Daily Tech Digest - November 21, 2016

Oracle acquires DNS provider Dyn, subject of a massive DDoS attack in October

Oracle plans to add Dyn’s DNS solution to its bigger cloud computing platform, which already sells/provides a variety of Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) products and competes against companies like Amazon’s AWS. Oracle and Dyn didn’t disclose the price of the deal but we are trying to find out. Dan Primack reports that it’s north of $600 million. We’ve also asked for a comment from Oracle about Dyn’s recent breach, and whether the wheels were set in motion for this deal before or after the Mirai botnet attack in October, but our guess is that it was likely before. “We decline further comment,” is the response so far from a spokesperson to all our questions.


Getting a Competitive Edge from Comprehensive Data Analysis

It gets back to that idea of a common lexicon. If you think about evolution, you don't want a Madagascar or a Tasmania, where groups get cut off and then they develop their own truth, or a different truth, or they interpret data in a different way -- where they create their own definition of revenue, or they create their own definition of customer. If you think about it as orbits, you have to have a balance. Maybe you only need to touch certain people in the outer orbit once a month, but you have to touch them once a month to make sure they're connected. The thing about orbits and keeping people in the proper orbits is that if you don't, then one of two things happens, based on gravity. They either spin out of orbit or they come crashing in.


Cyber-security synchronisation key to mitigate business risk

Cyber security is not just a technology issue; it's a business risk that requires an enterprise-wide response. The cyber security is also a strategic risk for financial sector as it could create damage to organisation brand and reputation resulting in loss of share value and market confidence. It can also impact the financial and intellectual property resulting in loss of competitive edge and can cause system inoperability caused by a breach resulting in inability to execute trades and access to information. Hence the involvement of the company's board is required which should set the tone for enhancing security and determine whether the full board or a committee should have oversight responsibility.


Vendors push the 'private instance on a public cloud' proposition

A case in point is Alfresco, which today announced that its content management solution is now available on AWS. But rather than the usual multi-tenant public cloud offering, Alfresco is offering itself up as a single-tenant, managed services sitting within an AWS Virtual Private Cloud (VPC). The pitch here is that the offering offers a kind of best of both worlds: a robust content-centric platform allowing users to collaborate on business-critical content, all with the network isolation and security of a dedicated AWS VPC and without the dedicated internal resources for ongoing Alfresco and AWS management. The offering, which is now available on an early-access basis, comes in a few flavors: either fully managed by Alfresco or available for customers to design, deploy and maintain under their own steam and leveraging the experience


IoT Security vs. IT Security: What’s the difference?

While CISOs are adept in dealing with IT security and employing the sophisticated tools to secure the perimeters of the enterprise, as well as the inroads to mission-critical enterprise systems, the nature of IoT devices and the scale of the IoT landscape presents even the most prepared IT organization with a multitude of unique threats, exposures and operational challenges. Before letting loose the IoT genie, a CISO will want to fully understand the risks and concerns associated with IoT solutions in advance of signing off on a deployment strategy. For this reason, it is imperative that development teams and business sponsors driving the development and adoption of IoT apps take pre-emptive measures to secure access to all IoT devices and related data.


Stay Safe from Cyber Crime - Top Ten Tips InfoGraphic

Given I am regularly asked to explain cyber attacks and then advise on how to protect against them, particularly to home users of late, I thought I would try my hand at creating a simple InfoGraphic to help. It was a challenge to create due to the limitation to the amount of space for text, which means you can't cover everything and you can't go into much detail. However concise messaging is kind of the point of infographics, especially when using them as awareness tools.  This InfoGraphic is squarely aimed at the average "home user", it highlights what the bad guys are after, their most popular and most successful attack methods, and then provides 10 tips to help avoid and detect home user cyber attacks, simples.


Google Wifi wireless router: The smart person's guide

The Wifi units include software called Network Assist that makes sure you always have the strongest signal possible by constantly selecting the clearest wireless channel. When using multiple "points," Network Assist will seamlessly transition your device to the closest Wi-Fi point to ensure the best connection possible. The devices were also designed to meet the demanding needs of modern usage—that translates to streaming. Google's goal was to create a wireless router that could stream, download, and share from multiple devices simultaneously, without your network speed taking a hit. Another standout feature is the Google WiFi app. With this app, you can easily share your Wi-Fi password, see what devices are online, prioritize devices for increased performance, and pause your signal to specific devices (think parental control).


The changing face of cybersecurity – A look back at 2016 and a look forward to 2017

Cybersecurity has come a long way over the past five years. Controls have been invented to monitor a user’s every move without violating their privacy and the chief information security officer (CISO) is now a fixture in many modern organisations. With the last quarter of 2016 upon us and 2017 looming large, I've thought about look at what companies need to do as 2016 draws to a close, and what may be in store during 2017. Stay on top of vulnerabilities: Microsoft states that 41.8 per cent of vulnerabilities are given a highly severe rating these days. This is a three-year high! Ensure you’re prioritising and managing your vulnerabilities accordingly. Wean your people off of Flash: According to Microsoft, 90 per cent of malicious web pages contained Flash.


Hedge in the cloud: funds outsourcing computing power step into unknown

"If you're storing someone else's data, you'd think there'd be hacks on that but that's not something we've seen," Garry Liburn, detective inspector for the Metropolitan Police Cyber Crime Unit, said at an event in Mayfair last month. Under the FCA's new guidelines, which only took effect in July, firms should tell the regulator if they experience a breach. The watchdog declined to comment on whether any had reported incidents. "I am sure there have been hacks of the cloud ... no one is reporting them," said Viktor Ula, managing partner at investment consultant PivotalPath. "If a cloud reported a hack, it would halt their growth. The risk that everyone believes exists out there would then be perceived to be even higher and folks would probably revert to having systems internally."


Are regulations the answer to better Internet of Things security?

There’s a relatively easy way to get the industry to move faster on improving IoT security: enforcing or updating federal and industry regulations and standards to help safeguard the IoT revolution (and, in fact, compel companies to better protect their web infrastructure overall). No one likes red tape, and regulation for the sake of regulation is silly, but the fact is there are two main drivers that the corporate C-suites is waiting for devoting more budget to IoT and mobile security: headline-grabbing attacks and regulatory obligations. Regulations, whether or not anyone likes it, can be a very effective hammer for greater good. From improved health monitoring to safer highways to smart homes, IoT has already begun to touch the lives of millions of Americans and will become truly transformational in the years to come.



Quote for the day:


"The longer we dwell on our misfortunes, the greater is their power to harm us." -- Voltaire