"The growing tech-savviness of business leaders and the wider availability of cloud solutions does mean that business leaders are playing a bigger role in the front end of this process," Bartels says. But the persistence of licensed software, the growing adoption of cloud as a replacement for licensed software, and challenges of implementing and optimizing solutions mean that CIOs and tech management teams still play a dominant role in overall tech purchases. Moreover, CIOs are procuring software-as-a-service (SaaS) solutions — the top shadow IT target for business leaders — more than ever as it allows them to meet business requirements. “That becomes a mechanism to manage demand,” Bartels says. CompTIA just announced similar findings from a survey of 675 U.S. businesses in its report, “Considering the New IT Buyer."
As the government's cloud strategy takes shape, this is the time to move over to security in the cloud paradigm. It will require a radical reassessment and revamping of existing security provisions, because a move to the cloud changes the technology landscape quite drastically. The new paradigm must incorporate the spirit of the legacy security provisions, but requires much more sophistication to secure a hybrid cloud setup. Furthermore, it is critical that this broad-gauged security policy be executed uniformly across all components of the hybrid cloud. This is where cloud security gateways and security brokers come into action. Rather than leave it to individual systems in the cloud to take care of their own security (as is the case in the legacy setup), a cloud security broker can monitor and defend the entire cloud and all the systems within. Security across all the different systems is addressed holistically, regardless of where the systems may reside.
Successful digital transformation is like a caterpillar turning into a butterfly. It’s still the same organism, but it now has superpowers. Unfortunately, when it comes to digital transformation, many senior execs aren’t thinking about butterflies. They’re just thinking about fast caterpillars. And it’s hard to keep up with your competitors if you’re crawling ahead while they can fly. ... It would be nice to think that companies and governments would be responsible for finding new roles for the people who are displaced by technology. But more realistically, people need to be responsible for their own professional development. Stay abreast of what is happening with industries and technologies. If you’re in a job that will die soon, do what you can to shift to another. Hopefully, our society will find ways to help people who lose in the race against machines.
Going outside the box, HP has seriously revamped the Spectre x2's screen to 12.3-inch diagonal size and 3000x2000 resolution screen. Compared to the first gen Spectre x2's 16:9, 1920x1080 panel, this new model has the same aspect ratio as MIcrosoft's Surface Pro 4. The newer screen is IPS and brighter, too, with a maximum of 450 nits, slightly better than the Surface Pro 4 panel's spec. HP has also cloned the Surface Pro 4's pen tech. The original Spectre x2 used a Wacom-based pen, while the 2nd gen replaces Wacom for N-trig, which Microsoft uses for its own Surface Pen. Microsoft even bought N-trig. The N-trig pen's main appeal to PC makers is its ability to use the capacitive touch layer to sense the pen. Wacom-based devices require a separate digitizer, which adds thickness to the screen.
Orchestration and automation may be the most significant advantages governments obtain when they adopt standard threat information formats. It’s no secret there is a cybersecurity talent shortage. To manage a growing volume of increasingly sophisticated threats, it is critical to have infrastructure and security tools that enable quick, automated and synchronized responses without human intervention. The goal of Open C2 and other groups work is to expand the development of orchestration software and standardized command and control languages. Central to the OpenC2 movement’s platform is the idea that standardizing language between machines enables rapid response to shared threat intelligence. As the OpenC2 forum states, “Future defenses will require the sharing of indicators, the coordination of responses between domains, synchronization of cyber defense mechanisms and automated actions at machine speed against current and pending attacks.”
If the CISO is overwhelmed with projects, it can be helpful to determine which departments you are serving, who the stakeholders are, and what is critical to them, Hayslip said. That will help you create a more narrow list of issues to tackle. It's often wise to start with cyber hygiene, he added: If you have basic security policies and patch management, antivirus, and firewalls in place, updated, and managed, it builds a strong foundation for your organization's cyber health. CISOs also have an opportunity to redefine their role as a business strategist during the digital transformation, Pollard said. To prove their value, they should spend time mapping the firm's technology touchpoints, foster security champions across the company, and get involved with customer-facing activities like product design and development, he added.
To put it simply, many of those who identify themselves as “hackers” are very talented programmers. The creators of some of the most well-known software are self-proclaimed hackers. Among these hackers-turned-programmers are Mark Zuckerburg, founder of Facebook; Linus Torvalds, the creator of Linux; and Tim Berners-Lee, one of the driving forces behind the creation of the World Wide Web. Often, these programmers will seek a solution that doesn’t involve working with one of the entrenched proprietary software companies. Instead, they will create open-source projects, where the source code is made publicly available. The programming community, including several who identify as hackers, work together to produce software solutions that is available to everyone. Even people who never use open-source software benefit from these projects, as the public community will often create new innovations that the proprietary companies either use for inspiration or simply copy outright.
Here's a simplified version of how such a sensor might work in a warehouse setting. You plug in one or a few super sensors. Then somebody uses a forklift. The resulting vibration, sound, heat and movement detected by the super sensor generate patterns of data that are fed into the system. You can identify this as "forklift in operation." (Further tweaking might determine not only when a forklift is in use, but where it is, how fast it's moving, how much weight it's carrying and other data.) You can then program next-level applications that turns on a warning light when the forklifts are moving, calculates wear-and-tear on forklift equipment or detects unauthorized operation of forklifts.The output from these "synthetic sensors" can be used by developers to create any kind of application necessary, and applied to semantic systems for monitoring just about anything.
“Women must make themselves visible for the right skills and projects, and to the right people if they want to advance into senior leadership,” says Ghosh. Women, especially in enterprise IT, says Ghosh, must be vocal about their goals and ambitions, and this is one way they can deal with implicit bias. “The other thing is that even organizations must acknowledge the bias,” says Dar. “Consciously or unconsciously, we are discriminated against and when these things come to light they have to be dealt with the same importance that any other labour matter or such would be dealt with. Just pushing it under the rug does not work anymore”, says Dar. Her company, Godfrey Phillips runs awareness sessions for employees, “and that is something all companies should run on a timely basis,” she says. Even at organizations, Vijay says, it is very important to introduce programs that are aimed at increasing the representation of women in IT leadership positions.
Like most new hires, veterans in the private sector must navigate a culture that’s vastly different from military life. When Navy veteran Dana Hawkins took his first private sector job as a contractor, “just getting used to the lack of process” at some smaller companies compared to the stringent cybersecurity processes of the military was a big challenge. Hawkins is now director of security services at Proficio. Other veterans find it challenging to work with a virtual team after years of direct contact with leaders. “It takes a while for our veterans to get used to it,” Stoner says. To smooth the transition, PwC assigns veteran mentors to help new hires assimilate into the firm. Stoner, an Army veteran and reservist himself, finds that military “athletes” – those veterans withleadership, self-discipline and a goal-oriented approach– make the best transition to private sector cybersecurity careers – and there’s plenty of room for more.
Quote for the day:
"Careers, like rockets, don't always take off on schedule. The key is to keep working the engines." -- Gary Sinise