Home About Blog Report & Survey Highlights Case Studies Q&A Interviews Services

Laura DiDio on…

Microsoft Azure Sphere chip for end-to-end IoT security from the Cloud to Network Edge

“MediaTek is a good partner [for Microsoft] to have for its Azure Sphere secure IoT chip,” said Laura DiDio, principal analyst with ITIC. “They will provide a Wi-Fi controller, the processor will run Microsoft’s Linux-based IoT OS and you’ve now got a highly secure, connected device at a decent price point.”

Channel Futures, April 17, 2018

Microsoft Reorganization:

“Microsoft has actually been moving away from Windows and more towards the cloud, analytics and AI for the past ten years,” explained Laura DiDio, an analyst at ITIC. “This did not happen overnight.” DiDio pointed out that Nadella has made major changes quickly during his tenure. “That’s the way you have to move,” to stay relevant, she said. “You’ve got to be agile to stay ahead of the game.”

The changes don’t mean that Microsoft is totally giving up on Windows, DiDio said. But they do mean that Nadella is focusing the company’s energies around stronger assets.

“They’re de-emphasizing Windows,” she said, in order to become a stronger “player in cloud and artificial intelligence, because that’s where the money is.”

CNN Money, March 29, 2018

Failure to deliver reliability and uptime:

“Time is money,” DiDio says. “Systems, networks and connectivity devices are subject to failure. If the downtime persists for any significant length of time, it can be expensive in terms of monetary losses. It can disrupt operations, decrease worker productivity and negatively impact the organization’s business partners, customers and suppliers.

“A security outage of any significant duration can also be a PR nightmare and damage the company’s reputation, causing lost business,” DiDio says. “Reliability and uptime go hand in hand with a comprehensive, detailed backup and disaster recovery plan that also includes an internal operational level agreement that designates a chain of command in the event of any type of service disruption.”

Every organization should have a disaster recovery plan that includes an itemized list of who to contact at vendor organizations, cloud and third-party service providers, DiDio says. “The CISO should also know what the company’s contracts stipulate as the response time from vendors, cloud, and third-party service providers to respond to and thwart security incidents and track down the hackers,” she says.

CSO Online, November 21, 2017

Cal State University and Hartnell College Launching Cohort Program:

“Since 2013, the two institutions have promoted this program as a way to attract minorities, women and students who are the first in their families to attend college to Computer Science and STEM subjects. The Cohort program nurtures these students by having them take their CS classes as a group.” DiDio says. It also helps them adjust more quickly to college life by providing them with group study and life skills classes to help them stick with CS as a major and graduate.

“So far, so good. A 75% majority of students enrolled in the CSUMB/Hartnell CS Cohort program graduate. This is well above the national average of about 30%,” DiDio notes.

ITIC Corp, November 17, 2017

Burger King Ad Creates Whopper of a Mess:

“In the Internet of Things environment, where you can have “an ecosystem or ecosystems of ecosystems interconnected, the attack vector universe is potentially limitless,” noted Laura DiDio, research director for IoT at 451 Research.

The risks are “everywhere, and what you can do is mitigate risk to an acceptable level,” she told the E-Commerce Times — but that requires vendors to make secure products.

E-Commerce Times, April 13, 2017

United Airlines Customer Service Snafus:

United’s behavior was “cavalier and callous,” said Laura DiDio, research director for IoT at 451 Research.

“The deck is stacked against passengers these days,” she told CRM Buyer.

However, this situation “is a PR nightmare for United Airlines,” DiDio added, “and it’s not going away.”

CRMBuyer, April 11, 2017

ITIC’s coverage areas continue to expand and evolve based on your feedback. Our Website content is growing as well. We will now feature content industry expert “Guest Bloggers.” Debbie Fletcher examines DDoS hacks on popular games.

***

By Debbie Fletcher

Ask any gamer; timing is everything. Even the smallest disruption in gameplay can be a virtual disaster in a heated competition.

Hackers understand the fragility of these networks, and they are willing to manipulate them for their own gain. Read on to find out DDoS is getting in the game, and how it is disrupting some of the most active and profitable networks in the world.

 

Gaming DDoS—A Rising Trend

At any one time there are millions of people playing online games on the multitude of gaming networks available today. There is considerable pressure on these networks to maintain an impeccably high level of service 24 hours a day, 7 days a week. Gamers are certainly not taking breaks during holidays either.

Not only must the network be running at top efficiency for the gameplay; servers must also be able to simultaneously handle in-game purchases and other transactions at break-neck pace.

Functionality and loading times are at a premium, meaning gaming networks have more to lose. It’s no wonder this fast paced, fast money environment is a major target for DDoS attacks.

DNS Floods work particularly well at disrupting gaming networks because slight changes in gameplay can have devastating effects on user experience. Sending vast amounts of data to a provider’s server will cause ‘lag’ times for gamers and prevent others from connecting.

Furthermore, the power of gaming networks is also vulnerable to being leveraged for DDoS attacks against outside networks. Gaming infrastructures holds many IP addresses that are easily exploitable to hit other targets with reflection DDoS.

In June, security provider Incapsula mitigated a DDoS attack on a prominent gaming network that reached over 90 million packets per second at its height. The attack continued over 48 hours. Without a DDoS protection service in place, an attack of this size would undoubtedly bring down the target server entirely.

 

DDoS Attack on PSN, Blizzard

More recently in the news, a major DDoS attack caused massive disruptions to gaming giants PSN (Play Station Network) and Blizzard (host Battle.net, home of World of Warcraft).

The attack sent shockwaves through the gaming community. Millions of Playstation users were unable to log in or play for hours.

Claiming credit for the attack was a hacking collective called Lizard Squad. They announced they were performing the DDoS for political reasons, supporting the radical ISIS group in the Middle East. It’s also a possibility that PSN competitors financially backed their attacks, a common motivation behind high profile DDoS.

But then Lizard squad expanded their mischief out of the digital sphere. They made fake bomb threats on Twitter, saying Sony executive John Smedley’s plane was carrying explosives. Although the claim was unsubstantiated, Smedley’s plane was grounded nonetheless.

 

High Profile to Local

Although the cited examples of DDoS involve large corporations, owners of small and medium size enterprises should still be wary of cyber threats. The enterprise field is not seeing the same jump in DDoS, but the levels are steadily rising. Make sure you are on top of your online business’ security so you never lose your connection to your customers.

***

Debbie Fletcher is an enthusiastic, experienced writer who has written for a range of magazines and online news publications including http://www.c-sharpcorner.com/, http://www.khaama.com/, http://datacenterpost.com/, and https://www.limestonenetworks.com/.



Share This Content:
4 Discussions
3 Comments:
  • Thanks, However I am encountering problems with your RSS. I don’t understand why I am unable to join it. Is there anybody else getting the
    same RSS issues? Anyone who knows the solution will you kindly respond?

  • This type of service would be a game changer for the company if effective. I am assuming the technology is proprietary to their centers on and not available for purchase by other vendors. Are there any guarantees of service that accompany the promise; if someone gets through with DDos attack is there some kind of compensation?

Post a Comment:




Laura DiDio on Facebook
Laura DiDio on LinkedIn
Laura DiDio on Skype
Laura DiDio on Twitter