Academic Health Science Networks Contribution To Patient Outcomes & Economic Growth

Read post

Balancing Security and Privacy: Embracing an Advanced Cyber Defense Strategy

Read post

The EMC Digital Universe study recently launched its seventh edition. This highly anticipated study always makes a big splash because it focuses industry attention on the incredible growth rates of data. By 2020, the amount of data in our digital universe is expected to grow from 4.4 trillion GB in 2013 to 44 trillion GB.

Some other points from the research that stood out include: Continue Reading

Your thoughts matter

Formula One 2014 rule changes brought massive change and opportunity for the Lotus F1 Team. In order to design a competitive car, the team needed the best IT solutions available from EMC. Learn more about EMC’s role as a technical partner as Lotus F1 Team challenges for a World Championship.

To achieve this goal, Lotus F1 Team must optimize its resources to face the challenges presented by the new 2014 Formula 1 regulations; the most radical design changes since the introduction of the composite monocoque. Continue Reading

Your thoughts matter

I’ve attended EMC world every years since 2007 and for the past several years have coordinated the RSA sessions that are presented there. Once again this year there will be a lot of great content for attendees interested in the themes of security and trust, so some colleagues and I have put together a video that talk about what you can expect at EMC world 2014.  Dave Martin (EMC CSO) speaks about the theme of trust in general at EMC world 2014. Continue Reading

Your thoughts matter
April 15 2014

Last week Microsoft finally stopped support and updates for Windows XP.  Windows XP might rest in peace but for millions of PC’s still running this operating system peace is the last thing they will feel. PC’s running this operating system will continue to work but Microsoft will not issue any new patches for vulnerabilities that may be discovered now.  For the cybercriminal community this is going to be rich pickings for exploiting vulnerabilities in Windows XP and there is expected to be a surge of attacks as cyber criminals have been holding back on exploits, waiting for Microsoft to stop patching Windows XP. Continue Reading

Your thoughts matter

Requirements for data protection have changed over time.  This is in part because more systems and users are creating data, as well as the fact that enterprise applications are critical to nearly all business processes. Equally important is that where the data is located has changed and is now distributed over many devices with expectation of broad accessibility and recoverability.   In this context, data protection becomes more challenging with the volume of data being generated across lots of users, across lots of devices and lots of next gen applications.   In this new software-defined world Continue Reading

Your thoughts matter

I was in Dublin recently to speak once again at the Secure Computing Forum. The theme this year was “Security and Privacy: Getting the Balance Right”, so I talked briefly about the KPMG report that I discussed in my 2013 blog on “Balancing Security and Privacy”, in particular the KPMG conclusion that “A balance can be found between personal privacy and the ability of an organization to protect itself against advanced attacks.”  Continue Reading

Your thoughts matter

As someone who speaks at many conferences and hears (and gives) many keynotes, I was struck by the extraordinary passion and commitment in Art Coviello’s keynote at RSA Conference US this week. His call to action certainly echoed his keynotes of the past several conferences, in his conviction that we – all of us – can and should make a difference in achieving a more secure world.  But never have I heard his speak more eloquently. If you did not have the opportunity to hear his keynote yet, I hope you will check out the video of the keynote on the RSA Conference site. Continue Reading

Your thoughts matter

The recent announcement that the massive data breach at Target was the result of an APT attack has underscored the critical importance of improving our techniques for rapidly detecting, analyzing and responding to APTs. To foster research in this area, Los Alamos National Lab (LANL) recently released an anonymized dataset of DNS activity collected from their internal servers over a two months window (February and March 2013), overlaid with traffic from 20 simulated APT attacks during the month of March. LANL also issued a public challenge to the cybersecurity community to “develop techniques for detecting malicious external domains given the DNS logs for a site and to identify potentially infected hosts in the process.”

RSA’s Alina Oprea and Zhou Li  in collaboration with Peter Chin from Draper Laboratory responded to this challenge. Building on previous work analyzing EMC’s security data, Alina and Zhou began by profiling normal behavior based on the LANL DNS logs from February.  They used this information to analyze the LANL data collected in March to identify domains which had never been visited before by any LANL host.  They also looked for automated activities (not generated by humans), scanned for domains with the same IP subnets as known malicious domains, and performed timing correlation across different hosts. Continue Reading

Your thoughts matter

Several weeks ago, Proofpoint announced that their investigation of a major cyber-attack launched in late December 2013 uncovered the use of more than 100,000 malware-infected consumer devices as the source of malicious email. The devices included “home-networking routers, connected multi-media centers, televisions and at least one refrigerator”. As the Proofpoint announcement noted, this appears to be the first large-scale cyber-attack that takes advantage of the Internet-of-Things to host its “thing-bots”, exploiting the misconfiguration and default passwords of these publicly-networked devices to make them unwitting participants in the attack. Continue Reading

Your thoughts matter

Art Coviello, Executive chairman of RSA, the Security Division of EMC was recently quoted in Computer weekly saying “Mobile malware will rapidly grow in sophistication and ubiquity in 2014″.

In the last few years, we have seen the mobile space explode with malware.  The number of malware and high-risk apps available on the Android platform has crossed the one million mark, growing more than a thousand fold in under 3 years. This is something that is not going to go away and certainly one which organizations need to take heed and act upon.

A recent RSA Fraud report looks at how the threat of mobile malware would appear in the financial industry. Continue Reading

Your thoughts matter