Cisco: Just Because You’re Paranoid…
Apr19

Cisco: Just Because You’re Paranoid…

“Just because you’re paranoid doesn’t mean they aren’t after you.” Joseph Heller, Catch-22   With most of the cybersecurity world gathered in San Francisco for this week’s RSA Conference 2018, the timing was impeccable: on Monday Cisco made significant endpoint and email protection announcements; that was also the day the U.S. Computer Emergency Readiness Team issued a warning that ‘Russian hackers are attacking networking devices, network management protocols and the Cisco Smart Install Client that belong to governments, infrastructure providers and businesses.’ According to the networking giant, more than 168,000 systems are potentially exposed via that client. “Russian state-sponsored cyber actors have conducted both broad-scale and targeted scanning of Internet address spaces. Such scanning allows these actors to identify enabled Internet-facing ports and services, conduct device fingerprinting, and discover vulnerable network infrastructure devices,” said the April 16 alert, which was based on results of analytic efforts between the Department of Homeland Security, the FBI and the United Kingdom’s National Cyber Security Centre. Cisco noted several incidents in a release on April 5. “We are taking an active stance, and are urging customers, again, of the elevated risk and available remediation paths.” While Cisco might rue the timing of the hacker alert, it is generally a good time to be in the cybersecurity business: -the data protection market is expected to grow from $57.22 billion in 2017 to $119.95 billion by 2022, at a Compound Annual Growth Rate of 16%, and, -the total cybersecurity market will grow at a CAGR of 11%, from last year’s $137.85 billion to $231.94 billion by 2022. The reason this market is so hot, is because the threats are escalating even faster: – malware attacks increased 18.4% year-over-year to 9.32 billion in 2017; -while ransomware attacks dropped from 638 million to 184 million between 2016 and 2017, ransomware variants increased 101.2%; -the average organization will see almost 900 file-based attacks per year hidden by SSL/TLS encryption; -32% of breaches affected more than half of respondents’ systems, compared with 15% in 2016; -more than half of all attacks resulted in financial damages of more than $500,000, including, but not limited to, lost revenue, customers, opportunities, and out-of-pocket costs; -complexity is growing: in 2017, 25% of security professionals said they used products from 11 to 20 vendors, compared with 18% in 2016; and, -time to detection has improved from the 39-hour median TTD reported in November 2015, and the 14-hour median reported in 2017. To add injury to insult: -only 66% of organizations are investigating security alerts, and businesses are mitigating less than 50% of attacks they know are legitimate; and, -in almost all breaches (93%), it...

Read More

Intel.. Taking Security to the Silicon Level

When it comes to digital security, the past year or so has delivered multiple lessons with a single conclusion: that whatever people, including individual consumers to business organizations to the IT vendors who serve them, have done or are doing regarding IT security, it isn’t enough. Taken in total, the situation may appear hopeless, but it sets the scene for the new silicon-level security technologies and initiatives that Intel announced this week at the RSA 2018 conference. The problem(s) with security The problems dominating security are two-fold. First, computing endpoints, systems and networks have become so complex that the industry’s decades-long approach of building/promoting numerous individual specialty solutions is at the breaking point in terms of working properly and meeting clients’ needs. Customers themselves bear at least part of the blame for these failures. Not only are most unwilling to learn or do what’s necessary to secure their devices against cybercriminals and exploits, but they also expect those products to work without any impact on performance and functionality. That can be a fatal combination, at least when it comes to protecting identity, financial and other assets. The other problem is that the cyberthreat landscape is growing exponentially. The situation is no longer limited to the prototypical evil hackers long-beloved by the mainstream media and entertainment industries. End users also need to worry about having valuable digital information “mined” or otherwise ripped-off by a variety of well-organized and financed cybercriminals and gangs, state-sponsored espionage rings and corporate thieves. And let’s not forget supposedly trustworthy organizations, like social media players that sell their users’ data with little care or oversight until they get caught. Facebook is currently sweating the spotlight, but it’s not like the company is any kind of “lone gunman” in this regard. Plus, there are bumblers like Equifax and other massive credit and finance companies whose efforts to secure consumer data are, to put it mildly, as deeply careless as they are dumbly clueless. To read the complete article, CLICK HERE NOTE: This column was originally published in the Pund-IT...

Read More
Automation: Coming Soon To Your Network
Mar29

Automation: Coming Soon To Your Network

One of the latest industry buzz words is automation and while network automation is considered to be essential for digital transformation, the dominant trend in IT and Industry 4.0, it is neither new, nor as simple as the marketers would have us believe. Network automation – along with intent-based networking (IBN) and Intent-based analytics (IBA) – is just part of the evolving and expanding software-defined networking (SDN) market, said Scott Raynovich, Founder and Chief Analyst, Futuriom. ‘The [SDN 2.0] goal (of operators, including service providers and cloud network managers) is to remove manual networking configuration from their operations, reducing the cost of operating the network,’ he wrote recently. ‘Service providers, in particular, see SDN 2.0 as a key driver of automation.’ Forrester reported that 80% of IT operations time is spent performing maintenance on the existing network. And with close to half of all network outages are due to manual misconfiguration (Gartner), it’s no wonder the automation market is hot: -the datacenter automation market is projected to grow at plus-18% CAGR through 2022 -68% of automation projects are commissioned to ensure network availability; -the network automation market is expected to grow from $2.32 billion in 2017 to $16.89 billion by 2022, at a Compound Annual Growth Rate (CAGR) of 48.7%; –intelligent automation services – Gartner’s umbrella term for a variety of strategies, skills, tools and techniques that service providers are using to remove the need for labor, and increase the predictability and reliability of services while reducing the cost of delivery by 15-25% annually – so that when 70% of the workload is dealt with by IAS, only 30% of the staff will remain. This month marks the one-year anniversary of the ONAP project (Open Network Automation Platform) and community, which has become the de facto mobile network automation platform for 60% of the world’s mobile subscribers. ‘What ONAP brings to the table — a unified platform for closed-loop automation — is built on years’ of collaborative efforts across open source projects and communities’, stated the Linux Foundation on Tuesday. ‘ONAP is the first open source project to unite the majority of operators (end users) with the majority of vendors (integrators) in building a real service automation and orchestration platform.’ Networking’s 800-pound gorilla is actively pushing automation and SDN, and last month rolled out its Crosswork Network Automation software portfolio. Targeted at service providers with really big networks, the portfolio is designed to ‘offer greater network visibility at scale (mass awareness), data-driven insights (augmented intelligence)and outcome-based automation (proactive control)’, and will typically deliver a 70% improvement in operational efficiency, 30% revenue uplift and a 40% improvement in customer satisfaction, according...

Read More
SD-WAN Wars: VEP-ons of Mass Attraction?
Mar22

SD-WAN Wars: VEP-ons of Mass Attraction?

Enterprise-networking-powerhouse-wannabe Dell (Technologies) EMC, which held the bottom position in an almost-recent top-10 vendor list (although VMware was in 6th place, behind first-place Cisco, and the pretenders to its throne such as HPE/Aruba, Juniper, and Huawei), is looking to make a big splash in the SD-WAN (software-defined wide-area network) puddle with its Virtual Edge Platform family. According to the company, which claims to already serve 98% of the Fortune 500, the new platform family and software bundles enhance SD-WAN to speed digital transformation, and is the first product to use Intel’s D-2100 processor, and the features validated and tested solutions with Silver Peak, VeloCloud and Versa software to simplify and accelerate deployments. The VEP4600, which will start at $1,500, will begin shipping worldwide on April 24. A subset of software-defined networking (SDN) — i.e. technology versus architecture — SD-WAN represents a small fraction of the overall networking market (~5%) but is growing at 59% annually and is expected to be worth $1.3 billion by 2020 (Gartner). 451 Research is a little more pessimistic, putting the market at $1.5 billion by 2021, while IDC is more optimistic — a compound annual growth rate (CAGR) of 69.6% and $8.05 billion by 2021. The 4Q17 SD-WAN market was valued at $147 million, with CY17 up 3.9x over CY16. VeloCloud (acquired by VMware acquired by Dell) was the top vendor with 19% share, followed by Aryaka (17%) and Silver Peak (12%). “Reviewing recent wins, we can see a market that is maturing with a transition from early market adopters to mainstream buyers. Other signs of maturation include expansions at existing clients and incremental product offerings such as security and WAN optimization on top of basic WAN transport virtualization,” said Cliff Grossner, Ph.D., Senior Research Director and Advisor for the Cloud and Data Center Research Practice at IHS Markit. Great growth projections, but on a really small base, when you consider that the overall network market was worth $51 billion last year, and Cisco held 54.3% of it. Dell Technologies, the parent of Dell EMC, lumps networking with its much-larger server business, and in its most recent quarter, 3QFY18, reported overall revenue of $19.6 billion, while the networking/server tandem came in at $3.9 billion, an increase of 32% year over year and 3% quarter over quarter. Still, the SD-WAN market — which Dell has the largest share — is hot, driven by the need to to increase security and reduce appliance sprawl, with 93% of recent survey respondents planning to implement the technology by the end of 2019. It’s a little premature to call it a family yet, Jeff Baher, Senior Director of Product...

Read More

Cisco: Driving Diversity Where It Counts

This is Women’s History Month and I think it is important to highlight companies that are going the extra mile. Cisco stands out because—unlike most tech companies, where diversity is in the lower ranks—Cisco is diverse at the top. Cisco has also fielded the Office of Inclusion and Collaboration, and the Cisco Empowered Women’s network. Finally, Cisco funds the Women of Impact Conference which was held back on the 7th right at the start of Women’s History Month. Let’s talk a bit about each of these events and why it is important for firms like Cisco to give diversity in the workplace more than lip service. To read the complete article, CLICK HERE NOTE: This column was originally published in the Pund-IT...

Read More