Q&A with Industry Leaders

Q & A: Stu Sjouwerman, CEO and Founder KnowBe4 Talks WannaCry Ransomware & Cyber Security

ITIC’s coverage areas continue to expand and evolve based on your feedback. We will now feature Q&As with industry luminaries and experts discussing hot industry trends and technologies.

Longtime security professional, Stu Sjouwerman is the founder and CEO of KnowBe4.com a “New-school” IT security firm based in Tampa, Florida. It specializes in on-demand Internet Security Awareness Training (ISAT). The company’s goal is to enable organizations to quickly solve the increasingly urgent security problem of social engineering and avoid attacks before they occur. Sjouwerman also publishes an Electronic newsletter called Cyberheist News.

Prior to founding KnowBe4.com, Sjouwerman was president, CEO and founder of Sunbelt Software – now ThreatTrack Software which makes the VIPRE security package, originally developed by Sjouwerman and his team at Sunbelt Software. For 17 years he was also the editor of the popular WServerNews electronic newsletter which had a worldwide distribution of 400,000.  ITIC recently sat down and interviewed Sjouwerman about security threats, how companies can defend themselves and avoid common mistakes.

ITIC: Tell us about KnowBe4:

Stu Sjouwerman: We are the “new school” or next generation security awareness training. Old style security tactics and training don’t cut it anymore. In the Digital Age of sophisticated and dangerous Ransomware and increasingly dangerous and prolific Cyber attacks, it’s not enough to follow dos and don’ts. KnowBe4 offers training and advice to assist businesses in combating the latest threats. For example, we will perform fully automated simulated phishing attacks. This lets corporations identify who the culprits are in advance of an attack. It’s proactive and preventive. We train people to be well aware of all of the latest threats from Ransomware to Internet of Things (IoT)-based Denial of Service (DDoS) attacks to phishing attacks that are out there. Our main focus is on phishing attacks but it’s not our only focus.

ITIC: Ransomware attacks are happening with alarming frequency and the Wanna Cry attack on Friday, May 12th was the worst yet. To date it’s infected corporations in 150 countries and over 200,000 machines worldwide. Surprisingly, Security firms have stepped in with fixes and sound advice, but the threat of Wanna Cry and other Ransomware attacks still persists. What’s KnowBe4’s position?

Q & A: Stu Sjouwerman, CEO and Founder KnowBe4 Talks WannaCry Ransomware & Cyber Security Read More »

Q & A: Mike Flannagan, VP & GM, Cisco’s Data & Analytics Group

ITIC’s coverage areas continue to expand and evolve based on your feedback. We will now feature Q&As with industry luminaries and experts discussing hot industry trends and technologies.

Cisco is one of the preeminent high technology companies and a market leader in networking for the last three decades. Cisco’s technologies and market strategies continue to evolve along with those of the overarching high tech industry and its expanding customer base. Cisco is expanding its presence beyond networking and becoming a driving force in The Internet of Things (IoT) and Data Analytics. Michael Flannagan is Vice President and General Manager of Cisco’s Data & Analytics Group. He is responsible for the company’s data and analytics strategy, and leads multiple software business units. This includes: Cisco’s Data Virtualization Business Unit; Cisco’s Analytics Business Unit and Cisco’s ServiceGrid Business Unit and Cisco’s Energy Management Business Unit. ITIC Principal Analyst spoke to Flannagan in-depth about Cisco’s recent analytics acquisitions and the increasingly prominent role analytics will play in Cisco’s products and strategy.

Laura DiDio, Cisco is upping its game with IoT Edge Analytics/Data Analytics, the acquisition of ParStream and its recent partnership with IBM to incorporate Watson’s cognitive computing and AI capabilities onto Cisco edge routers. Can you provide us with insight into the tangible positive impact that IoT Analytics is having both in the data center and at the Edge in terms of business and technical advantages – e.g. performance gains, positive impact on manpower and device resources, cost savings, driving top line revenue, lowering TCO, accelerating ROI and also helping to increase reliability and mitigate risk? …

Q & A: Mike Flannagan, VP & GM, Cisco’s Data & Analytics Group Read More »

Andrew Baker Q&A: Security

Andrew Baker has been an IT manager specializing in security for over 25 years. He has worked at a variety of firms ranging from large enterprises like Sanford Bernstein, Bear Stearns, Warner Music Group and the Princeton Review, to SMBs like Send Word Now. In the wake of the 9/11 World Trade Center bombings, Baker was tasked with getting the network up and running and defending its data from any potential hacks. As a lifelong security expert, Baker knows that there is no such thing as absolute foolproof security. But he’s also aware that even the strongest security mechanisms can be undermined by human error and lack of strong security policies and procedures and corporation’s failure to enforce common sense security practices. Baker is President and founder of BrainWave Consulting Company, LLC in Gassaway, West Virginia where he provides Virtual CIO services for small/medium businesses.   See BrainwaveCC.com

ITIC: What has been the greatest security threat to emerge in the last 10 years?

Andrew Baker: Since 2003 we’ve seen the modernization of the hacker community and organized crime has appeared on the scene. Organized crime views the Internet as a bonanza: it allows them to operate out of the limelight with fewer resources. We’ve also witnessed nation-states and state-sponsored cyber-terrorism. Countries are all spying on one another. But there are certain countries that represent a big security threat: China, Asia in general (North Korea), Romania, Russia, Bulgaria and former Soviet satellites and the Middle East. The difference between China and everyone is that China has swiftly morphed into state-sponsored cyber-security threats and the country is tightly regulated. Any country that can prevent Google from free-search can easily stop hackers from inside their borders – if it wanted to. In Romania and other countries there are towns like “Hackertown” that promote ‘Cybercrime as a Service.’ Here in the U.S. the bulk of the problem is people, specifically stupid human error among the bulk of the population. Additionally, the U.S. Government has yet, to my knowledge, catch a single cyber criminal either the Russian or Italian organized. These cyber security syndicates have modularized cybercrime; they outsource a lot of their criminal activities and they can operate from anywhere, which makes it more difficult (but not impossible to catch them.

ITIC: As both an IT professional and a consumer how much more dangerous and pervasive are the security threats now than they were even three to five years ago?

AB: It’s insane.It’s no longer college students or kids out make their reputation for fun and glory. You now have specific kits and organized crime and “hacktavists.” Security threats are everywhere and they’ve risen by orders of magnitude.

ITIC: Against this backdrop we now have the Bring Your Own Device (BYOD) and IT as a service, trends which make security even tougher for businesses. What do you do for your corporate clients?

AB: The first thing I dois review and test and their environment. I also construct a checklist and ask them if they are able to do the things they want to do and to ascertain whether or not any of those actions potentially compromise the organization’s security.

ITIC: What do you look for?

AB: I examine the entire network environment including application configurations, the manageability of systems and I examine how the corporation mitigates risk and manages host-based security. Many organizations haven’t done anything to regulate network access – they’re wide open and oftentimes have not changed/updated security parameters and permission.

ITIC: Upon examination what gaps do you typically identify?

AB: I do penetration testing but for the most part I don’t need to do that. In fact, the companies that need to do penetration testing to show where the flaws are – just don’t get it or they’re reasonably secure and I’m running an automated tool to uncover something obscure. For most SMBs, the gaps in their security are very evident; they are issues like firewall configuration or misconfiguration. Every rule in the firewall should apply to something that’s happening. I typically see a mismatch between the rules and the systems that the rules pertain to. What you want to see is more systems than rules. When you see more rules than systems, you will almost always find that you have openings in the firewalls for devices that no longer exist or no longer performs the specific function for which it was originally provisioned. For example, a firewall that is configured to secure or filter inbound Web access can be a security hazard, if the servers it applies to have been outsourced to GoDaddy. In this scenario, if the organization never changed the firewall rules and if the organization built a new server to control inbound Intranet traffic and gave it the same IP address as the old Internet Web server, the firewall rules from the outside will still work. But that means the company has unwittingly created a doorway into the network.

ITIC: What other common configuration errors do you encounter?

AB: Rules that are too broad and allow too much access; default passwords not being changed; people still putting in intentional back doors into the system (which is leftover from the 1980s) which they forget to secure. For example, many corporations allow the use of intentional backdoors so an administrator can manage the system from home, but when he or she leaves the company, the rest of the organization has forgotten about it, so it remains a possible source of exploitation. Organizations and their IT departments and security IT managers must monitor all the entry points into the system. This includes obvious things like user logins and of course, the still popular “shared passwords.”

ITIC: In terms of securing the environment where organizations are most likely to skimp on security and what types of security issues do some businesses ignore altogether?

AB: The areas of greatest weaknesses usually involve mobility and data leaks. Many companies pay attention to inbound traffic but they mistakenly ignore outbound data traffic. For example a small or midsized organizations that has 500 or fewer employees and that are not in a heavily regulated vertical market environment like healthcare, financial or pharmaceutical, you’ll find that 90% of the security rules are about connecting into the environment and only 10% are about connecting out. This goes beyond regulating social media or URL usage – with Web filtering – that’s more focused on productivity than it is for security. Most firewalls are intended to secure inbound traffic – most of the newer devices do support bi-directional security. The average lifespan of a firewall is about five or six years; the key is ensuring that the tool services the corporation’s security needs. A 10 or 20MB connection with multi-year support is available for a list price of less than $2,000. So it’s affordable for even an SMB with 10 employees. There is really no excuse for any company not to install a state-of-the-art firewall with network level anti-virus, intrusion prevention and different types of application analysis and multiyear support for subscription and signatures.

ITIC: Firewalls are the first level of defense. What are other must-have security tools?

AB: Adequate monitoring is crucial.The first rule of security is that you won’t catch everything; there’s no such thing as 100% foolproof security unless it’s the device is disconnected and physically locked up. Monitoring encompasses many tools (e.g. audit trails) that enable the company to consolidate network data traffic in at least near-real-time so the organization can perform forensics. Corporations also need to send firewall, application and switching log data and consolidate them to a single location where you can monitor them. Since you can’t stop everything, you need to be able to monitor all network traffic in hindsight, so you can determine if a breach has occurred, where it occurred and duration so you can determine what happened. Intrusion detection is typically included in new firewalls. Audit trails are directly linked to monitoring. Policy falls into two categories: policy as a matter of legal definition and procedures to facilitate the goal. Companies should also distinguish between their Business policy and their Technology policy. The Business policy sets the rules and guidelines governing who has what levels of access. The technology policy should enforce the business policy.So if the firewall is replaced with another brand all you have to do is figure out how to configure it, but the basic business premise doesn’t change. You have to identify risks to mitigate them to an acceptable level. You will never totally eliminate risk.

ITIC: What risks should organizations look for and eliminate?

AB: First, the security teams need to identify all technology and business-based risks. Next, they should suggest anything that can be used to mitigate these risks and pay equal attention to everyday human actions which can elevate physical security risks. For example, if everyone has a key card to get into the office but they ignore who comes in behind them, then you’ve just created a big security risk by human action, which has nothing to do with technology. Similarly, if a company has 50 people in the office but only 20 keycard swipes, it could institute a policy that requires a key card swipe and not allow visitors to roam unescorted throughout the premises. Finally, IT security professionally should proactively communicate with management, provide them with updates and bring security risks to their [management’s] attention. Set up a meeting with the goal being to have management sign off on some of the proposals and agree to accept or mitigate risks.

ITIC: That’s a bold suggestion. As we all know politics plays an important role in security. What’s your advice to internal Security IT pros, who are being told to provide administrative access to end users – particularly those that are connected to the corporate revenue stream like a doctor or a lawyer – even though it represents a big security risk?

AB: There are different approaches to saying “No.” Again, security professionals must be proactive about identifying the risks and getting management to recognize and sign off on them. Cite statistics and studies to bolster your argument; make an objective argument. Don’t make it personal. The objective of the corporate IT security professional is to gain better control or have the other parties accept the risk. There are three (3) outcomes. The first is they stay within the system because they don’t have a pressing need – the “convenience” argument for a knowledge worker to have Administrative access isn’t strong enough, or alternatively, the IT department will accommodate pressing needs by providing elevated access. The second path is that you can’t convince them and you tell senior management that we’ll do it, but you need to sign off on the elevated risk so if a breach occurs, they accept the responsibility for acquiescing to elevated access rights. If that’s the case, the security IT administrators need to state specifically that the physics of the system don’t allow them to grant elevated access rights and still maintain security. I recognized that depending on the relationship between C-level executive managers and the IT department, that it may be difficult to get senior management to put it in writing. The way to get the paper trail you desire is after the meeting, you send out an Email recapping the meeting events and stating “…As per our discussion, we have made an exception even though it’s a greater security risk….” The third scenario is to work with the individual(s) who want the elevated access and to work out some compromises. It could be that the IT department will monitor them to a greater degree and expect them to keep IT informed of their activities. It becomes a reciprocal relationship; even though it raises risks you still get another set of eyes. It takes a great degree of cooperation and you still have to be vigilant. The people who cooperate are rarely the source of trouble.

ITIC: BYOD and mobility are the new business paradigms. Smart phones and tablets are high security risks both in terms of device theft and potential security breaches. What are the best security defense methods?

AB: There are a variety of tools to manage mobile devices. But it still comes back to having strong corporate security policies, that the company enforces. Security IT professionals should assume that their worst security nightmares it will happen and find the tools and policies they need to secure it. There are mobile-only products – MDM (mobile device management) like. Mobile Iron and ManageEngine has a tool called Desktop Manager, to name just two. Consumer users can opt to store their contacts in the cloud Apple, Google, Microsoft and others all provide ways to do this. Google and Apple’s cloud solutions support storage of pictures and videos – and you can backup your data locally. There are also tools that enable you to wipe the device in case it’s lost or stolen e.g. AndroidLost which is free.

ITIC: What emerging security threats are on the horizon?

AB: It’s not so much new threats as it is sophistication of existing threats. Corporations can expect that hackers will employ technologies like cryptography to their advantage when attempting an intrusion. We see that hackers are now digitally signing their malware so it appears legitimate and authentic. We can also expect more meaningful and pernicious attacks against mobile devices. We’re going to see further proliferation of Root Kits and we’re also witnessing cross-platform attacks that can affect any connected platform, so the malware goes from Android to Windows to Apple or whatever. No connected platform or device is immune.

ITIC: For years Apple benefitted from security by obscurity is that going away?

AB: Thanks to its burgeoning popularity, Appleis absolutely much more of a target. In the last six months alone we’ve seen a lot of malware that is Mac-specific – it hasn’t done anything specific yet but the fact that it’s available and it’s targeting an environment where many users don’t expect it and have a false sense of security – is troubling.

ITIC: What’s the bottom line with security?

AB: At the end of the day, security in principle is straightforward. It’s the charts you see from companies that do business process re-engineering. You identify, assess and take the appropriate remedial action – or not. The problem with security is that it is not static. The hackers don’t stand still. Security is continually evolving process. Even if you never changed your technology, the security still evolves. Every new feature and function and product has unintended uses and consequences. Security is a 65% to 35% — between process and people it’s 65% and 35% is the technology. Security should be baked into the entire environment. You always pay the price when you do it in hindsight and bolt it on. Certain environments are more security-sensitive. In a financial organization, whatever the platform, people will be secure.

Andrew Baker Q&A: Security Read More »

Michael Miller Q&A: SUSE and Attachmate Group

The last 14 months have been eventful for SUSE as it began a new chapter in its history. In April, 2011, The Attachmate Group bought Novell (which had purchased SUSE in 2004 for $210 million) and SUSE for $2.2 billion. SUSE now functions as an independent business unit. Its main products are the SUSE Linux Enterprise Server, SUSE Linux Enterprise Desktop and the SUSE Studio, development tools. ITIC interviewed Michael Miller, SUSE’s Vice President of Global Alliances & Marketing and Kerry Kim, the company’s director of Product Marketing. The two SUSE executives discussed the initiatives since the Attachmate acquisition and detailed SUSE’s current and future product, key alliance partners and business strategies.

Laura DiDio, ITIC: Describe SUSE’s strategic focus and direction in the 14 months since Attachmate purchase.

Michael Miller: Our first job was to reconnect with partners, alliances and customers. We brought a stable continuity of people, engineering, alliance, sales and support and reintroduced ourselves as a SUSE business. I immediately traveled to meet with global alliance partners including, Dell, Fujitsu, HP, IBM, Microsoft and SAP. We got a very positive response; everyone was happy to see the SUSE brand being carried forward. The second thing was determining the focus and our core areas of business. We don’t want to be all things to all people. We spent a lot of time figuring out where we could be key and core to our partners and customers. It was an intensive process and very team building. We came up with three focus areas. They are: Enterprise Linux, Cloud infrastructure and integrated systems. SUSE Linux Enterprise is aimed at addressing the most demanding, data and compute-intensive workloads to deliver services in real time for databases, large performance SAP applications and HPC (high performance computing). The second initiative centers on the cloud and cloud infrastructure. SUSE has a significant business with the Amazon public cloud; we’ve seen with 10% increase month-over- month on Amazon. We want to expand that and make sure SUSE is a pivotal player there and we’re ramping very quickly. We’re also very excited about the private cloud infrastructure. We see the OpenStack project as the Open Source part of Cloud Infrastructure. At BrainShare 2011, SUSE said it would join and contribute to the OpenStack Foundation; we’re part of the founding and drafting committee. We want to make our private cloud offering the most durable, stable, and easiest to deploy and manage and the most cost efficient to implement. At the same time, SUSE wants to ensure that there’s no vendor lock-in; they can build a stack that’s tuned to the business needs. And we want to combine [our offerings] with the SUSE tools. SUSE is operating system agnostic and hypervisor agnostic.

ITIC: You hired back a lot of the original SUSE engineers in Germany.

MM: That’s correct. When The Attachmate Group acquired Novell we carried over the entire German engineering organization led by Ralf Flaxa, who is the vice president. And we’ve also brought back a lot of former SUSE engineers. The organization totals about 750 people.

ITIC: Describe SUSE’s present initiatives.

MM: We’re into an interactive engaged phase with our partners and alliances e.g. SAP Hanna appliances which all run on SUSE Linux. It’s the fastest growing product SAP has had in the last 15 years and we’ve had great success at aligning with customers and alliance partners for Private Cloud. We have customers like BMW that want to develop a cloud offering and we’re launching them with customers worldwide over the next six months – up to 20 customers. Because we’re working with partners and have our own services organization we want to scale globally and in collaboration with OEM hardware partners and major customers. We’re also very focused on exceeding the overall Linux industry revenue and booking growth rates in fiscal 2013 and so far we are doing so.

ITIC: Is SUSE targeting any specific vertical market segments?

MM: Yes, we’re particularly focused on automotive, aerospace, defense and retail. Nearly all of the global automakers like BMW, Chrysler, Daimler, Ford, GM, Honda, Hyundai, Renault, Toyota, Volkswagen and others are SUSE customers. And Nearly 80 percent of US Fortune 500aerospace and defense companies and 70 percent of US Fortune 100 general merchandisers, specialty retailers, and food and drug stores deploy SUSE Linux Enterprise.

ITIC: SUSE Enterprise Linux has consistently performed well in ITIC’s Reliability Surveys, what have you done to improve performance and availability?

Kerry Kim: As a generalphilosophy, engineering excellence has been a cultural and core value for us for the past 20 years. We’ve focused on commercializing Open Source software. We continually fine tune our various engineering processes and automate test processes to insure they are fully integrated. This in turn optimizes performance, scalability and reliability. That quality has been part of the fabric of SUSE. On the technical side, we’ve continued to push the envelope to get those features that would achieve parity and surpass UNIX distributions. With each successive product release SUSE tries to introduce more robust file systems, tracing, tuning and Operating system level virtualization (akin to Sun/Oracle containers and zones). We also support the latest XEN and KVM releases. And we’ve introduced commercial support for Linux containers. – OS level virtualization; on the file system side, we’ve introduced commercial support for Butter MS to rollback changes in a scalable file system like ZFS. And on the tracing side, we’ve introduced support for LTTNG (Next Gen Linux Tracing Toolkit) to give customers the ability at the kernel level to monitor and see how various threads interact and impact OS performance. Earlier this year we released SUSE Linux Enterprise Server 11 Service Pack 2. That is supportedon Dell’s latest 12G Servers and IBM System X. We are concentrating on a forward looking developing model so we can deliver the innovation support for latest hardware and chipsets. We do a lot of integration testing with hardware and software partners so that we can achieve greater reliability.

ITIC: SUSE also gets high marks for robust security. What are you doing there?

KK: One reason we haven’t had as many problems is that rivals get used more – security by obscurity. Traditionally, Linux has been more of a back end, behind-the- datacenter door operating system. I t gets used in specific scenarios like thin clients and SUSE benefitted from that. Every OS must be inherently secure and you have to allow it to be and remain secure when you deploy other products like firewalls. SUSE has been working active on both fronts. We’ve submitted all of our platforms for security Carrier Grade certification for both the government and telecommunications industries. There are a number of tools and packages that are part of the SUSE Linux Enterprise distribution such as both IPV 4 and the new IPV 6 support.

ITIC: Can you describe SUSE’s activities with key OEM partners like Microsoft?

MM: Back in November 2006, Novell and Microsoft signed a wide-ranging partnership and patent cross-licensing agreement to ensure SUSE’s continued interoperability with Microsoft Windows. Last July, SUSE and Novell renewed the agreement for four more years to 2016. In addition, in early June, we announced that SUSE Linux Enterprise Server and openSUSE can now be run in Windows Azure Virtual Machines. Additionally, through SUSE Studio, customers can rapidly develop cloud-ready applications and automatically launch them on Windows Azure, virtually eliminating inefficient manual processes. Through the SUSE Cloud Program, SUSE makes it easy for cloud vendors to offer differentiated services that speed customer acquisition. Many of today’s top global cloud providers offer SUSE Linux Enterprise Server to help IT organizations deliver mission-critical IT services efficiently and cost-effectively in cloud environments. In addition to Microsoft, we have a number of cloud providers that have joined the SUSE Cloud Program including, Amazon Web Services, Dell, Fujitsu, IBM, Intel, SHI, SGI, Verizon and Vodacom Business. The Microsoft/SUSE alliance jointly sells SUSE Manager and SUSE Studio as part of our solution portfolio. Our strategy is to support mixed environments in the cloud as well as in the data center. And it’s working: to date Microsoft and SUSE have 800+ joint customers worldwide.

ITIC: Can you detail SUSE’s initiatives with other partners like SAP and IBM?

MM: SUSE is the number one Linux platform for SAP customers; over 3,500 SAP customers run on SUSE Linux Enterprise and we provide joint 24×7 technical support leveraging SAP Solution Manager. We’re strategic for SAP in the datacenter and in the cloud supporting SAP HANA / SAP BWA, SAP Business ByDesign and SAP StreamWork Enterprise. With respect to VMware, the vSphere customers are entitled to SUSE Linux Enterprise Server maintenance at no additional cost and they have an option to purchase technical support direct from VMware. Additionally, VMware is standardized on SUSE Linux Enterprise Server for all VMware appliances and the vCenter Appliance based on SUSE Linux Enterprise Server is available now. SUSE and VMware are pursuing joint technical optimizations and go-to-market programs. SUSE also has very strong partnerships with OEM hardware vendors including Dell, HP and IBM. SUSE’s relationship with IBM is equally strong. This spring, we teamed with IBM to deliver SUSE Linux Enterprise on IBM’s PowerLinux servers.

ITIC: What can SUSE customers and the industry expect in the 2012 -2013 timeframe?

MM: We’ve got a very big push involving Cloud Infrastructure and we’ll launch the first SUSE CON conference September 18th – 21st in Orlando – focused entirely on Linux technology and customer partners. By delivering SUSE Linux Enterprise Server in the cloud, we’re helping customers to increase flexibility and resource utilization while reducing the management burden and risk. Through our overall vendor alliances, we provide our joint customers the ability to take advantage of the most certified applications of any Linux vendor and a robust solution, such as SUSE Studio, for developing and deploying mission-critical Linux workloads on a pay-per-use basis to Windows Azure. One of the main ideas behind the new service is to create a hybrid cloud to enable applications to run across the cloud and servers that customers have more direct access. Earlier this month we announced support for Windows Azure Virtual Machines. This allows customers to move virtual hard disks (VHDs), with the configured systems based on Windows Server or Linux, between the cloud and local servers. So we’ve made it easy for businesses to extend SUSE Linux Enterprise Server-based applications to Windows Azure using the one-click-deployment capabilities of SUSE Studio. We’ve also included automatic maintenance capabilities that will keeps SUSE Linux Enterprise Server up-to-date on the most current security patches, bug fixes and new features, so customers can get peak performance efficiently and cost- effectively.

KK: We have additional products that complement the server OS – various tools and frameworks that enable our customers to standardize, simplify deployment and to manage their Linux infrastructure. We’re finding that in this growing virtual and cloud-based world that these tools are valuable for partners and enterprises. For example, we’ve allowed Dell to use our SUSE OS platform in their OEM Solutions business. These are products that they build and deliver but Dell and our customers can leverage our tools like SUSE Studio that lets them customize the OS and customize the OS for different form factors like turnkey physical or virtual solutions. Dell sells integrated hardware and software and they are specifically targeting enterprises in specific verticals like healthcare – for instance GE [General Electric Co.] for ultrasound and MRI systems. Dell is taking their supply chain expertise and marrying it to our products and tools and you’ll see more of that type of innovation. Through the SUSE Cloud Program, we’re making it easy and efficient for cloud vendors to offer differentiated services that speed customer acquisition. Many of today’s top global cloud providers offer SUSE Linux Enterprise Server to help IT organizations deliver mission-critical IT services efficiently and cost-effectively in cloud environments. In addition to Microsoft, cloud providers that have joined the SUSE Cloud Program include 1&1, Amazon Web Services, Dell, Fujitsu, IBM, Intel, Tencent, SHI, SGI, Verizon and Vodacom Business.

By delivering SUSE Linux Enterprise Server in the cloud, SUSE helps companies increase flexibility and resource utilization while reducing risk. Through our alliance with Microsoft, we provide our joint customers with the ability to take advantage of the most certified applications of any Linux vendor and a robust solution, such as SUSE Studio, for developing and deploying mission-critical Linux workloads on a pay-per-use basis to Windows Azure. One of the main ideas behind the new service is to create a hybrid cloud to enable applications to run across the cloud and servers that customers have more direct access.

Michael Miller Q&A: SUSE and Attachmate Group Read More »

Scott Handy Q&A: IBM PowerLinux

As part of our ongoing series of Q&As with high-tech industry luminaries, ITIC Principal Laura DiDio spoke with Scott Handy, IBM vice president of strategy and business development for PowerLinux. Handy discusses IBM’s latest lineup of PowerLinux products and how they align with Big Blue’s strategy in pivotal market segments like Big Data, Virtualization and cloud computing. Handy is a 20+ year IBM veteran and a longtime Open Source proponent. Prior to this, he was vice president of worldwide Linux and Open Source for IBM. In addition, Scott has held numerous executive, technical sales, marketing, and strategy positions covering Large Accounts, Channels, Small and Medium Business and IBM solutions for Windows NT, Sun Solaris and OS/2 Warp.

Laura DiDio, ITIC: Can you provide us with an overview of IBM’s PowerLinux products and strategy?

Scott Handy: The new PowerLinux products are an extension of IBM’s overall Power Systems strategy. We want to address the Linux x86 markets and generate more growth for Power by providing IBM customers with optimal performance and reliability at an extremely affordable Total Cost of Acquisition (TCA) price point. Linux operating systems already run on Power Systems today, but it is the smallest of the three operating system distributions that IBM Power Systems supports: AIX, IBM i and Linux. We deliberately picked three solution segments to focus on this initially, and that will grow to six by the mid 2013. They are:

  • Big Data Analytics: The Power7 series servers have four (4) threads per core versus Intel’s two (2) threads per core, and can optimize workload performance for platform-kernel, tool chains and libraries. 42% faster sorting a terabyte of data, per IBM Research results.
  • Open Source Infrastructure Services: This includes support for Web, Email, social networks, and faster and improved economics with PowerLinux & PowerVM.
  • Industry Application Solutions: The PowerVM Integration Virtualization manager simplifies and eases deployment and automates most routine daily tasks by providing businesses and their IT departments with a single system to address multiple virtual application and database servers.

Each of these segments offers tangible performance and cost benefits to corporations in a wide variety of vertical markets, including IBM’s traditional core competencies in government, finance and healthcare.

ITIC: How big is PowerLinux in terms of revenue and number of customers? And how fast is this market segment growing within IBM?

SH: IDC (International Data Corp.) data shows that [the worldwide revenue for] Linux is $10B by 2015. Our Linux revenue grew 29% last year in the Power Systems market, and we want to continue to dramatically expand that growth rate. Our initial focus is three solution segments, growing to six by mid-2013. Our initial success in the pilot has proven to us that we have the right value and performance mix to grow the PowerLinux segment. We anticipate PowerLinux will continue to grow faster than the overall Power Systems growth.

ITIC: Describe the target audience for IBM’s PowerSystems Linux-based applications and how you’ll differentiate your products from rivals like VMware in virtualization?

SH: We’re focused on delivering new types of applications and functionality that were not previously available. For example, we’ll enable customers to analyze how their brands are perceived in analytics of blog or posts on social networks like Facebook and Twitter. We’re also aligning the applications with the specific vertical markets. So a bank or financial institution can use the analytic capabilities for better fraud detection.

To accomplish this we felt we needed more [Linux] products priced comparably to x86 offerings. The Linux market segment has a different buying behavior and purchasing patterns. We’ve analyzed that buying behavior, which is much more focused on Total Cost of Acquisition (TCA) and price/performance. We know we have to take price off the table [as a purchasing inhibitor] to get in the door. IBM’s Power Systems group is very focused on companies that use virtualization. We can leverage our economies of scale to compete more effectively. Our PowerVM virtualization for example, is priced 16% below VMware’s competing product.

IBM’s strategy is not to get into a price war with Intel but to compete on hardware, virtualization and superior client value on Big Data, Industry Application Solutions and virtualized Open Source Infrastructure Services (OSIS). The latter (OSIS) is very high volume. Over 50% of companies deploying Linux are using free Open Source solutions. There are over 2,500 open source packages. The top five are LAMP, Open Source Email, SAMBA File/Print (soon to be directory services), edge of network services such as Proxy DNS servers, security and a DNS firewall. These are included free in Red Hat Enterprise Linux (RHEL) and SUSE Linux Enterprise Server (SLES). We feel the Power Systems virtualization is superior to VMware in price. And because it’s built into the hardware, there’s less overhead and superior efficiencies; we offer more VMs per server. IBM customers understand the benefits. Finally, IBM Power Systems offer TCA pricing that’s 30% below the competition when virtualized. And 30% below in this space is enough for people who want to move. And there’s no re-training required. We have a lot of customer wins – we’re in five countries already, and we have 118 opportunities and wins in every country that we’ve piloted and in all 3 solution areas we are targeting. Its working.

ITIC: IBM sells industry standard Red Hat Enterprise Linux and SUSE Linux Enterprise-only servers optimized for the Power server architecture. Will IBM provide technical service and support for PowerLinux customers who implement customized versions of Red Hat and SUSE?

SH: Yes,for custom implementations we will support the back end. Fewer customers are doing significant customization. The majority of users find they can get the required features and functionality in the standard Red Hat and SUSE distributions. About 50% of customers will choose IBM Level 1, 2 or 3 support. They can also sign up for a custom solution support. Currently, we have about one dozen customers with customized Linux implementations on Power Systems. We assist with them with the creation of [the necessary] custom changes, and then they can sign up for integrated support. To prove the point, our first PowerLinux customer win in Japan was with Fixstars, for a Big Data appliance, using Cloudera for Apache Hadoop, running on Yellow Dog Linux. We made it all work with support behind it.

ITIC: IBM’s PowerLinux group focuses on three solution areas: Big data analytics (IBM InfoSphere, Biginsights and Streams), Industry Application Solutions (workload optimization) and Open Source Infrastructure Services. How will you address them?

SH: Big Data analytics is very interesting.About 80% of data is unstructured versus 20% that is structured in a traditional database. However, 80% of the processing is done on 20% of the structured databases. There are new tools – predominantly around Open Source Hadoop framework. You can create new types of applications. The most interesting is the branding around social media. People can understand what’s good about their brand and what’s new about their brand. This includes marketing people who want to put programs in place to accentuate the positive and nullify the negative. Governments are using it to find criminals. It’s also interesting to look at log data around computer usage. We help to improve IT operational efficiency e.g., detailing the issues that cause [system and application] crashes. Less than 20% of IT is software; the rest is people. If you address this you can save companies a lot of money by helping them leverage change management and reduce labor costs.

We got a head start by putting these things on PowerLinux with Watson’s intelligence. Big Data is predominantly a Java-based solution and IBM’s products have twice the memory bandwidth and storage I/O bandwidth compared to Intel. Big Data is not just about playing Jeopardy with Watson. It is useful and applicable in a variety of verticals. For example, hospitals are using advanced medical applications to reference symptoms in newborn infants to predict a medical condition – infections — 24 hours before they occur. Like Big Data, Industry Application Solutions and Open Source Infrastructure Services are all areas that highlight advanced features and provide customers with tangible value.

With Industry Application Solutions, IBM knows that ISVs and OEMs want to bundle hardware and software. That means you have to workload-optimize the systems. We’re either putting accelerators or specific tuning into bundled solutions. Within PowerLinux, we can get memory bandwidth and I/O storage into the chips and feed it. We provide customers with economic value based on the way we optimize the system.

With Open Source Infrastructure Systems we take applications already bundled with Red Hat Enterprise Linux and SUSE and improve the performance. One of our early adopters, the University of Hamburg, reported 50 percent better performance and throughput with 30% reduction in TCA versus an x86-based approach.

ITIC: IBM’s Watson has been featured prominently in the news in recent months – particularly after the Jeopardy challenge. What role does Watson play with respect to PowerLinux?

SH: There are two elements: it was a big deal for IBM Research to win the game using Power technology. They ported all the software to PowerLinux that we’re using for Big Data, and this was the first substantiation of the proof points vs x86. What’s even more interesting is that beyond Jeopardy, we’re taking the technology and applying it to real world problems. WellPoint – one of the largest health benefits companies in the United States – leverages it as a mechanism to enable doctors look at much more data and to try and determine the right treatment. Each vertical industry has a unique use case. Citibank signed up with us to use the technology to improve fraud detection and better understand customer activities across many accounts. Customers will also benefit by getting better services and government as well. In addition, Watson interprets speech. Watson has to figure out how the speech was generated. A government agency might use to the technology to understand the context of the speech; this is crucial when you’re spanning the Web. And Watson is performing these functions in all languages, not just American English.

ITIC: What are the specific cost/performance advantages of IBM’s newest PowerLinux servers like the 7R2 compared to competing solutions from Dell and HP?

SH: In general, we have a faster processor that comes in a multitude of flavors such as a 3.7 GHz equipped with better memory and storage I/O bandwidth, and we’re workload- optimizing the system to achieve a total performance/solution advantage. We’re driving real client value.

ITIC: Could you detail how IBM’s POWER7 processors compare to rival Intel processors?

SH: We have basic fundamental improvements – we run four threads per core vs. Intel’s two threads per core. That gives us 50 percent better throughput. We also have the Active Energy Manager, a very sophisticated capability that determines what it needs to run most efficiently. For instance, it will tell IT managers, or can be set to dynamically change, not to use threads or cores that they don’t need.We very intelligently manage the performance and energy usage. On average, an x86 only system utilizes 15 percent energy. An IBM POWER processor can give customers 60 to 80 percent utilization so they’re not wasting power. Our virtualization has so much more capability than competing offerings. We can do shared pools and dedicated shared pools and in 10 milliseconds we can switch it over to the one that thinks it’s dedicated. We adapted this technology from our mainframes, which run at 90% to 100% utilization.

ITIC: Virtualization and Cloud Computing are two critical market segments. How do the latest PowerLinux servers address users’ virtualization and cloud computing needs in terms of additional performance, scalability, reliability and security?

SH: I’m very pleased with a customer – a large hosting company with over 70K servers. They had not purchased any IBM equipment. They asked for two machines and found that the latency was 54 percent less. We also have a virtual machine density advantage – even with 1 virtual machine, IBM Power, PowerLinux achieves 131% better throughput than VMware – more than twice VMware. And when you get to multiple VMs we can get dramatic – 500% improved throughput on multiple servers with 32 virtual machines on a 2-socket server. Also, we’ve found that customers aren’t particularly happy with VMware’s recent price hikes. Customers are telling me that IBM’s unlimited virtual or physical memory per license can save them significant dollars vs VMware’s limit which increments on a 96GB memory total virtual memory limitation per socket regardless of how much physical memory is installed.

Our customers also like the ability to tune Service level Agreements (SLAs) and in a cloud environmentthat’s very important. Our VMs don’t know the other VMs exist so the security is perfect. PowerVM has NO security violations, and VMware has 135 security flaws in the last year. If you’re in a cloud environment and trying to do multi-tenancy, multi-client, security is paramount.

ITIC: IBM’s AIX also runs on PowerSystems servers. Can you differentiate what types of functions and applications are suitable for AIX and where PowerLinux is the better choice?

SH: We have many good AIX customers who have come from Solaris and HP UX environments – over 1,000 customers a year for the last two years. They all went to UNIX if they migrated to us. But many who consider themselves UNIX customers and also buy Linux x86. We picked the workloads for PowerLinux to focus on that are predominantly Linux to attract partners, resellers and ISVs, like Big Data – e.g. Hadoop only runs on x86 so by definition there can be no cannibalization. Our data shows that we have 118 potential customers that have no Power Systems installed, so this is incremental business. And, we’re getting the Linux x86 businesses in a Power account. We have a ton of benchmarks, and in general, the two operating systems are very close in terms of performance. Because our hypervisor is underneath both AIX and Linux, the performance is pretty comparable. The better comparison is between PowerLinux and x86. We’re in a scale-out computing mode when you compete with x86; they can’t keep 1,000 servers up and running, and we can. RHEL and SUSE on PowerLinux will be more reliable on IBM Power Systems than on an x86-based system.

Scott Handy Q&A: IBM PowerLinux Read More »

Steve Sommer Q&A: Virtualization, Cloud & DR

Steve Sommer has seen just about everything in his 30+ years as an IT executive. As a Chief Information Officer (CIO) and Chief Technology Officer (CTO) since the late 1980s he’s witnessed the industry’s transition from the “dumb” terminal/server paradigm and slow, kludge dial-up to today’s “always on” networks. He’s also participated in and grappled with all of the positive and negative aspects of transformational and disruptive technology trends. Sommer has experienced firsthand how the “consumerization of IT” and the rapidly increasing numbers of remote users accessing the network via smart phones and tablets impacts IT, security and how companies do business in the 21st Century. Sommer is currently CIO at Stromberg & Forbes, LLC, a financial services company with offices in New York and Florida. Prior to that he spent 25 years at Hughes, Hubbard and Reed a law firm headquartered in New York City. He worked his way up at HH&R to become CIO and CTO, holding down both jobs simultaneously. ITIC interviewed Sommer on a wide range of topics including: the Pros and Cons of new technologies like virtualization and cloud computing. He also talked about the impact and implications of end users utilizing consumer devices for ubiquitous connectivity. Sommer also dispensed practical, tactical advice on how organizations can construct a strategy for efficient and secure mobility and remote access. As an eyewitness to the September 11, 2001 attack on the World Trade Center, Sommer talks about the terrorist attack has changed the way companies view disaster recovery (DR) and backup plans in a post 9/11 world.

Laura DiDio, ITIC: Virtualization and cloud computing are two of the most pivotal technologies to emerge in the last five to seven years. Do all users from SMBs to enterprises need them and why?

Steve Sommer: There’s no escaping virtualization; that’s the way the industry is going and SMBs should follow; they have just as much need for virtualization as large enterprises. The density of the data, the content, the critical nature of applications and business continuity all make virtualization imperative. It saves money, provides consolidation and it’s easier to maintain a streamlined environment. Virtualization allows for better testing and faster, more efficient disaster recovery (DR). Virtualization preceded the cloud. But cloud computing is different. There are many dangers inherent to the cloud. Any SMB contemplating a move to a public, private or hybrid cloud must realize that cloud computing isn’t free or cheap. This is especially true for SMBs with more limited resources and smaller budgets. But a well planned cloud implementation will deliver better economies of scale and alleviate the burden on IT. From my perspective, Google, and Apple are not the best solutions for an SMB cloud. The issue is that end users in SMB organizations utilize Google’s and Apple’s iCloud as consumers but they’re not necessarily worried about their company’s security, costs and integration issues. The users are just concerned with accessing their data whether they’re at home or in a public facility like a restaurant, kiosk or a plane. Typically, end users are ignorant of the business’ support costs and security ramifications. They don’t grapple with the problem of how the organization will support the cloud. That said, eventually almost all SMBs, like large corporations, will need a cloud; they won’t be able to compete effectively otherwise.

ITIC: For SMBs that lack the money and the IT resources of larger enterprises, does it make more sense to go with a public, private or hybrid cloud?

SS: If you lack the funds to hire an external cloud services provider, then you’ll need a private cloud using something like Microsoft’s SharePoint. However, even a private cloud managed internally, is an expense because you have to tweak and expand the infrastructure to accept the users accessing the private cloud. That’s a lot of work. You have to publish your information outside the firewall and build a secure environment to allow people to access crucial information. Your infrastructure has to change and evolve [to accommodate the cloud]. For example, you’ll need to upgrade the WAN. SMBs, like enterprises can support private clouds capably on their own. However, they will need in-house expertise and it will still cost money. SMBs need to build a cloud in steps; a hybrid cloud is a good choice for an organization starting out and getting its feet wet. Even a large retailer like L.L. Bean has partnerships with outside vendors. A public cloud is optimal but the gating and inhibiting factor is the expense.

ITIC: What are some of the most crucial issues that organizations should consider when implementing a cloud environment?

SS: If you’re going with a public cloud, there’s a lot to consider. The first is training your people and put the proper controls in place. Next, you have to decide on approved applications and which if any applications to blacklist. Most SMBs today are ready to transition to the cloud. The most important factor is selecting the right vendor. You have to perform due diligence. You must assess key elements of your planned cloud implementation such as: security, storage capability, the reputation and strength of the vendor in the marketplace. What cloud providers are your SMB peers using? The telecom vendors like Verizon have the best opportunity to partner with data vendors. I think we’ll see partnerships between companies like IBM and Verizon. Test first and decide the order of the applications and content you want to put on the cloud. External providers can provide the best portals for data access. You have to address issues of security, data retention, data loss, tracking, response time. And the business must balance its needs with those of the consumer public, end users and customers. Each vertical industry is different and subject to specific compliance regulations. Legal and healthcare are very strict about confidentiality. But ironically, legal and healthcare users carry around the mobile devices and they frequently get lost or stolen. So you have to assess the risks. How do you support the various amounts of data accessibility with legacy applications? That’s another big concern.

ITIC: Another major trend is remote access and mobility. Do you have an specific “Dos and Don’ts” for fellow CIOs, CTOs, IT managers and users with respect to constructing a workable technology and business strategy to address the growing ranks of remote workers?

SS: The biggest risk for device access is data loss. Security is another huge issue.

  • Do construct an end user usage policy. And provide them with training to understand the technology and business implications.
  • Do find the application that fits for the majority of your devices. Finding a common avenue of access is very crucial.
  • Do take responsibility to own the device or not. Who owns what? That is a cost issue.
  • Do make sure you have top notch security in place. Choose the right security vendor – are they all inclusive and do they have the knowledge base to support your organization?
  • Do communicate the remote access policies and get buy-in from the management and all appropriate departments. You can’t have discord/disconnect among management, end users and IT.
  • Don’t give your end users five different ways to access information. It’s confusing and will be a resource drain in terms of support.
  • Don’t give in to user pressure to do things a certain way. The easiest way is always the best method of accessibility. Stand your ground. Don’t go ahead and promise without the proper infrastructure support.
  • Don’t do it alone. Don’t think you can supply security, data storage, remote access etc. You need an external partner and be upfront with management to tell them exactly what needs to get done.

ITIC: Apple’s iPad was introduced in April 2010 and it’s sparked a real revolution. Lots of people are saying “the PC is dead.” Do the iPad and other tablet devices have enough functionality to supplant PCs and notebooks as the next generation desktop?

SS: I don’t think the PC is dead. Laptops are definitely diminishing because of the iPad and other tablets. For the desktop intensive worker the PC still has a place in performing compute intensive and transformational activities. There will still be billions of PCs although laptops will diminish. Five years from now there won’t be as many PCs but the PCs will still do the heavy lifting unless/until iPads have more storage, more computational power. There will be less and less need for PCs but they will still exist.

ITIC: Remote access, mobility and the use of myriad devices to connect to the network from tablets to smart phones have made security even more challenging. What poses the greatest security threat to the corporate network in 2012 and beyond?

SS: From a technical perspective, social media sites and social applications are killer; they are the biggest threat out there.Facebook, Google and others can get at your information and violate privacy. However, human error constitutes a greater threat than malware. People are just not careful. A high percentage of the population works from home or travels. They think nothing of accessing entertainment and social media sites that grab our information. The portability of information is another huge concern. We’re carrying around sensitive data – both professional and personal — and losing it in planes, trains, taxis etc.

ITIC: What’s the most memorable, defining experience you’ve had in your IT career?

SS: Without a doubt the most horrible and yet redeeming/rewarding experience was living through the 9/11 attack on the World Trade Center. The Hughes, Hubbard and Reed law offices were only three blocks away from the Twin Towers. I was just emerging from the subway when I saw the first plane hit. It was horrific and chaotic. People were naturally terrified; no one knew what was coming next. The communications systems were overloaded and unavailable. In the immediate aftermath of the attack, my first priority was to safely evacuate the staff out of lower Manhattan. I stayed behind and shut the systems down. I had to properly secure the data since we lost power and communications. We weren’t allowed back in our offices for a week and a half. We relied on our branch offices and phones to get headquarters people re-connected. We had lost all our Verizon and AT&T telecommunications. Microsoft had people at our branch offices on September 13th. They just showed up and helped us restore systems using DSL. We used Windows NT as a router and constructed our own routing protocol. Bill Gates himself ordered people to come down and help out. We were lucky; we didn’t lose any data because we had a backup plan in place. Post- 9/11 we knew we had to improve our disaster recovery capabilities. I got approval to do a DR co-location 30 miles away. That may not always be the most appropriate thing. But the 9/11 tragedy convinced businesses that they must have a DR and restore functionality for their most business critical applications. We got our new plan up and running in less than a year with Verizon. The 9/11 terrorist attack forever changed DR and backup. The tragedy also contributed to the increase in remote access and mobility. The biggest lesson of the 9/11 terrorist attack was that we must be ready for anything, respond quickly and adapt.

Steve Sommer Q&A: Virtualization, Cloud & DR Read More »

Stu Sjouwerman Q&A: Security

Longtime security professional, Stu Sjouwerman is the founder and CEO of KnowBe4.com a Tampa, Florida-based security startup that specializes in on-demand Internet Security Awareness Training (ISAT). The company’s goal is to enable organizations to quickly solve the increasingly urgent security problem of social engineering and avoid attacks before they occur. Sjouwerman also publishes an Electronic newsletter called Cyberheist. Prior to founding KnowBe4.com, Sjouwerman was president, CEO and founder of Sunbelt Software – now GFI Software which makes the VIPRE security package. He is also the founder and former editor of the popular WServerNews electronic newsletter which has a worldwide distribution. ITIC recently sat down and interviewed Sjouwerman about security threats and how companies can defend themselves.

Laura DiDio, ITIC: Tell us about KnowBe4.

Stu Sjouwerman: We are next generation security awareness training. That means old style security training doesn’t cut it anymore – it’s not enough to follow dos and don’ts. We do simulated phishing attacks – fully automated – for customers to let them know who the culprits are in advance of an attack. It’s preventive. We train people to be well aware of phishing attacks that are out there. Our main focus is on phishing attacks but it’s not our only focus.

ITIC: What’s the top headline in security these days?

SS: Cybercrime is big business. It’s everywhere, but it’s especially proliferating and flourishing in Eastern Europe and Russia. There are many are ex-KGB agents who have teamed up with the local organized crime; they have a very well developed and broad criminal economy. There are social networks for cyber criminals and tons of technical support sites for malware. Business is booming: it’s at least a $1B a year industry and growing every day. It’s very easy and very profitable to be a cyber criminal.

ITIC: You’ve been in the security business for 15 years now. How have the security threats changed and evolved?

SS: In the last 15 years we’ve seen five generations of threats. Today’s security hacks and attacks have evolved; they are not the work of amateurs. It used to be that teenaged hackers did it for the thrill or to make a name for themselves and get hired to work for a security firm. Ten or fifteen years ago, hacking was a means to an end. Today hacking is the end game. The hackers have gone pro. And the security threats are much more professional and stealth-like which makes detection more difficult. Many organizations and individuals don’t find out until after the fact and it’s damaged their networks. Back in the “good old days” circa 1995, a company’s worst case scenario was a DOS attack which caused the server to go down and applications to be unavailable. In 2011 – soon to be 2012 – the threats are much worse. Organizations are facing two types of damage. The first is stolen customer data, Intellectual Property, corporate designs etc. Once it’s stolen, highly sensitive data oftentimes ends up for sale to the highest bidder on criminals’ social media networks. The second, very pernicious threat is that hackers frequently install a stealthy Trojan/key logger and at regular intervals it will send the information e.g. accounting information to the hackers. They literally take control of the account and transfer out the money in small chunks usually $10K at a time. It’s then forwarded on to their “money mules” and organizations lose monies. Once a company has been the victim of a cyberheist, recovering the money, tracking and prosecuting the hackers is difficult, time consuming and expensive.

ITIC: How aware are companies of these threats and do they take them seriously?

SS: Every organization: the largest businesses, small Mom and Pop shops, academic institutions, non-profits and religious institutions are all at risk. Nothing is sacred and no one is safe. The large enterprises like banks and brokerage houses, usually have good proactive defenses in place to minimize risk, delay and thwart attacks and to alert them when an attempt to penetrate the perimeter or network occurs. Ironically, the biggest threat facing companies – particularly SMBs – is a false sense of security. Many small businesses, non-profits and churchesare operating under a serious misperception that they’re too small to be of interest to hackers and thus they won’t be targeted. The Fortune 500 firms know they’re targets and have relatively good defenses in place. But these small businesses often do lag behind a bit in security awareness training unless they’re forced by SOX or HIPPA regulations to do security awareness training because they get audited. Some organizations just do it perfunctorily to pass a required audit and that just won’t cut it.

ITIC: What’s your advice to businesses?

SS: If you are a corporate cyberheist victims are NOT insured. The FDIC does not insure corporate accounts; they insure personal accounts. So the banks and insurance companies won’t refund your money UNLESS you purchase specific cyberheist insurance policies. Otherwise you’re SOL (shit out of luck) – and if the theft is big enough, many SMBs could find themselves out of business. The hackers are also not confining themselves to SMBs – they attack non-profits, local and municipal governments and churches with equal impunity.

ITIC: What proactive measures should organizations take to protect their businesses?

SS: First make sure that you have good quality anti-malware and keep it up to date and have a good firewall and then make sure you perform good quality security awareness training. You have to constantly reinforce that they need to be tested – we recommend testing at least once a week. The weakest link in any organization will be the users. The security perimeter has been broken thanks to mobile and remote users. The network and the firewall used to be the perimeter but the consumerization of IT has changed that. The hackers are now professional. The spear fishing attacks are very sophisticated.

ITIC: What should organizations and individuals look for?

SS: This sounds mundane, but never open an attachment that you didn’t ask for or one that came from an unknown source.

Be suspicious of all your Emails, even those from so-called trusted sources and friends because their accounts may be spammed or hacked. This includes things like direct messages from people you know and are friends with on the various Social Media sites like Facebook, Twitter and Yahoo. Pay very close attention to how your Email looks e.g., be on the lookout for spelling and grammatical errors and missing elements or things that just don’t appear right.

ITIC: Do you have any last insider tidbits for our readers?

SS: Yes, be aware that currently there’s only one bank that insures business accounts from cyber criminals and cyberheists and that’s JP Morgan Chase.

URL: http://www.knowBe4.com

Based in Tampa Bay, FL.

Stu Sjouwerman Q&A: Security Read More »

Direct Edge Stock Exchange – Richard Hochron

Direct Edge Stock Exchange Uses Microsoft SQL Server 2008 Parallel Data Warehouse to Scale Trading

Business Profile: Direct Edge Stock Exchange

“Microsoft Parallel Data Warehouse is a real win for us. The combination of SQL Server 2008 R2 and the PDW appliance is extraordinarily powerful. Our stock exchange needs very high reliability, very high processing speeds, excellent security and ease of use. SQL Server 2008 R2 and PDW delivers. The deployment was as smooth and seamless as Microsoft promised. We’re purchasing something that scales into the hundreds of terabytes range.”

– Richard Hochron, Chief Technology Officer at
Direct Edge Stock Exchange in Jersey City, N.J.

Direct Edge Stock Exchange – Richard Hochron Read More »

Scroll to Top