cost or location, but the reason for that is because no matter what the datacentre service is – whether it be co-lo, hosting, cloud or managed service – people’s understanding of the market is so much greater now and their expectations are higher.” Because of the contractual and technology complexities involved in moving to a new datacentre supplier, users have traditionally felt inclined to make do with the service they receive, but that’s not necessarily the case anymore. “It’s difficult and disruptive to move, because moving a sizeable IT estate is complex and businesses can’t take the downtime, and it’s very expensive,” said Rabbetts.


Sharing Data, but Not Happily
Companies that are more transparent about why they collect certain customer details and how they use them may find it easier to maintain customer trust. Certainly, millions of people have signed up for store loyalty cards and frequent-flier programs that offer deals or upgrades based on consumers’ purchases. And for the many people who relish personalized services, the idea that Amazon, Facebook, Google Maps or Pandora may remember and learn from their preferences represents an advantage, not a problem. “People are always willing to trade privacy and information when they see the direct value of sharing that information,” said Mike Zaneis, the chief counsel for the Interactive Advertising Bureau, an industry group in Washington.


Flocker Tutorial: Migrating a Stateful Dockerized ElasticSearch-Logstash-Kibana Stack
Flocker is an open-source data volume manager designed exclusively for the purpose of managing stateful services running in containers. As of this writing, Flocker is at release 0.4, meaning that the project is under active development. In the coming weeks and months, we will be adding an API so that you can do everything described in this tutorial programmatically. Additionally, we are building Flocker from the ground up to work with other popular container management tools, such as Docker Swarm, Google Kubernetes and Apache Mesos. We’ve recently published a tutorial on how to use Flocker with Docker Swarm and Kubernetes, so if you are a user of either of those tools, I’d encourage to try out our integration demos.


How to hire for personality and train for skills
"Of course you need people who know the fundamentals of their job, but when your people come across problems, it's important that they see them as just obstacles and roadblocks on the way to overall success; conceptual thinking and abstraction is at the core of this," Jersin says. As important as it is for talent to focus on their own contributions to your products and services, it's also critical that they can see how their part fits into the larger whole. "You want people who can hit their own personal targets, but also keep the big picture -- the company's overall success, development and growth -- in mind as well," says Labourey.



Quote for the day:

“Instead of focusing on how much you can accomplish, focus on how much you can absolutely love what you’re doing.” -- Leo Babauta