Daily Tech Digest - January 12, 2017

The DDoS Threat for Enterprises: Why Managed Security Matters

Many prominent voices in the cybersecurity arena warn that DDoS attacks, already on the rise, are likely to proliferate as botnets spread. After the source code for Mirai was released earlier this fall, other attackers modified and began deploying it for themselves. Moreover, numerous botnets are available for rent on the Darknet. In addition, easy access to such DDoS “recipes” virtually assures new exploits sprouting across the Internet of Things (IoT) landscape, seeded as it is with marginally-secured gadgets meant to simplify life. Ironically, many of the most vulnerable devices, such as Internet cameras, are marketed to make our homes and offices safer. Unfortunately, enterprises are top targets for DDoS attackers. At the same time, enterprise IT is increasingly budget-strapped, working at capacity maintaining basic operations.

3 reasons why 2017 will see massive cloud migration

When all outsourced hosting is taken into account—which includes SaaS, IaaS, and PaaS—many analysts estimate that 20 to 30 percent of workloads are currently on the cloud. But a better metric is to look at what enterprise applications have migrated to an IaaS or a PaaS platform, which is how most enterprises measure their presence in the cloud. Although SaaS is certainly an option for replacing on-premises applications, its usage tends to be for new, often off-the-shelf software, not existing software as in the case of IaaS and PaaS. Using that IaaS- and PaaS-only scenario, Global 2000 enterprises have migrated about 5 to 7 percent of their on-premises applications. That’s up from my estimate of 1 percent in 2013, a figure that aligns well with the revenue growth of the major public cloud providers.

Follow These Best Practices to Secure Your IoT Deployments

Unlike even the most widely distributed conventional networks, IoT networks present adopters with the unique challenge of managing ecosystems containing millions or even billions of devices. “Scale is the biggest challenge we’ll face in securing the IoT, and it’s going to require the security community to think differently,” Blackmer says. “This means more identity- and policy-based security, virtualization and the adaptability that brings, and using the network itself to detect and remediate malicious traffic and attacks.” Perhaps the trickiest thing about remotely managing high-scale IoT environments is planning how each device gets online and how IT teams will be able to quickly and accurately identify all of the networked devices. “Remote management is only useful if you have appropriately brought the device online in a highly scalable and secure way, with the appropriate identities associated with it,” Grieco says.

IBM bets on the blockchain to keep your medical data safe

The research initiative is a two-year agreement between the FDA and IBM which aims to create and promote a "secure, efficient and scalable exchange of health data using blockchain technology." As our healthcare systems rely more and more on electronic records, the idea of transformative, smart healthcare systems has caught the eyes of tech vendors and research teams alike. Using software to create more efficient records systems, using Big Data and sequencing to improve our understanding of genetics and the use of smart devices to monitor the conditions of patients automatically are just some of the ways technology is impacting our health, but with innovation lies risk. Data breaches are a daily occurrence in today's world. If is a matter of when, not if, enterprise players become the victim of a successful cyberattack, and it is almost expected that, eventually, your data will in some form end up for sale online.

Microservices and containers present a new deployment model in 2017

One problem with microservices in traditional cloud deployments is the latency associated with accessing them. Every microservice is an inquiry-response combination, and if the microservice is accessed frequently in the course of doing work, the delays that accumulate can seriously impact user response time and productivity. This is an even greater problem if the microservices are brokered through an API management tool since the tool introduces an extra hop between the microservice user and the microservice. Another problem that can hurt microservice adoption is resource waste. Microservices are typically small, far smaller than traditional application components. When deployed on virtual machines (VMs), the operating system and middleware needed to run those microservices can make up over 90% of the machine image, and even then the machine images themselves are often much smaller than usual.

Death to the hybrid WAN

Hybrid WANs combine a mix of data services to interconnect geographically dispersed locations. A network that combines MPLS and carrier Ethernet services is a hybrid WAN, so too is a WAN that combines 4G and MPLS. When you have some sites connected via MPLS and others via IP VPNs, this too was a hybrid WAN. When you have sites connected to an MPLS backbone with a secondary Internet connection, you also have a hybrid WAN. SD-WANs speak about the overlay; hybrid WANs speak about the underlay. The two are not exclusionary. You can build a hybrid WAN without an SD-WAN, and you could build an SD-WAN that’s a hybrid WAN. ... You might be wondering, then, as to the difference between a hybrid WAN and a WAN. I would say, in fact, that practically there is no difference.

How IoT and machine learning can make our roads safer

Controlling traffic and keeping roads clear can help immensely in reducing accidents and incidents that occur because of poor road and weather conditions. Driving safety, in particular, is dependent on being able to monitor road surfaces and identify road hazards. IoT road sensors can provide real-time data from roads to help divert the flow of traffic away from areas of hazard. French IoT startup HIKOB is exploring the possibilities in several French cities. “Road sensors are going to be one of the most crucial developments that will take place in the world of transportation with the introduction of the Internet of Things technology,” says Ludovic Broquereau, VP of marketing and business development at HIKOB. “Road sensors can be easily embedded under the roads so that they can effectively measure the changes in temperature, traffic volume and humidity, among other weather and traffic constraints.”

12 New Year's resolutions for your data

Now you have data coming out of your ears and spilling all over the place. Your mainframe is a delicate flower on which nothing can be installed without a six-month study. The rest of your data is all on the SAN. That works out because you have a “great relationship with the EMC/Dell federation” (where you basically pay them whatever they want and they give you the “EMC treatment”). However, the SAN does you no good for finding actual information due to the effects of VM and application sprawl on your data organization. Now the millennials want to deploy MongoDB because it’s “webscale." The Hadoop vendor is knocking and wants to build a data lake, which is supposed to magically produce insights by using cheaper storage ... and produce yet another storage technology to worry about.

Ransom is the main motivation behind cyber attacks

“One thing is clear: Money is the top motivator in the threat landscape today,” said Carl Herberger, Vice President of Security Solutions at Radware. “Attackers employ an ever-increasing number of tactics to steal valuable information, from ransom attacks that can lock up a company’s data, to DDoS attacks that act as a smoke screen for information theft, to direct brute force or injection attacks that grant direct access to internal data. ... Cyber ransom is the fastest-growing motive and technique in cyber-attacks, as most phishing attempts now deliver ransomware. Today, threat actors focus their ransom attacks to target phones, laptops, company computers, and other devices that are a daily necessity. In the future, they may target lifesaving healthcare devices like defibrillators.

8 Big Tech Battles That Will Be Fought In 2017

As consumers and businesses continue to adopt smart devices at a growing rate, and in light of IoT malware that caused major Internet disruptions this past fall, there will likely be a battle between regulators and industry groups on the one hand, and consumers and some manufacturers on the other. Consumers want cheap devices, and there are firms that specialize in offering cheap technology; the government, industry groups, and cybersecurity professionals, on the other hand, want IoT devices to be made with some minimal security capabilities in order to prevent their being easily compromised and commandeered for DDoS attacks. But, adding features such as security improvements costs money, something that consumers do not like to spend on features about which they do not care.

Quote for the day:

"Technology makes it possible for people to gain control over everything, except over technology" -- John Tudor