December 01, 2022
Kannan Subbiah
FCA | CISA | CGEIT | CCISO | GRC Consulting | Independent Director | Enterprise & Solution Architecture | Former Sr. VP & CTO of MF Utilities | BU Soft Tech | itTrident
Fabric architectures for the data center are essential because of the issue of latency. Componentization of applications, the separation of databases from applications, and the increased interactivity of applications overall have combined to make applications sensitive to network delays. That sensitivity is addressed in the data center by fabric or a low switching architectures, but it also impacts the rest of the network. Few CIOs have included latency requirements in their SLAs in the past, but more are doing so now. In 2023, CIMI Corporation survey data shows that over half of the new network contracts written will include latency requirements, up 15% from 2022 and double the level of 2021. Mesh/fabric architectures connect everything to everything else with minimal delay, but universal connectivity isn’t always a good thing. To control connectivity, data-center networks can employ either explicit connection control—software-defined networks (SDN)—or a virtual network.?
The possibility of regulatory consequences to disclosing incidents drives a wedge between businesses and law enforcement, said Jayan Perera, head of cyber response at London-based Control Risks while testifying Monday before Parliament's Joint Committee on National Security Strategy. "The fear may not be that law enforcement will come and slap the handcuffs on them," Perera told the committee. Rather, they fear that calling police during a cyber incident "will then lead to, you know, some other broader fallout in terms of the regulatory environment." Reporting that allowed businesses to anonymously disclose incidents would result in more data, he suggested. ... Perera wasn't the only one during the hearing to suggest that companies are punished for disclosure. "The comment is also made … that the Americans tend to support their businesses, whereas the other comment also made is that the U.K. tends to find fault when someone gets into trouble," said Lilian Pauline Neville-Jones, a Conservative member of the House of Lords.
“There is a misconception security teams have about how hackers target our networks,” says Alex Spivakovsky, who as vice-president of research at security software maker Pentera has studied this topic. “Today, many security teams hyperfocus on vulnerability management and rush to patch [common vulnerabilities and exposures] as quickly as possible because, ultimately, they believe that the hackers are specifically looking to exploit CVEs. In reality, it doesn’t actually reduce their risk significantly, because it doesn’t align with how hackers actually behave.” Spivakovsky, an experienced penetration tester who served with the Israel Defense Forces units responsible for protecting critical state infrastructure, says hackers operate like a business, seeking to minimize resources and maximize returns. In other words, they generally want to put in as little effort as possible to achieve maximum benefit. He says hackers typically follow a certain path of action: once they breach an IT environment and have an active connection, they collect such data as usernames, IP addresses, and email addresses.
领英推荐
Perception Point’s report notes that one of the key challenges for defenders, is that threat actors have changed their attack toolkits beyond email and the web browser, with attacks on cloud-based apps and services, such as collaboration apps and storage, occurring at 60% of the frequency with which they occur on email-based services. Given that Gartner estimates that nearly 80% of workers are using collaboration tools for work, enterprises not only need to be able to prevent cyberattacks across on-premise and cloud environments that are cost-efficient, but they also need a robust incident response process to resolve security incidents in the shortest time possible. “In terms of the potential risk and damages — prevention of attacks has a greater financial impact on the organization,” said Michael Calev, Perception Point’s VP of corporate development and strategy. “One successful breach for an organization can cause damage amounting to millions of dollars — for bigger companies this could mean a significant loss in revenue, production capabilities, and a hit to their reputation, while for smaller companies it could spell disaster and even the end of their ability to operate,” Calev said.
As data volumes grow, it will become increasingly important to master data observability. A recent study of senior professionals from IDC that was sponsored by my company found that a majority of organizations with the highest data intelligence maturity are on the path toward data quality and data observability. The future is really about what we will observe, and I believe it will move beyond data quality to the volume, frequency and behavior of data. We will start observing the infrastructure side, including how much storage is necessary, how much compute is necessary and how much it is costing. For instance, you might do an integration every night, but suddenly someone has made a small change, and it becomes 100 times more expensive. No one wants that surprise. I expect the scope of what we are observing to expand dramatically into other areas, too, particularly into security and privacy checks to ensure sensitive data is used only in the way it should be. In this cloud world, there are so many possibilities.
“If you’re looking to tighten your belt, the cloud is the place to do it,” said Selipsky – because of the flexibility it offers enterprises when it comes to scaling up or down their operations in the face of fluctuating demand. He went on to share the story of app-based holiday rental company Airbnb which, because of its earlier foray into the public cloud, was better equipped to weather the downturn in demand for its services during the Covid-19 pandemic. “Airbnb was already a significant cloud user,” said Selipsky. “And with all their expertise in the cloud, and the efficiencies that they’ve already captured, they were far more prepared than many others when the bottom fell out of the hospitality industry in 2020. “Airbnb was able to take down their cloud spending by 27% – quickly. And then, when the world began to emerge from the worst of the pandemic, Airbnb was able to quickly turn on the cloud infrastructure that they needed, and continue to drive innovation.”