Laura DiDio

KnowBe4 Survey: 64% of Corporate Users Say Security Awareness Training Stops Hacks

A new security survey finds that two-thirds of corporate users – 64% — assert that proactive Security Awareness Training helps their businesses to identify and thwart hacks immediately upon deployment. And, an 86% majority of corporations say Security Awareness Training (SAT) decreased overall security risks and educated employees to the ever-present danger posed by cyber security scams.

Those are the findings of the KnowBe4 “2018 Security Awareness Training Deployment and Trends Survey.”  This annual, independent Web-based survey polled 1,100 organizations worldwide during August and September 2018. The independent study conducted by KnowBe4, a Tampa, Florida-based maker of security training and phishing tools, queried corporations on the leading security threats and challenges facing their firms as cyber security attacks increase and intensify.

ITIC partnered with KnowBe4 on this study which also polled businesses on the initiatives they’re taking to more proactively combat the growing diversified and targeted cyber threats. The survey found that 88% of respondents currently deploy (SAT) tools. The businesses report that the training plays a pivotal role in identifying and thwarting attacks; minimizing risk and positively changing the employee culture.

Among the other top survey findings:

  • Social Engineering was the top cause of attacks, cited by 77% of respondents, followed by Malware (44%); User Error (27%) and a combination of the above (19%) and Password attacks (17%). (See Exhibit 1).
  • Some 84% of respondents said their businesses could quantify the decrease in successful Social Engineering attacks (e.g. Phishing scams, malware, Zero Day etc.) after deploying SAT to their end users after just a few simulated exercises. This is based on 700 anecdotal responses obtained from the Essay comments and first person interviews.
  • On average, respondents reported that Social Engineering cyber hacks like Phishing scams and Malware declined significantly from a success rate of 40% to 50% to zero to five percent after firms participated in several KnowBe4 SAT sessions.
  • Almost three-quarters – 71% of survey participants – indicate their businesses proactively conduct simulated Phishing attacks on a monthly, quarterly or weekly basis.
  • An overwhelming 96% of respondents affirmed that deploying SAT changed their firm’s computer security culture for the better, making everyone from C-level executives to knowledge workers more cognizant of cyber threats.

Introduction

In the 21st century Digital Age corporations can no longer practice security with 20/20 hindsight.

Complacency and ignorance regarding the security of the corporation’s data assets will almost certainly lead to disaster. Not a day goes by without a major new cyber hack reported.

Threats are everywhere. And no organization is immune.

Hackers are sophisticated, bold and hone in on specific targets. The hacks themselves are more prolific, pervasive and pernicious.

The current computing landscape includes virtualization, private, public and hybrid cloud computing, Machine Learning and the Internet of Things (IoT). These technologies are designed to facilitate faster, more efficient communication and better economies of scale by interconnecting machines, devices, applications and people.

The downside: increasing inter-connectivity among devices, applications and people produces a “target rich environment.”  Simply put, there are many more vulnerabilities and potential entry points into the corporate network. IT and security administrators have many more things to manage and they can’t possibly have eyes on everything. Oftentimes, the company’s end users pose the biggest security threat by unknowingly clicking on bad links. But even so-called “trusted” sources like supposedly secure third party service providers, business partners or even internal company executives can unwittingly be the weak links that enable surreptitious entry into the corporate networks.

The ubiquitous nature and myriad types of threats, further heightens security risks and significantly raises the danger that every organization – irrespective of size or vertical market – will be a target. The accelerated pace of new Cyber security heists via Social Engineering, (e.g. Phishing scams, malware, Password attacks, Zero Day, etc.), makes the IT Security administrator’s job extremely daunting.

Fortunately, there is help in the form of Security Awareness Training which immediately assists organizations in educating employees from the C-suite to the Mail room and transforming the corporate culture from one that is lax, to one that is alert and vigilant.

Data & Analysis

Computer and network security has all too often been practiced with 20/20 hindsight. That is, organizations have been lax in implementing and enforcing strong Computer Security Policies.

The KnowBe4 2018 Security Awareness Training Deployment and Trends Survey results indicate a majority of companies recognize the increasing danger posed by myriad pervasive and pernicious cyber threats. Businesses are also acutely aware that Security and IT managers and administrators cannot possibly have “eyes on everything,” as the size, scope and complexity of their respective infrastructures increases along with the number of interconnected people, devices, applications and systems.  Hence, companies are now proactively assuming responsibility for safeguarding their data.

SAT is a cost effective and expeditious mechanism for heightening user awareness — from the C-Suite to the average worker – of the multiple security threats facing organizations.

Among the other survey highlights:

  • Among businesses victimized by Social Engineering, some 70% of respondents cited Email as the root cause. This is mainly due to end users clicking without thinking and falling prey to a wide range of scams such as Phishing, malware and Zero Day hacks. Another 15% of respondents said they were “Unsure” which is extremely concerning.
  • An 88% majority of respondents currently employ Security Awareness Training Programs and six percent plan to install one within six months.
  • An 86% majority of Security Awareness Training Programs conduct simulated Phishing attacks and that same percentage – 86% – firms randomize their simulated Phishing attacks.
  • Some 71% of respondents that deploy KnowBe4’s Security Awareness Training said their firms had not been hacked in the last 12 months vs. 29% that said their companies were successfully penetrated (even for a short while before being detected and removed).
  • Survey respondents apply Security Awareness Training programs in a comprehensive manner to ensure the best possible outcomes. Asked to “select all” the mechanisms they use in their SAT programs: 74% said they use Email; 71% employ videos, 43% of businesses said they use Human Trainers; 36% send out Newsletters and 27% engage in seminars/Webinars with third parties.

Overall,  the results of the Web-based survey coupled with over two dozen first person interviews conducted by KnowBe4 and ITIC found that Security Awareness Training yields positive outcomes and delivers near immediate Return on Investment (ROI). Approximately two-thirds of the respondents indicated that the training helped their companies to identify and thwart security hacks within the last six months. The participants said security awareness training helped to alert their firms to a potential vulnerability  and allowed them to block the threat. And it also enabled security and IT administrators and users to recognize rogue code and quickly remove it before it could cause damage. Another 20% of those polled claimed their firms had not experienced any hacks in the last six months.

All in all, in this day and age of heightened security and cyber threats, organizations are well advised to proactively safeguard their organizations by implementing Security Awareness Training for their administrators and end users to defend their data assets. For more information, go to: www.knowbe4.com.

 

 

KnowBe4 Survey: 64% of Corporate Users Say Security Awareness Training Stops Hacks Read More »

IBM Bets Big on Cloud, Buys Red Hat for $34B

IBM will acquire open source software and cloud services company Red Hat in a $34B all-cash deal – approximately $190 per share – executives for both firms announced during a joint Monday morning Webcast.

Once the acquisition is complete sometime in the latter half of 2019,Red Hat will become a standalone business unit within IBM’s Hybrid Cloud Team, both companies said in a joint press release. This will preserve the “independence and neutrality” of Red Hat’s open source development heritage and commitment, current product portfolio and go-to-market strategy, and unique development culture. Red Hat will continue to be led by current CEO and president Jim Whitehurst and its current management team. Whitehurst will join IBM’s senior management team and report to IBM chairman, president and chief executive Virginia “Ginni”Rometty. IBM executives said during the Webcast that it intends to maintain Red Hat’s current Research Triangle Park, N.C. headquarters, facilities, brands and practices.

Rometty heralded the Red Hat acquisition as a “game changer” and said it’s all about “resetting the cloud landscape.” IBM’s $34B purchase of Red Hat will be the biggest acquisition in the company’s 107-year history and the price tag equals one-third of IBM’s $105.38B total market valuation.

Rometty clearly feels Red Hat is worth the investment. On Monday’s Webcast she stated that the deal will make “IBM and Red Hat the undisputed Number One leader in hybrid cloud. Our IBM cloud platform is growing like crazy,” Rometty said, adding that “Hybrid cloud is an emerging $1 trillion market.”

The acquisition has been approved by the boards of directors of both IBM and Red Hat. It is subject to Red Hat shareholder approval. It also is subject to regulatory approvals and other customary closing conditions. Meanwhile, IBM intends to suspend its share repurchase program in 2020 and 2021.At signing, IBM has ample cash, credit and bridge lines to secure the transaction financing. The company intends to close the transaction through a combination of cash and debt.

During the Webcast, Rometty made the case for growth in the hybrid cloud market segment claiming that “most companies today are only 20 percent along” their cloud journey, renting compute power to cut costs. The next 80 percent is about unlocking real business value and driving growth. “This is the next chapter of the cloud. It requires shifting business applications to hybrid cloud, extracting more data and optimizing every part of the business, from supply chains to sales,” Rometty said.

Red Hat’s Whitehurst was equally enthusiastic about the forthcoming IBM acquisition. “Joining forces with IBM will provide us with a greater level of scale, resources and capabilities to accelerate the impact of open source as the basis for digital transformation and bring Red Hat to an even wider audience – all while preserving our unique culture and unwavering commitment to open source innovation.”

Throughout the webcast, IBM Senior Vice President of Hybrid Cloud Arvind Krishna and Red Hat Executive Vice President and President of Products and Technologies Paul Cormier emphasized that it would be business as usual with both IBM and Red Hat continuing to honor existing business commitments and partnerships with other firms.

The executives said all of Red Hat’s existing partnerships with other cloud providers including those with major cloud providers such as Amazon Web Services, Microsoft Azure, Google Cloud, Alibaba and more, in addition to the IBM Cloud will remain in place. At the same time, Red Hat will benefit from IBM’s hybrid cloud and enterprise IT scale in helping expand its open source technology portfolio to businesses globally.Red Hat will also continue its open source development projects such as Red Hat Enterprise Linux (RHEL), the OpenShift implementation of Kubernetes-based containers, and the OpenStack cloud computing platform. Similarly, Krishna said, IBM would continue its partnerships with other Linux distributions.

“IBM is committed to being an authentic multi-cloud provider, and we will prioritize the use of Red Hat technology across multiple clouds,” said Arvind Krishna, Senior Vice President, IBM Hybrid Cloud. “In doing so, IBM will support open source technology wherever it runs, allowing it to scale significantly within commercial settings around the world.”

Analysis

The synergies between IBM and Red Hat are obvious.

It’s very apparent the appeal that Red Hat holds for IBM and vice versa.

The two firms are starting from a strong, solid foundation. They’ve been doing business for over two decades. In recent years, Red Hat has expanded its Red Hat Enterprise Linux (RHEL) operating system distribution and services to run on IBM’s POWER servers and z System mainframes. It’s an alliance that has served both firms well.

“Red Hat is not an open source company. We’re an enterprise software company with an open source development model. Our secret sauce is putting those two things together,” Red Hat’s Cormier noted on Monday’s Webcast. “IBM,” he added, “also has a long history of enterprise-grade software and open source development. So, the two companies have a lot in common.”

IBM now wants to capitalize on that commonality in a very big way. It’s no secret that Big Blue’s cloud growth has lagged behind behemoths like Amazon, Google and Microsoft. A 2018 State of the Cloud Report by Rightscale, a cloud management firm, which surveyed 1,000 users, rated IBM as a number four cloud service provider behind Amazon, Microsoft and Google. The Rightscale study also showed that IBM cloud deployment was occurring at a slower pace than the other three market leaders. The Red Hat purchase could serve to accelerate IBM’s cloud deployments and close the gap between IBM, Amazon, Microsoft and Google.

Red Hat helps IBM to grow its cloud business on all fronts: private, public and hybrid clouds since Red Hat built its model on open source and open standards and a very active open source developer community. This stands in stark contrast to the proprietary offerings of Microsoft, Amazon, Google, Oracle and other players.Both IBM and Red Hat can leverage their core strengths in Linux, Kurbernetes, cloud management and service and support. Additionally, Red Hat will have access to IBM’s strong, deep ties to the channel which should enable it to close enterprise deals worldwide and give Red Hat’s product portfolio much greater exposure.

Another plus is IBM’s proven track record with open source. IBM has made numerous royalty-free patent contributions to the Open Invention Network to support development of the Linux platform as well as contributions to Java and the Eclipse development platform, so all of this should stand it in good stead as it moves to embrace and expand its hybrid cloud initiatives.

IBM and Red Hat By the Numbers: Betting Big on the Cloud

The biggest question from investors and analysts following the merger announcement: is whether Red Hat, a company with approximately one-fourth IBM’s valuation is worth the $34B purchase price?

Based on IBM’s perspective of gaining a competitive cloud advantage the answer is a resounding “Yes.”  

Consider that just 18 months ago, Red Hat CEO Whitehurst revealed in a quarterly analyst call that the firm’s biggest deal worth over $20M, came from Linux. But in the last year Red Hat’s top two dozen deals totaling $5M or more were attributable to its OpenShift offering. The OpenShift Container Platform (formerly known as OpenShift Enterprise) is Red Hat’s on-premises private platform as a service product, built around a core of application containers powered by Docker, with orchestration and management provided by Kubernetes, on a foundation of Red Hat Enterprise Linux.  IBM hopes that the combination of its own and Red Hat cloud open source offerings and services sold through its worldwide channel will enable it to expand its presence among enterprises seeking to move their datacenters to the cloud.

Ironically, in the immediate aftermath of the announcement IBM’s stock price declined by 3.54 percent and was trading at $115.40 at Tuesday’s market close, while Red Hat’s stock rose slightly to $170 at Tuesday’s market close. Now, a week later, IBM’s stock price rebounded to $120, but it is still trading well below its 52-week high of $171. Red Hat’s stock meanwhile, continues to climb and gained another three dollars closing at $173.31 after the bell on November 5.

As Exhibits 1 and 2 below illustrate, IBM and Red Hat’s financials each face challenges going forward – specifically in terms of jump starting quarterly revenue and income growth. IBM is also facing pressure to increase its stock price which is now trading at the lower end of its 52-week low of 114.

 

Exhibit 1. IBM by the Numbers

IBM Financials, R&D Spending and Patents 2017 – 2018
Current Stock Price as of 11/5/2018
$120.06 (US)
Market Capitalization $109.11 Billion
Profit Margin 7.12%
Operating Margin 15.14%
Return on Assets 6.24%
Return on Equity 28.82%
Revenue $80.37B
Quarterly Revenue Growth -2.10%
Net Income $5.72B
Quarterly Earnings Growth -1.20%
Total Cash $14.49B
Total Debt $46.92B
Total Global Workforce 380,300
Research & Development Spending $5.6B
 

Number of Patents

9,043 patents awarded in 2017 nearly half

in AI, cloud, blockchain, quantum & security.

Nearly 780,000 total Patents

Source: ITIC

Exhibit 2. Red Hat by the Numbers

Red Hat Financials, R&D Spending and Patents 2017 – 2018
Current Stock Price as of 11/5/2018
$173.31 (US)
Market Capitalization $30.6 Billion
Profit Margin 9.08%
Operating Margin 15.73%
Return on Assets 6.57%
Return on Equity 21.30%
Revenue $3.16B
Quarterly Revenue Growth 13.70%
Net Income $286.44M
Quarterly Earnings Growth -10.50%
Total Cash $1.77B
Total Debt $516.53M
Total Global Workforce 12,600
Research & Development Spending $578.33M
Number of Patents >2,000 since 2002 but does not enforce if used in properly licensed open sourced software

Source: ITIC 

Skepticism: Will Other Suitors Emerge?

As with any merger or acquisition, there’s always the potential that a deal will get called off or that other suitors will emerge.

Several Wall Street analysts suggested that high technology rivals might decide to play the role of spoiler and top IBM’s bid of $190 per share for Red Hat. Some of the names being mentioned as possible suitors were: Cisco Systems, Inc., Google and Oracle Corp.

On Monday, Cowen analyst Gregg Moskowitz, was one of those Wall Street analysts who opined that other bidders may crop up. “The substantial premium that IBM is paying for Red Hat might on the surface seem to make it highly unlikely that a superior bid could occur,” Moskowitz said. “However, we believe there is a reasonable possibility that another suitor could emerge.” Moskowitz said if a breakup fee was not overly onerous, Cisco might be a likely contender to lure Red Hat away.

Brad Reback, a Senior Equity Research Analyst at Stifel Nicolaus & Company, Inc. said in a research note that he would “not be surprised if hyperscale cloud vendorslike Google, Amazon, Microsoft, or Oracle make a competing bid given Red Hat’s strategic position within on-premises datacenters (over 100K customers).”

Microsoft, however, might be a longshot since it recently announced its own open source initiative with its $7.5B acquisition of GitHub.

Michael Turits, Managing Director Equity Research Infrastructure at Raymond James & Associates, says a bidding war may occur in the near future and says IBM’s bid for Red Hat could set off a buying frenzy for software firms.

Turits said a stronger IBM cloud portfolio poses a threat to several of its rivals, including Microsoft and Oracle.

Conclusion

IBM has made a bold move to strengthen its position in hybrid clouds and close the gap between itself and Amazon, Google and Microsoft. Purchasing Red Hat also brings IBM more closely back to its core strengths in software, open source and services. The Red Hat Linux distribution should also serve to further solidify IBM’s already strong POWER and z Systems server hardware offerings.

What is not clear is how the merged entity will treat or de-emphasize its relationships/partnerships with other cloud vendors once the Red Hat acquisition is complete. Regardless of what IBM and Red Hat say now, changes are bound to occur in those relationships.

The more immediate issue is whether or not any other firms will decide to up the ante and start a bidding war for Red Hat. That could make things very interesting. For right now though, IBM has served notice that it will put its money and its marketing muscle behind its cloud ambitions.

IBM Bets Big on Cloud, Buys Red Hat for $34B Read More »

ITIC Poll: Human Error and Security are Top Issues Negatively Impacting Reliability

Multiple issues contribute to the high reliability ratings among the various server hardware distributions.  ITIC’s 2018 Global Server Hardware, Server OS Reliability Mid-Year Update reveals that three issues in particular stand out as positively or negatively impacting reliability. They are: Human Error, Security and increased workloads.

ITIC’s 2018 Global Server Hardware, Server OS Reliability Mid Year Update polled over 800 customers worldwide from April through mid-July 2018. In order to obtain the most objective and unbiased results, ITIC accepted no vendor sponsorship for the Web-based survey.

Human Error and Security Are Biggest Reliability Threats

ITIC’s latest 2018 Reliability Mid Year update poll also chronicled the strain that external issues placed on organizations and their IT departments to ensure that the servers and operating systems deliver a high degree of reliability and availability.  As Exhibit 1 illustrates, human error and security (both from internal and external hacks) continue to rank as the chief culprits that cause unplanned downtime among servers, operating systems and applications for the fourth straight year.  After that, there is a drop off of 22 to 30 percentage points for the remaining issues ranked in the top five downtime causes. Both human error and reliability have had the dubious distinction of maintaining the top two factors precipitating unplanned downtime in the past five ITIC reliability polls.

Analysis

Reliability is a two-way street in which server hardware, OS and application vendors as well as corporate users both bear responsibility for the reliability of their systems and networks.

On the vendor side, there are obvious reasons why hardware makers like HPE, IBM and Lenovo mission critical servers consistently gain top reliability ratings. As ITIC noted in Part 1 of its reliability survey findings, the reliability gap between high end systems and inexpensive, commodity servers with basic features continue to grow. They include:

  • Research and Development (R&D) Vendors like Cisco, HPE, Huawei, IBM and Lenovo have made an ongoing commitment to research and development (R&D) and continually refresh/update their solutions.
  • RAS 2.0.The higher end servers incorporate the latest Reliability, Accessibility and Serviceability (RAS) 2.0 features/functions and are fine-tuned for manageability and security.
  • Price is not the top consideration. Businesses that purchase higher end mission critical and x86 systems like Fujitsu’s Primergy, HPE’s Integrity, Huawei’s KunLun, IBM Z and Power Systems and Lenovo System x want a best in class product offering, first and foremost. These corporations in verticals like banking/finance, government, healthcare, manufacturing, retail and utilities are more motivated with the historical ability of the vendor to act as a true responsive “partner” delivering a highly robust, leading edge hardware. They also want top-notch after market technical service and support, quick response to problems and fast, efficient access to patches and fixes.
  • More experienced IT Managers. In general, IT Managers, application developers, systems engineers and security professionals at corporations which purchase higher end servers from IBM, HPE, Lenovo, and Huawei tend to have more experience. The survey found that organizations that buy mission critical servers have IT and technical staff that boast approximately 12 to 13 years experience. By contrast, the average experience among IT managers and systems engineers at companies that purchase less expensive commodity based servers is about six years.

Highly experienced IT managers are more likely to spot problems before they become a major issue and lead to downtime and in the event of an outage. They are also more likely to perform faster remediation, accelerating the time it takes to identify the problem and get the servers and applications up and running faster than less experienced peers.

In an era of increasingly connected servers, systems, applications, networks and people, there are myriad factors that can potentially undercut reliability; they are:

  • Human Error and Security. To reiterate, these two factors constitute the top threats to reliability. ITIC does not anticipate this changing in the foreseeable future. Some 59% of respondents cited Human Error as their number one issue, followed by 51% that said Security problems caused downtime. And nearly two-thirds — 62% — of businesses indicated that their Security and IT administrators grapple with a near constant deluge of more pervasive and pernicious security threats. If the availability, reliability and access to servers, operating systems and mission critical main LOB applications is compromised or denied, end user productivity and business operations suffer immediate consequences.
  • Heavier, more data intensive workloads. The latest ITIC survey data finds that workloads have increased by 14% to 39% over the past 18 months.
  • A 60% majority of respondents say increased workloads negatively impact reliability; up 15% percentage points since 2017. Of that 60%, approximately 80% of firms experiencing reliability declines have commodity servers: e.g., White box; older Dell, HPE ProLiant and Oracle hardware >3 ½ years old that haven’t been retrofitted/upgraded.
  • Provisioning complex new applications that must integrate and interoperate with legacy systems and applications. Some 40% of survey respondents rate application deployment and provisioning as among their biggest challenges and one that can negatively impact reliability.
  • IT Departments Spending More Time Applying Patches. Some 54% of those polled indicated they are spending upwards of one hour to over four hours applying patches – especially security patches. Users said the security patches are large, time consuming and often complex, necessitating that they test and apply them manually. The percentage of firms automatically applying patches commensurately decreased from 30% in 2016 to just 9% in the latest 2018 poll. Overall, the latest ITIC survey shows that as of July 2018 companies are applying 27% more patches now than any time since 2015.
  • Deploying new technologies like Artificial Intelligence (AI), Big Data Analytics which require special expertise by IT managers and application developers as well as a high degree of compatibility and interoperability.
  • A rise in Internet of Things (IoT) and edge computing deployments which in turn, increase the number of connections that organizations and their IT departments must oversee and manage.
  • Seven-in-10 or 71%of survey respondents said aged hardware (3 ½+ years old) had a negative impact on server uptime and reliability compared with just 16% that said the older servers had not experienced any declines in reliability or availability. This is an increase of five percentage points from the 66% of those polled who responded positively to that survey question in the ITIC 2017 Reliability Survey and it’s a 27% increase from the 44% who said outmoded hardware negatively impacted uptime in the ITIC 2014 Reliability poll.

Corporations Minimum Reliability Requirements Rise

At the same time, corporations now require higher levels of reliability than they did even two o three years ago. The reliability and continuous operation of the core infrastructure and its component parts: server hardware, server operating system software, applications and other devices (e.g. firewalls, unified communications devices and uninterruptible power supply) are more crucial than ever to the organization’s bottom line.

It is clear that corporations – from the smallest companies with fewer than 25 people, to the largest multinational concerns with over one hundred thousand employees, are more risk averse and concerned about the potential risk for lawsuits and the damage to their reputation in the wake of an outage. ITIC’s survey data now indicates that an 84% majority of organizations now require a minimum of “four nines” – 99.99% reliability and uptime.

This is the equivalent of 52 minutes of unplanned outages related to downtime for mission critical systems and applications or just 4.33 minutes of unplanned monthly outage for servers, applications and networks.

Conclusions

The vendors are one-half of the equation. Corporate users also bear responsibility for the reliability of their servers and applications based on configuration, utilization, provisioning, management and security.

To minimize downtime and increase system and network availability it is imperative that corporations work with vendor partners to ensure that reliability and uptime are inherent features of all their servers, network connectivity devices, applications and mobile devices. This requires careful tactical and strategic planning to construct a solid strategy.

Human error and security are and will continue to pose the greatest threats to the underlying reliability and stability of server hardware, operating systems and applications. A key element of every firm’s reliability strategy and initiative is to obtain the necessary training and certification for IT managers, engineers and security professionals. Companies should also have their security professionals take security awareness training. Engaging the services of third party vendors to conduct security vulnerability testing to identify and eliminate potential vulnerabilities is also highly recommended.  Corporations must also deploy the appropriate Auditing, BI and network monitoring tools. Every 21st Century network environment needs continuous, comprehensive end-to-end monitoring for their complex, distributed applications in physical, virtual and cloud environments.

Ask yourself: “How much reliability does the infrastructure require and how much risk can the company safely tolerate?”

ITIC Poll: Human Error and Security are Top Issues Negatively Impacting Reliability Read More »

ITIC 2018 Server Reliability Mid-Year Update: IBM Z, IBM Power, Lenovo System x, HPE Integrity Superdome & Huawei KunLun Deliver Highest Uptime

August 8, 2018

For the tenth straight year, IBM and Lenovo servers again achieved top rankings in ITIC’s 2017 – 2018 Global Server Hardware and Server OS Reliability survey.

IBM’s Z Systems Enterprise server is in a class of its own. The IBM mainframe continues to exhibit peerless reliability besting all competitors. The Z recorded less than 10 seconds of unplanned per server downtime each month. Additionally less than one-half of one percent of all IBM Z customers reported unplanned outages that totaled greater than four (4) hours of system downtime in a single year.

Among mainstream servers, IBM Power Systems 7 and 8 and the Lenovo x86 X6 mission critical hardware consistently deliver the highest levels of reliability/uptime among 14 server hardware and 11 different mainstream server hardware virtualization platforms. Each platform averaged just 2.1 minutes of unplanned per annum/per server downtime (See Exhibit 1).

That makes the IBM Power Systems and Lenovo x 86 servers approximately 17 to 18 times more stable and available, than the least reliable distributions – the rival Oracle and HPE ProLiant servers.

Additionally, the latest ITIC survey results indicate just one percent of IBM Power Systems and Lenovo System x servers experienced over four (4) hours of unplanned annual downtime. This is the best showing among the 14 different server platforms surveyed.

ITIC’s 10th annual independent ITIC 2017 – 2018 Global Server Hardware and Server OS Reliability survey polled 800 organizations worldwide from August through December 2017.  In order to obtain the most accurate and unbiased results, ITIC accepted no vendor sponsorship. …

ITIC 2018 Server Reliability Mid-Year Update: IBM Z, IBM Power, Lenovo System x, HPE Integrity Superdome & Huawei KunLun Deliver Highest Uptime Read More »

California State U/Monterey Bay, Hartnell College Launch Innovative CS Cohort Program

California State University at Monterey Bay (CSUMB) and nearby Hartnell College in Salinas, CA teamed up to initiate one of the country’s most innovative Computer Science Cohort programs. Since 2013 the two institutions, have promoted this program as a way to attract minorities, women and students who are the first in their families to attend college to Computer Science and STEM subjects. The Cohort program nurtures these students by having them take their CS classes as a group. It also helps them adjust more quickly to college life by providing them with group study and life skills classes to help them stick with CS as a major and graduate. So far, so good. A 75% majority of students enrolled in the CSUMB/Hartnell CS Cohort program graduate. This is well above the national average of about 30%. The program is the brainchild of Sathya Narayana a CS professor at CSUMB, who constructed it with Joe Welch and Sonia Arteaga, his counterparts at Hartnell, a two-year community college in Salinas, CA. Read my article on this important initiative at the Association for Computing Machinery (ACM)’s Website here: http://bit.ly/2yCrdTr

California State U/Monterey Bay, Hartnell College Launch Innovative CS Cohort Program Read More »

IBM z14 Mainframe Advances Security, Reliability & Processing Power

In the 21st Century Digital Age in which servers and applications are increasingly interconnected via public, hybrid and on-premises cloud networks; virtualization and Internet of Things (IoT), organizations require near flawless security, system availability and reliability.

Unplanned downtime irrespective of the reason is unacceptable and costly due to its negative impact on productivity. When network servers, OSs and applications are unavailable, business ceases. This has a domino effect on corporate enterprises, customers, business partners and suppliers. Four nines – 99.99% uptime is now the minimum reliability required by 79% of organizations.

IBM Z Next Features

The IBM Z, the 14th generation of IBM’s industry-leading mainframe technology, advances the already solid and robust security and reliability features inherent in the platform over the last decade. It also amps up the processing power to new levels. The IBM z14 has the ability to process 12 Billion encrypted transactions daily. It accomplishes this via the industry’s fastest microprocessor and a new scalable system structure that delivers a 35 percent capacity increase for traditional workloads and a 50 percent capacity increase for Linux workloads compared to the previous generation IBM z13.The system can support:

  • More than 12 billion encrypted transactions per day on a single system.
  • The world’s largest MongoDB instance with2.5x faster NodeJS performance than x86-based platforms.
  • Two million Docker Containers.
  • 1,000 concurrent NoSQL databases.

Other new capabilities in the IBM Z Next include:

  • • Three times the memory of the z13 for faster response times, greater throughput and accelerated analytics performance. With 32TB of memory, IBM Z offers one of the largest memory footprints in the industry.
  • Three times faster I/O and accelerated transaction processing compared to the z13 to drive growth in data, transaction throughput and lower response time.
  • Pervasive Encryption for rock solid security.
  • The ability to run Java workloads 50 percent faster than x86 alternatives
  • Improved Storage Area Network response time with zHyperLink, delivering 10x latency reduction compared to the z13. This cuts application response time in half – enabling businesses to do much more work such as real-time analytics or interact with Internet of Things (IoT) devices and cloud applications within the same transaction, without changing a single line of application code.
  • IBM also previewed new z/OS software that provides foundational capabilities for private cloud service delivery. This allows organizations to transform from an IT cost center to a value-generating service provider. When available, these capabilities will include the support of workflow extensions for IBM Cloud Provisioning and Management for z/OS and real-time SMF analytics infrastructure support.

IBM z14 Mainframe Advances Security, Reliability & Processing Power Read More »

IBM, Lenovo Servers Deliver Top Reliability, Cisco UCS, HPE Integrity Gain

 IBM z Systems Enterprise; IBM Power Systems Servers Most Reliable for Ninth Straight Year;  Lenovo x86 Servers Deliver Highest Uptime/Availability among all Intel x86-based Systems

For the ninth year in a row, corporate enterprise users said IBM’s z Systems Enterprise mainframe class server achieved near flawless reliability, recording less than 10 seconds of unplanned per server downtime each month. Among mainstream servers,  IBM Power Systems devices and the Lenovo x86 platform delivered the highest levels of reliability/uptime among 14 server hardware and 11 different server hardware virtualization platforms.

Those are the results of the ITIC 2017 Global Server Hardware and Server OS Reliability survey which polled 750 organizations worldwide during April/May 2017.

Among the top survey findings:

  • IBM z Systems Enterprise mainframe class systems, had the lowest incident – 0% — of > 4 hours of per server/per annum downtime of any hardware platform. Specifically, IBM z Systems mainframe class servers exhibit true mainframe fault tolerance experiencing just 0.96 minutes of   of unplanned per server annual downtime. That equates to 8 seconds per month or “blink and you miss it,” 2 seconds of unplanned weekly downtime. This is an improvement over the 1.12 minutes of per server/per annum downtime the z Systems servers recorded in ITIC’s 2016 – 2017 Reliability poll nine months ago.
  • Among mainstream hardware platforms, IBM Power Systems and Lenovo System x running Linux have least amount of unplanned downtime 2.5 and 2.8 minutes per server/per year of any mainstream Linux server platforms.
  • 88% of IBM Power Systems and 87% of Lenovo System x users running RHEL, SuSE or Ubuntu Linux experience fewer than one unplanned outage per server, per year.
  • Tenly two percent of IBM and Lenovo servers recorded >4 hours of unplanned per server/per annum downtime; followed by six percent of HPE servers; eight percent of Dell servers and 10% of Oracle servers.
  • IBM and Lenovo hardware and the Linux operating system distributions were either first or second in every reliability category, including virtualization and security.
  • Lenovo x86 servers achieved the highest reliability ratings among all competing x86 platforms
  • Lenovo Takes Top Marks for Technical Service and Support: Lenovo tech support the best followed by Cisco and IBM
  • Some 66% of survey respondents said aged hardware (3 ½+ years old) had a negative impact on server uptime and reliability vs. 21% that said it has not impacted reliability/uptime. This is 22% increase from the 44% who said outmoded hardware negatively impacted uptime in 2014
  • Reliability continues to decline for the fifth year in a row on the HP ProLiant and Oracle’s SPARC & x86 hardware and Solaris OS. Reliability on the Oracle platforms declined slightly mainly due to aging. Many Oracle hardware customers are eschewing upgrades, opting instead to migrate to rival platforms.
  • Some 16% of Oracle customers rated service & support as Poor or Unsatisfactory. Dissatisfaction with Oracle licensing and pricing policies remains consistently high for the last three years.
  • Only 1% of Cisco, 1% of Dell, 1% of IBM and Lenovo, 3% of HP, 3% of Fujitsu and 4% of Toshiba users gave those vendors “Poor” or “Unsatisfactory” customer support ratings.

IBM, Lenovo Servers Deliver Top Reliability, Cisco UCS, HPE Integrity Gain Read More »

RizePoint Emerges as Market Leader in Audit, Compliance and BI Market

Protecting and maintaining brand reputation is essential for any company. As a result, it is essential for enterprises to proactively monitor and manage all activities- operational and experiential – that influence a consumer’s overall brand experience. Ignorance involving any aspect of business operations will result in ongoing, significant consequences. It will damage a corporation’s reputation; adversely impact customers; result in operational inefficiencies, business losses and potential litigation; and even criminal penalties. It also raises the corporation’s risk of non-compliance with crucial local, state, federal and international industry regulations.

This is especially true for firms in fast-paced, competitive and highly regulated industries, including but not limited to the food, hospitality, hotel, restaurant, retail and transportation vertical markets. Typically, these organizations have dozens, hundreds or even thousands of stores, restaurants and hotels located in multiple, geographically remote locations. They must collect, aggregate and analyze a veritable data deluge in real-time. And they must respond proactively and take preventative measures to correct issues as they arise. Organizations that do business across multiple states and internationally, face other challenges. They must synchronize and integrate processes and data across the entire enterprise. Businesses must also ensure that every restaurant, hotel or retail store in the chain, achieves and maintains compliance with a long list of complex standards, health and safety laws.

ITIC’s research indicates that companies across a wide range of industries are deploying a new class of Quality Experience Management software. These solutions let businesses access the latest information on daily operations, policies, procedures and safety mechanisms in an automated fashion. They also let companies take preventative and remedial action irrespective of time, distance or physical location.

Quality Experience Management software with built-in Business Intelligence tools can deliver immediate and long-term benefits and protect the corporate brand. ITIC’s customer-based research shows that RizePoint, based in Salt Lake City, UT – with 20 years’ experience in audit compliance monitoring, reporting and correction – is the clear market leader. Its software delivers brand protection and risk mitigation with mobile and cloud capabilities, increasing efficiency and productivity. …

RizePoint Emerges as Market Leader in Audit, Compliance and BI Market Read More »

Hourly Downtime Tops $300K for 81% of Firms; 33% of Enterprises Say Downtime Costs >$1M

The cost of downtime continues to increase as do the business risks. An 81% majority of organizations now require a minimum of 99.99% availability. This is the equivalent of 52 minutes of unplanned outages related to downtime for mission critical systems and applications or ,just 4.33 minutes of unplanned monthly outage for servers, applications and networks.                                         

Over 98% of large enterprises with more than 1,000 employees say that on average, a single hour of downtime per year costs their company over $100,000, while an 81% of organizations report that the cost exceeds $300,000. Even more significantly: three in 10 enterprises – 33% – indicate that hourly downtime costs their firms $1 million or more (See Exhibit 1). It’s important to note that these statistics represent the “average” hourly cost of downtime.  In a worst case scenario – if any device or application becomes unavailable for any reason the monetary losses to the organization can reach millions per minute. Devices, applications and networks can become unavailable for myriad reasons. These include: natural and man-made catastrophes; faulty hardware; bugs in the application; security flaws or hacks and human error. Business-related issues, such as a Regulatory Compliance related inspection or litigation, can also force the organization to shutter its operations. For whatever the reason, when the network and its systems are unavailable, productivity grinds to a halt and business ceases.

Highly regulated vertical industries like Banking and Finance, Food, Government, Healthcare, Hospitality, Hotels, Manufacturing, Media and Communications, Retail, Transportation and Utilities must also factor in the potential losses related to litigation as well as civil penalties stemming from organizations’ failure to meet Service Level Agreements (SLAs) or Compliance Regulations. Moreover, for a select three percent of organizations, whose businesses are based on high level data transactions, like banks and stock exchanges, online retail sales or even utility firms, losses may be calculated in millions of dollars per minute. …

Hourly Downtime Tops $300K for 81% of Firms; 33% of Enterprises Say Downtime Costs >$1M Read More »

Q & A: Stu Sjouwerman, CEO and Founder KnowBe4 Talks WannaCry Ransomware & Cyber Security

ITIC’s coverage areas continue to expand and evolve based on your feedback. We will now feature Q&As with industry luminaries and experts discussing hot industry trends and technologies.

Longtime security professional, Stu Sjouwerman is the founder and CEO of KnowBe4.com a “New-school” IT security firm based in Tampa, Florida. It specializes in on-demand Internet Security Awareness Training (ISAT). The company’s goal is to enable organizations to quickly solve the increasingly urgent security problem of social engineering and avoid attacks before they occur. Sjouwerman also publishes an Electronic newsletter called Cyberheist News.

Prior to founding KnowBe4.com, Sjouwerman was president, CEO and founder of Sunbelt Software – now ThreatTrack Software which makes the VIPRE security package, originally developed by Sjouwerman and his team at Sunbelt Software. For 17 years he was also the editor of the popular WServerNews electronic newsletter which had a worldwide distribution of 400,000.  ITIC recently sat down and interviewed Sjouwerman about security threats, how companies can defend themselves and avoid common mistakes.

ITIC: Tell us about KnowBe4:

Stu Sjouwerman: We are the “new school” or next generation security awareness training. Old style security tactics and training don’t cut it anymore. In the Digital Age of sophisticated and dangerous Ransomware and increasingly dangerous and prolific Cyber attacks, it’s not enough to follow dos and don’ts. KnowBe4 offers training and advice to assist businesses in combating the latest threats. For example, we will perform fully automated simulated phishing attacks. This lets corporations identify who the culprits are in advance of an attack. It’s proactive and preventive. We train people to be well aware of all of the latest threats from Ransomware to Internet of Things (IoT)-based Denial of Service (DDoS) attacks to phishing attacks that are out there. Our main focus is on phishing attacks but it’s not our only focus.

ITIC: Ransomware attacks are happening with alarming frequency and the Wanna Cry attack on Friday, May 12th was the worst yet. To date it’s infected corporations in 150 countries and over 200,000 machines worldwide. Surprisingly, Security firms have stepped in with fixes and sound advice, but the threat of Wanna Cry and other Ransomware attacks still persists. What’s KnowBe4’s position?

Q & A: Stu Sjouwerman, CEO and Founder KnowBe4 Talks WannaCry Ransomware & Cyber Security Read More »

Scroll to Top