04
Dec 17

The Register – Seek ‘passion’ and tech skills will follow, say recruiting security chiefs

Plugging the infosec skills gap with expensive consultants or by trying to hire already skilled people won’t fix recruitment headaches, Thom Langford, CISO at Publicis Groupe, insisted at the #IRISSCERT conference in Dublin this week.

He argued that the industry should be looking for “passionate people and inspire them”, rather than people with CVs ticking the appropriate boxes.

“I’m not asking for people to take chances, rather give people opportunities” by looking beyond qualifications and experience and thinking about potential.

“We need to stop looking only for round pegs to go into round holes,” Langford said, adding that those with an IT background pick things up more quickly.

More of The Register post from John Leyden


01
Dec 17

CIO.com – Establishing business architecture standards: an industry imperative

Standards, based on the collective experiences of communities of practice, form the basis for advancing the maturity of a given discipline. As that discipline matures and the community of practice grows, standards serve as a critical foundation for enabling scalability and ensuring the integrity of the results.

Standards form the fundamental building blocks for a wide variety of fields. Accountants, manufacturers, engineers, software developers and a range of other professionals rely on standards. The constraints that standards may impose on some individuals are easily offset by the numerous advantages that they provide to consumers and practitioners. The same benefits of standardization also apply to the discipline of business architecture.

Benefits of standards adoption

When considering the impact of standards, we can look at the railway industry. Consider the discrepancies in railway track gauge size in the early 1800s. There were over a dozen gauge sizes used across the U.S.

More of the CIO.com post from Daniel Lambert


30
Nov 17

Tech Pro Research – CIO roadmap: What’s next for hybrid cloud?

Companies that have implemented hybrid cloud strategies are seeing the benefits, from better ROI to faster digital transformation. But now they must look ahead to new stages of hybrid cloud execution.

In March 2016, IBM surveyed 500 IT decision makers who have implemented hybrid strategies. 26% of the respondents said that they are “gaining competitive advantage through hybrid cloud and are managing their environment in an integrated, comprehensive fashion for high visibility and control.” Of these organizations, 90% reported greater ROI, and 85% reported that a hybrid approach to cloud was “accelerating digital transformation in their organization.”

Hybrid cloud is attractive because it offers companies a middle ground between going “full cloud” and being entirely on premises. It saves money because companies can offload many of their non-mission critical systems to the cloud and avoid investing in new hardware, software, and infrastructure. A hybrid cloud strategy also gives companies the flexibility to maintain their own in-house systems under their own IT staff and governance standards, and even to turn some of these systems into private cloud environments that they themselves create and maintain.

More of the Tech Pro Research post from Mary Schacklett


29
Nov 17

Continuity Central – Common trends and weaknesses in crisis preparedness and business resilience

Victoria Cross, managing partner, Instinctif Partners’ Business Resilience team, discusses the top trends which have emerged from the company’s CrisisOptic and RecallOptic online diagnostic and benchmarking tools over the past year.

In the year since the CrisisOptic and RecallOptic tools have been available, we have helped over 50 businesses and organizations to quantify their business resilience. Three areas have emerged as common weaknesses in crisis preparedness and business resilience strategies and the following article looks at these in turn:

Post-incident review is a weak area

A score of 100 percent is the highest that can be achieved in each category measured, with the Review category (conducting and learning from a post-incident review) being identified as the most common area of weakness. Many of the companies obtained a low score in this area, with some even scoring zero. The average score was 50.7 per cent.

Interestingly, although overall it might be expected that larger companies would generally score more highly, size has not proved a clear indicator of preparedness. In fact, we have seen both global brands and small manufacturers scoring zero in this category.

More of the Continuity Central post


28
Nov 17

ZDNet – Cloud computing: How to build a business case

Like any other major tech project, moving workloads into the cloud needs a solid business case — one that takes into account all the likely costs and benefits — before a company can decide whether it’s the correct move.

Cloud migration may be a tougher proposition than a standard IT project because companies have to consider a wider variety of issues — like what to do with all those servers, or even entire data centers, that may be made redundant by the move.

The business case should calculate the costs of migrating to the cloud — which include the cost of moving systems over, as well as the cost of running services in the cloud after migration — and then compare them to the costs of keeping systems in-house.

More of the ZDNet post from Steve Ranger


24
Nov 17

The Register – VMware refuses to support its wares running in Azure

VMware has responded to Microsoft’s plan to run its stack in Azure, by saying customers who choose that option will have to forego support.

“This offering has been developed independent of VMware, and is neither certified nor supported by VMware,” wrote Virtzilla’s senior veep for product development and cloud services Ajay Patel.” Patel added that no VMware partners have collaborated with the company to build Microsoft’s offering.

VMware’s reason for denying support was explained on the basis that standing up a VMware-based cloud service needs a lot of careful work one does not simply walk into Mordor.

“Our experience has shown public cloud environments require significant joint engineering to run enterprise workloads,” Patel wrote, later charactering VMware-on-AWS as a “a jointly architected, and fully tested and validated cloud service”

More of The Register article from Simon Sharwood


01
Nov 17

Continuity Central – PwC survey highlights massive corporate planning failures when it comes to cyber security

44 percent of the 9,500 executives in 122 countries surveyed say they do not have an overall information security strategy; 48 percent do not have an employee security awareness training programme, and 54 percent don’t have an incident response process.

PwC has published its 2018 Global State of Information Security Survey (GSISS).

Executives worldwide acknowledge the increasingly high stakes of cyber insecurity. 40 percent of survey respondents cite the disruption of operations as the biggest consequence of a cyber attack; 39 percent cite the compromise of sensitive data; 32 percent cite harm to product quality, and 22 percent cite threat to human life.

Yet despite this awareness, many companies at risk of cyber attacks remain unprepared to deal with them. 44 percent say they do not have an overall information security strategy. 48 percent say they do not have an employee security awareness training programme, and 54 percent say they do not have an incident response process.

More of the Continuity Central post


27
Oct 17

HBR – How to Spot a Machine Learning Opportunity, Even If You Aren’t a Data Scientist

Artificial intelligence is no longer just a niche subfield of computer science. Tech giants have been using AI for years: Machine learning algorithms power Amazon product recommendations, Google Maps, and the content that Facebook, Instagram, and Twitter display in social media feeds. But William Gibson’s adage applies well to AI adoption: The future is already here, it’s just not evenly distributed.

The average company faces many challenges in getting started with machine learning, including a shortage of data scientists. But just as important is a shortage of executives and nontechnical employees able to spot AI opportunities. And spotting those opportunities doesn’t require a PhD in statistics or even the ability to write code. (It will, spoiler alert, require a brief trip back to high school algebra.)

More of the Harvard Business Review article from Kathryn Hume


26
Oct 17

Continuity Central – Key trends in business continuity invocations

ach year Sungard AS publishes a summary of its business continuity service invocations, providing useful insights into incident trends. Here Daren Howell presents four key trends from the most recent data.

It’s easy to take for granted or forget the extent to which our lives now rely upon technology that is always on. Every now and again, however, something happens to remind us of this reliance and it’s often an uncomfortable situation for everyone involved. As IT environments become increasingly complex, unfortunately these types of incidents are only going to increase.

Over the past few years, there has been a steady uptick in the number of instances that businesses have required recovery services, reversing what was a long-established downward trend. Businesses are facing an evolving threat landscape, with the increase in malicious cyber attacks, alongside changing working habits that have seen more flexible approaches to the workplace environment and the infiltration of different and more complex technologies such as Artificial Intelligence and the Internet of Things. It’s perhaps, therefore, unsurprising that the need for recovery support is on the rise, however it is not always for the reasons you would expect.

More of the Continuity Central post


04
Oct 17

TechTarget – More users flub evals of colocation data center providers

Colocation data center buyers are needlessly captivated by impressive features at data centers that distract them from important decision-making information.

If enterprises want to make the right colocation decisions, they’ve got to ask better questions.

IT pros in search of a colocation data center for their IT gear today know what’s most important to them: price, physical security and uptime. But increasingly, enterprises ask vague, open-ended questions instead of pointed relevant questions to evaluate and choose a colocation data center provider.

Comparison of colocation data center capabilities is a boring problem solved with a simple recipe: Take the time to research and ask the most appropriate questions, said Peter Kraatz, the national portfolio director of consulting services at Datalink Corp., a data center services provider in Eden Prairie, Minn.

More of the TechTarget article from Robert Gates